Abstract
Secure USB products with security technology applied for safe data storage and storage of users have appeared. Secure USB products include user authentication technology, encryption/decryption technology, access control technology, and data deletion technology. Password authentication technology is widely used for user authentication. The objective of this study was to analyze vulnerabilities of password authentication technology based on the secure USB memory “product D” and identify possible vulnerabilities in advance based on analysis results. Results of the analysis revealed a vulnerability of the password authentication technology of “product D” and that user data could be stolen by bypassing the authentication.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Lee, J.: Password authentication bypass vulnerability in bio-fingerprint-aware USB 3.0 memory (BF10S). Korea Information Security Agency, KVE-2021-0166 (2021)
Lee, S.H., Kwak, J., Lee, I.Y.: The study on the security solutions of USB memory. In: Proceedings of the 4th International Conference on Ubiquitous Information Technologies & Applications, pp. 1–4 (2009)
Lee, K., Jang, W., Lee, S.Y., Yim, K.: Vulnerability analysis of secure USB: based on the password authentication of product B. In: Proceedings of the Korea Information Processing Society Conference, pp. 155–157 (2018)
Lee, K., Oh, I., Lee, Y., Lee, H., Yim, K., Seo, J.: A study on a secure USB mechanism that prevents the exposure of authentication information for smart human care services. J. Sens. 2018, 1–17 (2018)
Lee, K., Yim, K., Spafford, E.H.: Reverse-safe authentication protocol for secure USB memories. J. Secur. Commun. Netw. 5, 834–845 (2012)
Jeong, H., et al.: Vulnerability analysis of secure USB flash drives. In: 2007 IEEE International Workshop on Memory Technology, Design and Testing, pp. 61–64 (2007)
Kim, J., Lee, Y., Lee, K., Jung, T., Volokhov, D., Yim, K.: Vulnerability to flash controller for secure USB Drives. J. Internet Serv. Inf. Secur. 3, 136–145 (2013)
Kim, M., Lee, K., Yim, K.: Vulnerability analysis of secure disk: based on backup feature of product A. In: Barolli, L., Xhafa, F., Conesa, J. (eds.) BWCCA 2017. LNDECT, vol. 12, pp. 386–391. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-69811-3_35
Grand, J.: Attacks on and countermeasures for USB hardware token devices. In: Proceedings of the Fifth Nordic Workshop on Secure IT Systems, pp. 12–13 (2000)
Magdum, A.N., Patil, Y.M.: A secure data transfer algorithm for USB mass storage devices to protect documents. Int. J. Emerg. Eng. Res. Technol. 2, 78–84 (2014)
Acknowledgments
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. NRF-2021R1F1A1050542).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Jung, W., Yim, K., Lee, K. (2022). Vulnerability Analysis of a Secure USB Memory: Based on a Commercial Product D. In: Barolli, L. (eds) Advances on Broad-Band Wireless Computing, Communication and Applications. BWCCA 2021. Lecture Notes in Networks and Systems, vol 346. Springer, Cham. https://doi.org/10.1007/978-3-030-90072-4_30
Download citation
DOI: https://doi.org/10.1007/978-3-030-90072-4_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90071-7
Online ISBN: 978-3-030-90072-4
eBook Packages: EngineeringEngineering (R0)