22
HDD Lock Department of Electrical & Computer Engineering HDD Lock Advisor: Michael Zink
| Date post: | 19-Dec-2015 |
| Category: |
Documents |
| View: | 217 times |
| Download: | 0 times |
HDDLock
Department of Electrical & Computer Engineering
HDDLock
Advisor:
Michael Zink
HDDLock
Department of Electrical & Computer Engineering
Team Organization
Project Lead:Fadi Maalouli
Web & Software Development:
Brigit Lyons
Software Development:
Anthony Panetta
Hardware Development:
Renzo Silva
2
HDDLock
Department of Electrical & Computer Engineering
Outline• Problem Statement • Existing Products• Our Solution• Overall Operation • Security Analysis• Description of Main Components
Requirements Implementation Cost
• Design Challenges• MDR Deliverables
3
HDDLock
Department of Electrical & Computer Engineering
Problem Statement
•Hard drives contains a lot of information• Easy to lose or get stolen• Secure Important Data on your Hard Drive
ThievesHackersCoworkers
• Secure Personal Data From Family membersFrom Friends
4
HDDLock
Department of Electrical & Computer Engineering
Existing Product
•Software that encrypts your entire Hard DriveTrueCryptSafeGuard® EasySafeHouse ExplorerSeagate Self-Encrypting Drives•They have static password protection Not effective
5
HDDLock
Department of Electrical & Computer Engineering
Our Approach Secure any non-bootable SATA HDD Use phone as hard token to lock/unlock data
stored on HDD Locking/Unlocking requires 2-tiered user
password authentication, hardware authentication, and physical locality
6
HDDLock
Department of Electrical & Computer Engineering
Design Overview
Website
Account Database
Bluetooth Module
7
HDDLock
Department of Electrical & Computer Engineering
Typical Use Scenario
Website
Account Database
Bluetooth Module1
2
3
4
8
HDDLock
Department of Electrical & Computer Engineering
Security Concerns
Database hack Phone identity spoofing Eavesdropping Brute force attack to crack encryption
9
HDDLock
Department of Electrical & Computer Engineering
System Components• Server• Android Application• Bluetooth Module
10
HDDLock
Department of Electrical & Computer Engineering
Server
User Accounts
Database
Query Database
Website
User Account Administration
Encryption Module
Message to Phone
Message from Phone
11
HDDLock
Department of Electrical & Computer Engineering
Server
• Website provides interface for account administration• Create account, change password, register Bluetooth module/Phone, etc.
• Communications to and from website will be encrypted• Decrypted only by Bluetooth module
• Database as backend of website• User account information• Registered phone IDs• Registered Bluetooth modules• Encryption keys
12
HDDLock
Department of Electrical & Computer Engineering
Android Application
Convert Bluetooth Packet to Wireless (WiFi/3G) Packet
Convert Wireless (WiFi/3G) Packet to Bluetooth Packet
Account Login/Validation
Login Phase
HDD Usage Phase
Android
Message To Bluetooth Module
Message From Bluetooth Module
Message To Bluetooth Module
Message To Website
Message To Website
Message From Website
13
HDDLock
Department of Electrical & Computer Engineering
Android Application
• Communication with Bluetooth module• Detect and register Bluetooth modules• Lock/unlock message• Encrypted communications
• Communication with website• Convert between Bluetooth packets and wireless (WiFi/3G) packets• Access user account and gain information to communicate with selected
Bluetooth module• Encrypted communications
• The phone will not be able to decrypt• Only relays encrypted messages between website and Bluetooth module
• Develop using the Android SDK Eclipse plugin
14
HDDLock
Department of Electrical & Computer Engineering
Dynamic Encryption
• Encrypted network communications• 128-bit AES encryption
• Database and Bluetooth module share an encryption key• Key changes upon unlock
• Website creates new key• New key encrypted using old key• Bluetooth module decrypts and stores new key
• Provides another layer of protection against attackers
15
HDDLock
Department of Electrical & Computer Engineering
Hardware StructureUnlock
Power Up
SecurityReport. DocClientSS.doc Account #’s
Decryption
Request
Retrieve Key
Decrypt F
ile
Make File Names Available
Bluetooth Device
Encrypted Information. No one can
16
HDDLock
Department of Electrical & Computer Engineering
Security Lock ControllerProcessorBlueCore 5MM with 8MBit internal flash512k EEPROM
Power Supply5V regulated stand-aloneLithium rechargeable battery, 4.2V, 100-500mAH3V primary cell
Bluetooth Module:AIRcable SMDWirelessly Programmable Micro Controller
Event Handling4 Simultaneous ConnectionsPIN code requestPIN code limit: 15 characters
Performancemax 1000 lines per second
Port AccessParallel IO ports, 12 ports TTL level, 5V tolerant
17
HDDLock
Department of Electrical & Computer Engineering
Data EncryptionSeries Intel AtomClock Rate 1600 MHzFront Side Bus 533 MHzLevel 1 Cache 56 KBLevel 2 Cache 512 KBMax. Power 2.5 Watt
18
HDDLock
Department of Electrical & Computer Engineering
Design Challenges and Limitations
• Hardware and Software Security• Small, Fast and intuitive interface• Encrypting at a minimum speed of 3Gb/s• Interfacing with the operating system
19
HDDLock
Department of Electrical & Computer Engineering
Cost Analysis
AIRCable SMD $60Intel Atom $40Web Hosting $5/monthSata receptacle (data/power) $2.5/eachThe Sata Cables (power/data) $2.5/each
20
HDDLock
Department of Electrical & Computer Engineering
Deliverables for MDR
• Working encryption algorithm• Basic phone application• Basic Bluetooth communication• Design of Bluetooth module
21
HDDLock
Department of Electrical & Computer Engineering
Questions?
22
