Beruflich Dokumente
Kultur Dokumente
MobileAidedEncryptedWebFile yp System
EncryptedfilesarestoredonWeb dfl d b
ECOM6031 ProjectPart1
Labdemonstration
I.MobileAidedEncryptedWebFileSystem II.TheusageofTruecrypt II The usage of Truecrypt
Keysstoredinserver,sentviaSMS
WhenPCisconnectedtoaMobile PC is able to decrypt and display files PCisabletodecryptanddisplayfiles fromWebaftergettingakeyfrom Mobile IfPCisdisconnectedfromtheMobile FilescannotbedecryptedonClientSide Demoisavailable
2
Architecture
Architecture
Serverside(1) S id (1)
Keydistributionserver y
Checkkeyrequestinan incomingSMS incoming SMS Verifythephonenumber intheSMS Sendanencryptedkey backthroughSMS
Serverside(2) S id (2)
Fileserver
Authenticateanylogin user. user Retrievethekeysentto userfromkeydistribution server. Encryptfileswiththekey usingAES,etc. i AES t
Architecture
Architecture
Keydistribution K di t ib ti
Userexperience U i
Step1: S 1
Keymanagementandpreparation
Filename:F F File name: F1,F2, Fileencryptionkeys:KAES1,KAES2, (relatedtoF1,F2,) Encryptedfiles:C Enc(F ,K ),C Enc(F ,K ), Encrypted files: C1=Enc(F1, KAES1), C2=Enc(F2, KAES2), Onetimekey(sessionkey):KOT (itisgeneratedand usedforeachsession) Encryptedkeys:CK1=Enc(KOT,KAES1),CK2=Enc(KOT,KAES2), IMEIdependentnumber:KOT XOR IMEI=NIMEI (which willbetransmittedviaanSMS).Forsimplicity,XOR ill b t itt d i SMS) F i li it XOR computationisusedhere.
7
UserPaulloginstotheFileServer byusingusernameand passwordandwillgetafilelistincludingsomefiles,eg. password and will get a file list including some files eg Cisc.txtandhku.txt. Sincethefilesareencrypted,afterlogin,aJavaApplet will yp g pp beruntocheckthepresenceofKOT (UIaswindowW1). IfKOT isgiven,theappletcangoontodothedecryption.If not,awarningmessagewillbeshown. i ill b h
F1 Cisc.txt F2 Hku txt Hku.txt Errorduringkeyretrieving GetsecretkeyKOT ?
8
W1
Userexperience U i
Userexperience U i
Step2: S 2 IfKOT isnotgiven,theappletcannotdecryptthefile whichtheuserwanttoopen. which the user want to open ThentheuserneedtorunanApp intheclientside mobilephonetosendarequestSMStoserverand mobile phone to send a request SMS to server and receiveNIMEI fromKeyDistributionServerviaanSMS. Actually, user need to request NIMEI before he want to Actually,userneedtorequestN beforehewantto readsomefiles.
Step3: S 3
IfNIMEI isreceivedsuccessfully,theAppwillparseit withsomeuniqueinformation,eg.IMEI,IMSI,etc.,to with some unique information eg IMEI IMSI etc to extractthesessionkeyKOT. IftheappletcangetacorrectKOT frommobile pp g OT phone,theusercanclickonanyfilelistedtoseethe content.(eg.,KOT isusedtocomputeKAES2,KAES2 is usedtodecryptfile2). used to decrypt file2)
W1 F2 Hku.txt The U i Th University of H it f Hong Kong is the territory's oldest university W2
10
11
12
UsageofTruecrypt U fT t
UsageofTruecrypt(contd) U fT t ( td)
AboutTruecrypt
Freeopen sourcediskencryptionsoftware Free opensource disk encryption software Createsavirtualencrypteddiskwithinafileand mountsitasarealdisk. mounts it as a real disk Encryptsanentirepartitionorstoragedevice
Ourdemosoperations
Createasecurevirtual volume Setpasswordandkeyfile Mount/dismounta / securefileasadisks p partition
Preparation
Downloadwww.truecrypt.org/downloads Download www.truecrypt.org/downloads Tutorialwww.truecrypt.org/docs/?s=tutorial
13
14
Createasecurevirtualvolume C t it l l
Setpasswordandkeyfile S t d d k fil
Previouskeyfile 02.jpg Now tc110208 kf Now tc110208_kf
15
16
Mountasecurevolume M t l
Passwordis required Keyfileisalso required
Successfullymounting S f ll ti
An1Gbvolume hasbeen successfully mounted
17
18
Openfileintheencrypted p yp volume
Beforemounting
19
20
Keyfiles K fil
Randomkeyfilegenerator R d k fil t
Keyfileisafilewhosecontentiscombinedwithapassword (forinformationonthemethodusedtocombineakeyfile (for information on the method used to combine a keyfile withpassword. Untilthecorrectkeyfileisprovided,novolumethatuses y p , thekeyfilecanbemounted. Anykindoffile(forexample,.txt,.exe,mp3**,.avi)canbe usedasaTrueCryptkeyfile(however,werecommendthat youprefercompressedfiles,suchas.mp3,.jpg,.zip,etc).
21
22
Q&A &
Thankyou! Thank you!
23