Smart Secure USB

Secure USB flash drives protect the data stored on them from access by unauthorized users. USBs have been in the market since 2000, and their use is increasing exponentially. As both consumers and businesses have increased demand for these drives, manufacturers are producing faster de

Project Title

Smart Secure USB

Project Area of Specialization

Cyber Security

Project Summary

Secure USB flash drives protect the data stored on them from access by unauthorized users. USBs have been in the market since 2000, and their use is increasing exponentially. As both consumers and businesses have increased demand for these drives, manufacturers are producing faster devices with greater data storage capacities. But general user's and corporate sector faces particular risk when their sensitive data, that is stored in USBs gets lost or when picked up by unauthorized person  This data can be of significant nature, including the loss of customer data, financial information, business plans or any other personal/confidential information.

The basic idea behind this project is to design a USB which will serve as secure channel for data storage and transfer within organization and for general digital users. Smart Secure USB (SSU-256) will protect data by authenticating the user and making use of modern encryption technique(AES-256,XTS mode), thus providing multi layer security.SSU-256 will give user facility of fingerprint authentication. It will be used to compare a user’s fingerprint to a stored fingerprint template in order to validate a user’s identity. Because we are all born with unique fingerprints, fingerprint scans are an inherent factor or “something you are,” making them impossible to guess and difficult to alter or fake. Along with fingerprint authentication AES-256(XTS mode) will be used to encrypt data. Specific compartments will be given to different users(a user will only have access to his own compartment) thus this factor will add more security to your data. In addition users have the leverage of encrypting different files in his/her compartment even with different passwords which adds 3rd layer of security alongwith fingerprint based authentication and AES encryption.

In the situation, USB gets lost or is picked by a third person, the unauthorized person will have no access to data. Hence making it easy for user to store and transfer sensitive data.

Since these highly secure encryption and authentication techniques are brought into use there will be no loss of data as a result users will be able to store and transfer their sensitive data securely through SSU-256.

Project Objectives

Smart Secure USB(SSU-256) have the following main features:

• Authentication using Fingerprint Module due to its following distinct features

1. Accurate

2. Fast

3. Affordable

4. Convenient

• Fingerprint authentication based separate compartments for each user which will bring extra security to the stored data.

• Key derivation using PBKDF2.

• AES-256 (XTS mode) based  Encryption/Decryption.

• Encryption of different files in user compartment even with different password.

• User friendly Graphical User Interface(GUI).

• Compact Hardware designing to make a portable device.

Project Implementation Method

On plugging SSU-256 with system a GUI will appear on screen with option to log in as an administrator or a user. Admin will have the authority to enroll/delete any user. Fingerprint authentication will be required for logging in both as an administrator or a user. Admin will be able to register a user by registering his Fingerprint and username, specific storage(compartment) will be assigned to registered user. Admin will have complete authority to delete user at any time.

If a person login as a user (after fingerprint authentication) he will have access to his data (Encrypted form) to decrypt/encrypt files he will have to enter password.For our desired results we chose the XTS mode of AES-256 encryption and key for encryption will be generated through PBKDF2. This password based key derivation technique will make password cracking much more difficult. 

User will only be able to read/write his files if his entered password is verrified. A user will have access to his own compartment only, he will not be able to get into anyone else’s compartment.  

An important factor of SSU-256 is that both encryption and authentication are independent of each other thus providng dual layer of security.

Our USB provides two options to log in, a person can either log in as an adminstrator or a general user.

USER:When user will plug in SSU-256 a GUI will appear asking for the user's fingerprint.If the user gets authenticated he will have access to his own compartment.All his files will be visible to him but in encrypted form.A password will be required for decrypting files.

ADMINISTRATOR:Admin will have authority to enroll or delete any user.Even admin will have to enter his fingerprint in order to log in as an admin. 

Benefits of the Project

 Following are the benefits of using SSU-256:

• Safe enough to store and transfer sensitive data
• Multiple Users
• Faster Authentication and Encryption
• Can Encrypt/Decrypt different files with different passwords.
• Reasonable as compared to other devices available in market
• Easy to use
• Plug n Play device
• Following are its application areas:

1. Law and Enforcement Agencies
2. Strategic Organizations
3. Banks
4. Corporate Sector
5. Teleco's
6. General Users

Technical Details of Final Deliverable

The device is designed in such a way that on plugging it, a GUi will appear which will give option to the user to use device either as an administrator or general user. A fingerprint will be required for authentication to proceed as a user or administrator. We are implementing fingerprint authentication because fingerprints can’t be leaked “over the shoulder.” It is one of the most popular biometric modalities that is widely accepted around the world. For registration, fingerprint will be scanned twice(for both admin and user) and stored in a database.

After authentication as admin, he will have right to enroll or delete users. After successful registration of new user, a specific compartment will be allotted to that particular user, and he will not have access to other user’s compartments.

After authentication as user, he will have access to his specific compartment where data will be in encrypted form. We are using AES-256 in XTS mode which is the newest block cipher mode .It uses two AES keys. These keys will be derived from Password Based Key Derivation Function(PBKDF2). It applies a pseudorandom function to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations.

One key is used to perform the AES block encryption, the other is used to encrypt a value what is known as a "Tweak". This encrypted tweak is further modified with a Galois polynomial function (GF) and XOR with both the plain text and the cipher text of each block. The GF function provides further diffusion and ensures that blocks of identical data will not produce identical cipher text. This achieves the goal of each block producing unique cipher text given identical plain text without the use of initialization vectors and chaining. In effect, the text is almost (but not quite) double-encrypted using two independent keys.

A password will be required for decrypting data. Decryption of the data is accomplished by reversing the above mentioned process. Now user will be able to read/write his files.(User can also use different passwrd for different files).

Assigning of specific compartments, fingerprint authentication, use of PBKDF2 and AES encryption enhances the security of SSU-256.

Final Deliverable of the Project

HW/SW integrated system

Core Industry

IT

Other Industries

Security

Core Technology

Others

Other Technologies

Sustainable Development Goals

Industry, Innovation and Infrastructure

Required Resources

If you need this project, please contact me on contact@adikhanofficial.com