Implementation of a TPM-Based Security Enhanced Browser Password Manager
Implementation of a TPM-Based Security Enhanced Browser Password Manager作者机构:School of Information Renmin University of China
出 版 物:《Wuhan University Journal of Natural Sciences》 (武汉大学学报(自然科学英文版))
年 卷 期:2016年第21卷第1期
页 面:56-62页
核心收录:
学科分类:0839[工学-网络空间安全] 08[工学] 081201[工学-计算机系统结构] 0812[工学-计算机科学与技术(可授工学、理学学位)]
基 金:Supported by the National Natural Science Foundation of China(61472429,61070192,91018008,61303074,61170240) the Beijing Municipal Natural Science Foundation(4122041) National High-Technology Research and Development Program of China(863 Program)(2007AA01Z414)
主 题:trusted platform module(TPM) password manager trusted encryption decryption
摘 要:In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is ***: In order to enhance the security of a browser password manager, we propose an approach based on a hardware trusted platform module (TPM). Our approach encrypts users' passwords with keys generated by the TPM, which uses a master password as the credential for authorization to access the TPM. Such a hardware-based feature may provide an efficient way to protect users' passwords. Experiment and evaluation results show that our approach performs well to defend against password stealing attack and brute force attack. Attackers cannot get passwords directly from the browser, therefore they will spend incredible time to obtain passwords. Besides, performance cost induced by our approach is acceptable.
维普期刊数据库
同方期刊数据库