As computing evolves from the early data processing center paradigm to the ubiquitous computing paradigm the portability and security of applications and data comes to the fore. Flash memory devices, such as key drives, allow users to easily carry data and applications. The key drive is simply inserted into a computer at which time an application running on the key drive is launched. The user then interacts with the application. The user's interactions often involve reading and storing data that is also stored in the key drive. As such, the data and applications stored on the key drive are central to the user's needs while the computer that is used becomes unimportant.
A computer is a device characterized by a processor, memory, and input/output (I/O) devices. A user can interact with a computer using a human interface device (HID) such as a keyboard or a mouse. The computer can present information to the user using a display device. The computer runs programs, or applications, for the benefit of the user. Users use word processing applications to create documents, drawing applications to create pictures, and gaming applications to have fun. The application itself is usually stored on a nonvolatile memory device, such as a hard drive or flash drive, from which the computer can load it and then execute it. The user sends input to the application via the HID and observes the results via the display. The HID uses a communication port to send user input to the computer which receives it using another communications port. The computer passes then user input to the application.
Computer memory can be categorized as volatile or nonvolatile. A volatile memory is one that loses its contents when it loses power. A nonvolatile memory is one that retains its contents for a meaningful period of time after it loses power. Floppy disks, magnetic tape, compact disks, digital video disks, computer hard drives, and flash memory are types of nonvolatile memories. Flash memories are used in pen drives, memory cards, and memory sticks. Many nonvolatile memories are packed with a write protect switch. The write protect switch has an engaged position and a disengaged position. Placing the write protect switch in the disengaged position prevents data from being written into the nonvolatile memory. As such, flipping a switch causes a nonvolatile memory to become a read-only nonvolatile memory.
In all computing environments, the security of the user's data is important. Different security technologies are available. In current technology, the level of security offered by secret key technologies, such as the data encryption standard (DES) or offspring triple DES (DES), is largely replaced by public key technologies. Public key technologies use a key pair with one key often called a public key and the other called a private key. The keys in a key pair can also be called, and used as, an encryption key and a decryption key. In typical operation, data encrypted with one key is decrypted with the other and vice versa. Key pairs are usually unique meaning that each public key has only one corresponding private key. Furthermore, a person with one of the keys can encrypt data but can not decrypt it because it is difficult to find the corresponding key in the key pair.
FIG. 8, labeled as “prior art”, illustrates an encryption module 801 that has an encryption key 802. An encryption module 801 can encrypt data. Some encryption modules selectively encrypt data, meaning that they identify certain types of data to encrypt or other types of data to leave unencrypted.
With public key technology, a person with one of the keys rarely has the corresponding key in the key pair. The difficulty of determining the corresponding key, thereby compromising the key pair, depends on the key length. The longer the keys are, the harder it is to compromise the key pair. Those skilled in the arts of data encryption, cryptography, or decryption are aware of many aspects and implementations of public key encryption.
One way to decrypt data that has been encrypted is called a brute force attack. An attacker has one key and can use it to encrypt some data. A brute force attack uses all the possible decryption keys until one of them successfully decrypts the data.
Another attack is called a dictionary attack. The attacker encrypts many, and sometimes all, of the possible pieces of data to produce a dictionary. When given encrypted data the attacker simply finds the encrypted message in the dictionary and thereby finds the decrypted data. Dictionary attacks are most effective when there are a limited number of possible pieces of data. For example, dictionary attacks have worked well against passwords because most passwords fall into a few categories such as names and nouns.
A third type of attack is called a statistical attack in which the attacker gathers many different pieces of encrypted data. The most common piece of encrypted data probably corresponds to the most commonly used piece of data. For example, consider a series of messages, each containing many pieces of encrypted data. If the second piece of data is always the name of the author, then the most commonly occurring second piece of data corresponds to the name of the most prolific author. This fact can be used to attack the rest of the data.
One defense against dictionary attacks or statistical attacks is to use a random salt. A random salt is a random number or character sequence that is prepended or appended to a datum. For example, a communication with ten possible datums, or values, can be attacked using a dictionary with ten entries. A random salt having one million possible permutations can be appended to the datum. Now the dictionary must have ten million entries. The random salt can be obtained from a random number generator. Those skilled in the art of computer programming and computer architecture are familiar with hardware based and software based random number generators. Those skilled in the art of encryption are familiar with random salts.
Another attack that has been successfully used to obtain a user's data is called key logging. The attacker intercepts every HID input and keeps track of it. On subsequent examination, the attacker can often discover valuable information. The spyware epidemic currently infecting the internet includes key loggers. People go through great efforts to clean their computers by removing malicious programs, such as spyware.
Yet another attack for obtaining a user's data is replacing a trusted application module with a compromised or forged application module. A compromised application module is an application module, such as a web browser, that the attacker has altered. The alterations can be designed to steal data and send it to the attacker. The alterations can also be designed to attack other computers on a network. A forged application module is an application module that appears to be genuine, but is not. For example, a user buys a word processor that comes packaged on a compact disk (CD). The attacker, however, has managed to replace the word processor with another program that appears the same, but also steals data. The user installs the forged application module and becomes a victim.
Compromised and forged applications are often detected through the use of checksums or secure hash functions. Checksums and hash functions are algorithms that read in data and produce a number called a signature. For example, a hash function can read an application module, treating it as data, and produce the signature 5,551,212. If, at a later time, the signature is calculated as 666, then the user knows that the application module has changed. Software distributors often distribute signatures along with their programs so that forging can also be detected. The current state of the art is the secure hash algorithm (SHA) family of hash functions that are replacing the previously popular MD5 hash function. Those practiced in the art computer security are familiar with checksums, secure hash functions, and digital signatures for application modules.
People carrying applications and data in personal and portable nonvolatile storage devices, however, must either use clean computers or risk data theft. The reason is that a public computer or a friend's computer can have spyware. Current technology is limited in that it does not provide for portable applications and data, such as those stored on a key drive, to be safely used on an insecure computer. Current technology is also limited in that it does not allow user inputs, such as those entered using a keyboard or mouse, to be entered into an insecure computer.