Abstract: Aiming at the security risk of the moving storage based the Universal Serial Bus(USB) as well as the vulnerability of the recent secure scheme, a design of a security USB2.0 device controller is given, which has the bidirectional authentication using the Hash function and the XTS-AES that is a block-oriented encryption algorithm. It gives the secure scheme for USB device controller such as the bidirectional authentication between the host and the device and the encryption of the memory data. It also gives the technical support for the secure scheme of the USB storage device from the hardware, which protects the stored data on chip level using fewer secret keys.

Key words: Universal Serial Bus(USB), security storage, XTS-AES algorithm, bidirectional authentication, Hash function

摘要： 针对基于通用串行总线(USB)的移动存储设备面临的安全威胁及常见安全机制的弱点，提出一种安全USB2.0设备控制器的设计方案，采用基于哈希函数的双向身份认证协议以及块加密方案XTS-AES算法，为USB接口提供主机与设备的双向身份认证和存储数据加密的安全机制。该方案从硬件层为USB移动存储设备的安全机制提供技术支持，以较少的密钥使用量为存储数据提供芯片级的安全防护。

关键词: 通用串行总线, 安全存储, XTS-AES算法, 双向身份认证, 哈希函数

CLC Number: 

• TP342.3