{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,29]],"date-time":"2025-11-29T07:34:22Z","timestamp":1764401662939,"version":"3.41.0"},"reference-count":38,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2014,11,17]],"date-time":"2014-11-17T00:00:00Z","timestamp":1416182400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2014,11,17]]},"abstract":"<jats:p>\n            The weakest link in software-based full disk encryption is the authentication procedure. Since the master boot record must be present unencrypted in order to launch the decryption of remaining system parts, it can easily be manipulated and infiltrated by bootkits that perform keystroke logging; consequently, password-based authentication schemes become attackable. The current technological response, as enforced by BitLocker, verifies the integrity of the boot process by use of the trusted platform module. But, as we show, this countermeasure is insufficient in practice. We present STARK, the first tamperproof authentication scheme that\n            <jats:italic>mutually authenticates<\/jats:italic>\n            the computer and the user in order to resist keylogging during boot. To achieve this, STARK implements\n            <jats:italic>trust bootstrapping<\/jats:italic>\n            from a secure token to the whole PC. The secure token is an active USB drive that verifies the integrity of the PC and indicates the verification status by an LED to the user. This way, users can ensure the authenticity of the PC before entering their passwords.\n          <\/jats:p>","DOI":"10.1145\/2663348","type":"journal-article","created":{"date-parts":[[2014,11,24]],"date-time":"2014-11-24T15:29:41Z","timestamp":1416842981000},"page":"1-23","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["Mutual Authentication and Trust Bootstrapping towards Secure Disk Encryption"],"prefix":"10.1145","volume":"17","author":[{"given":"Johannes","family":"G\u00f6tzfried","sequence":"first","affiliation":[{"name":"Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tilo","family":"M\u00fcller","sequence":"additional","affiliation":[{"name":"Friedrich-Alexander-Universit\u00e4t Erlangen-N\u00fcrnberg"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2014,11,17]]},"reference":[{"key":"e_1_2_1_2_1","unstructured":"Benjamin B\u00f6ck. 2009. Firewire-Based Physical Security Attacks on Windows 7 EFS and BitLocker. Secure Business Austria Research Lab.  Benjamin B\u00f6ck. 2009. Firewire-Based Physical Security Attacks on Windows 7 EFS and BitLocker . Secure Business Austria Research Lab."},{"key":"e_1_2_1_3_1","unstructured":"Break & Enter. 2012. Adventures with Daisy in Thunderbolt-DMA-Land: Hacking Macs through the Thunderbolt interface. http:\/\/www.breaknenter.org.  Break & Enter. 2012. Adventures with Daisy in Thunderbolt-DMA-Land: Hacking Macs through the Thunderbolt interface. http:\/\/www.breaknenter.org."},{"key":"e_1_2_1_4_1","first-page":"2","article-title":"Getting physical with the digital investigation process","volume":"2","author":"Carrier Brian D.","year":"2003","journal-title":"Int. J. Digital Evid."},{"key":"e_1_2_1_5_1","unstructured":"R. Carbone C. Bean and M. Salois. 2011. An in-depth analysis of the cold boot attack. Technical Report. DRDC Valcartier Defence Research and Development Canada.  R. Carbone C. Bean and M. Salois. 2011. An in-depth analysis of the cold boot attack. Technical Report. DRDC Valcartier Defence Research and Development Canada."},{"volume-title":"Proceedings of SSTIC\u201909","year":"2009","author":"Devine Christophe","key":"e_1_2_1_6_1"},{"key":"e_1_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Morris Dworkin. 2010. Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices. Special Publication 800-38E. NIST.   Morris Dworkin. 2010. Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices . Special Publication 800-38E. NIST.","DOI":"10.6028\/NIST.SP.800-38e"},{"key":"e_1_2_1_8_1","unstructured":"Ebfe. 2010. Ebfe\u2019s Anti-Bootkit Project. http:\/\/ebfes.wordpress.com\/tag\/bootloader\/.  Ebfe. 2010. Ebfe\u2019s Anti-Bootkit Project. http:\/\/ebfes.wordpress.com\/tag\/bootloader\/."},{"key":"e_1_2_1_9_1","unstructured":"FIPS. 2001. Advanced Encryption Standard (AES). FIPS PUB 197. NIST.  FIPS. 2001. Advanced Encryption Standard (AES). FIPS PUB 197. NIST."},{"key":"e_1_2_1_10_1","unstructured":"Free Software Foundation. 2014. GRand Unified Bootloader. http:\/\/www.gnu.org\/software\/grub.  Free Software Foundation. 2014. GRand Unified Bootloader. http:\/\/www.gnu.org\/software\/grub."},{"volume-title":"Proceedings of the 10th USENIX Security Symposium. USENIX Association.","year":"2001","author":"Gutmann Peter","key":"e_1_2_1_12_1"},{"volume-title":"Thunderbolt: Introducing a new way to hack Macs. (Feb.","year":"2011","author":"Graham Robert David","key":"e_1_2_1_13_1"},{"volume-title":"Proceedings of the 17th USENIX Security Symposium. USENIX Association, 45--60","author":"Halderman J. Alex","key":"e_1_2_1_14_1"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1002\/sec.196"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382536.2382550"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/975817.975820"},{"key":"e_1_2_1_19_1","unstructured":"Clay Johnson. 2006. Protection of Sensitive Agency Information. U.S. Executive Office of the President Washington D.C. 20503.  Clay Johnson. 2006. Protection of Sensitive Agency Information . U.S. Executive Office of the President Washington D.C. 20503."},{"key":"e_1_2_1_20_1","doi-asserted-by":"crossref","unstructured":"B. Kaliski. 2000. PKCS #5: Password-based cryptography specification. RFC. 2898 Internet Engineering Task Force (Ed.). Vol. 2.0. RSA Laboratories.   B. Kaliski. 2000. PKCS #5: Password-based cryptography specification. RFC. 2898 Internet Engineering Task Force (Ed.). Vol. 2.0. RSA Laboratories.","DOI":"10.17487\/rfc2898"},{"key":"e_1_2_1_21_1","unstructured":"KeeLog. 2012. Video Ghost. http:\/\/www.keelog.com\/hardware_video_logger.html.  KeeLog. 2012. Video Ghost. http:\/\/www.keelog.com\/hardware_video_logger.html."},{"key":"e_1_2_1_22_1","unstructured":"KeyGhost. 2006. PCI \/ Mini-PCI Hardware Keylogger. http:\/\/www.keyghost.com\/PCI-MPCI-Keylogger.htm. KeyGhost Ltd.  KeyGhost. 2006. PCI \/ Mini-PCI Hardware Keylogger. http:\/\/www.keyghost.com\/PCI-MPCI-Keylogger.htm. KeyGhost Ltd."},{"key":"e_1_2_1_23_1","unstructured":"Peter Kleissner. 2009. Stoned Bootkit. Black Hat.  Peter Kleissner. 2009. Stoned Bootkit. Black Hat."},{"volume-title":"Proceedings of the Hack In The Box Conference (HITBSecConf).","year":"2009","author":"Kumar Nitin","key":"e_1_2_1_25_1"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSN.2011.19"},{"volume-title":"Technical Report. In Proceedings of the Black Hat Conference.","year":"2012","author":"Loukas K.","key":"e_1_2_1_27_1"},{"key":"e_1_2_1_28_1","unstructured":"Fabian Mihailowitsch. 2010. Detecting hardware keyloggers. In Proceeding of the HITB SecConf.  Fabian Mihailowitsch. 2010. Detecting hardware keyloggers. In Proceeding of the HITB SecConf ."},{"volume-title":"Proceedings of the 20th USENIX Security Symposium. USENIX Association.","year":"2011","author":"M\u00fcller Tilo","key":"e_1_2_1_29_1"},{"key":"e_1_2_1_31_1","unstructured":"Tilo M\u00fcller Hans Spath Richard M\u00e4ckl and Felix Freiling. 2013. STARK tamperproof authentication to resist keylogging. In (FC13) Financial Cryptography and Data Security. International Financial Cryptography Association.  Tilo M\u00fcller Hans Spath Richard M\u00e4ckl and Felix Freiling. 2013. STARK tamperproof authentication to resist keylogging. In (FC13) Financial Cryptography and Data Security . International Financial Cryptography Association."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31284-7_5"},{"key":"e_1_2_1_34_1","unstructured":"Ponemon. 2011. 2010 Annual Study: U.S. Cost of a Data Breach. Symantec. Ponemon Institute LLC.  Ponemon. 2011. 2010 Annual Study: U.S. Cost of a Data Breach . Symantec. Ponemon Institute LLC."},{"key":"e_1_2_1_35_1","unstructured":"Joanna Rutkowska. 2009. Evil Maid goes after TrueCrypt. The Invisible Things Lab.  Joanna Rutkowska. 2009. Evil Maid goes after TrueCrypt. The Invisible Things Lab."},{"key":"e_1_2_1_36_1","unstructured":"Joanna Rutkowska. 2011. Anti Evil Maid. The Invisible Things Lab.  Joanna Rutkowska. 2011. Anti Evil Maid. The Invisible Things Lab."},{"volume-title":"Proceedings of the EUSecWest\u201909","year":"2009","author":"Rutkowska Joanna","key":"e_1_2_1_37_1"},{"volume-title":"Proceedings of the Annual CanSecWest Applied Security Conference.","author":"Anibal","key":"e_1_2_1_38_1"},{"key":"e_1_2_1_39_1","unstructured":"SECUDE. 2012. U.S. Full Disk Encryption 2011 Survey.Research SECUDE AG.  SECUDE. 2012. U.S. Full Disk Encryption 2011 Survey .Research SECUDE AG."},{"volume-title":"In Proceedings of the International Conference on Virtual Execution Environments.","year":"2009","author":"Shinagawa Takahiro","key":"e_1_2_1_40_1"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/1059524.1059554"},{"key":"e_1_2_1_43_1","unstructured":"TrueCrypt. 2012. TrueCrypt: Free open-source on-the-fly disk encryption software for Windows 7\/Vista\/XP Mac OS X and Linux. TrueCrypt Foundation. http:\/\/www.truecrypt.org\/.  TrueCrypt. 2012. TrueCrypt: Free open-source on-the-fly disk encryption software for Windows 7\/Vista\/XP Mac OS X and Linux. TrueCrypt Foundation. http:\/\/www.truecrypt.org\/."},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00587-9_12"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.camwa.2012.06.018"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2663348","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2663348","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:12:47Z","timestamp":1750227167000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2663348"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,11,17]]},"references-count":38,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2014,11,17]]}},"alternative-id":["10.1145\/2663348"],"URL":"https:\/\/doi.org\/10.1145\/2663348","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"type":"print","value":"1094-9224"},{"type":"electronic","value":"1557-7406"}],"subject":[],"published":{"date-parts":[[2014,11,17]]},"assertion":[{"value":"2013-11-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2014-08-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2014-11-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}