Content area
Full text
Abstract-The ability to share real-time data among soldiers provides a huge tactical advantage for modern military units. There is, however, significant risk involved in distributing this information across a mobile wireless network. An adversary could capture one or more of the mobile devices, potentially granting access to this data, and putting the entire unit at risk. While there are no feasible ways to completely eliminate this risk, we can effectively reduce the adversary's window of opportunity by requiring multi-factor, revocable authentication to access individual devices and files which are distributed across the mobile network.
While this new protocol does incur some costs, tests show that the costs for this improved security are more than acceptable. Cryptographic operations slow down the request-response process but response time is only increased by 61 milliseconds, which is more than acceptable given the improved security our protocol provides. Additionally, analysis of battery consumption shows that a tablet can send over 2000 requests or respond to over 800 requests with a 1% drop in battery power and a smart phone can make over 300 requests with a similar 1% drop in battery power.
Keywords-multi-factor authentication, mobile devices, security, file-sharing
I. INTRODUCTION
The tactical advantage provided to today's military by secure communication channels transmitting real-time data is evident in "blue force tracking" (BFT) systems, used in military vehicles and command stations to display tactical information such as the locations of other friendly and enemy forces [7, 22]. This technology has been hereto confined to vehicles and ground stations due to the required power level and antenna size, but ideally this type of data sharing should be available to individual soldiers using small, low-power, devices.
One of the most versatile methods for disseminating and displaying information in real time, and the current tool of choice, is a network of hand-held wireless devices [19]. However, these can be easily lost or stolen, potentially giving adversaries access to all the information the owner would have been able to access. To prevent this, devices might encrypt their local storage and require users to enter a short PIN. However, the complexity of PINs are limited, since they must be capable of being entered quickly in combat, making them vulnerable to brute-force cracking.
We introduce, implement,...