About Us Our Work Employment News & Events
MITRE Remote Access for MITRE Staff and Partners Site Map
Our Work

Follow Us:

Visit MITRE on Facebook
Visit MITRE on Twitter
Visit MITRE on Linkedin
Visit MITRE on YouTube
View MITRE's RSS Feeds
View MITRE's Mobile Apps
Home > Our Work > Technical Papers >

SeRPEnT: Secure Remote Peripheral Encryption Tunnel

January 2012

David Weinstein, The MITRE Corporation
Xeno Kovah, The MITRE Corporation
Scott Dyer, The MITRE Corporation

ABSTRACT

Client endpoint systems are a prime target for attackers of every sophistication level. These systems take part in many transactions demanding a degree of trust that cannot be placed in a general-purpose, commodity, computer system. We propose that these sensitive transactions can be made more secure by creating a new kind of trusted path, one that connects a server directly to a client's hardware peripherals. This capability has been designed to isolate a compromised endpoint from its peripherals during security sensitive applications. Such connectivity could be made unforgeable, strong against eavesdropping and tied to a user's credentials using end-to-end cryptography.

We present a prototype Secure Remote Peripheral Encryption Tunnel (SeRPEnT) for the Universal Serial Bus (USB). Our device is a small, low-power "cryptographic switchboard" that tunnels connected peripherals to a server with Virtual Machine(VM)-hosted applications. SeRPEnT can also pass-through devices to the client system, allowing normal use of the local system by the user. SeRPEnT enables secure transactions between the user and server applications by only allowing input to these VMs to originate from our portable embedded device. SeRPEnT thus drastically reduces the attack surface currently exposed to an adversary.

View/Download Document

Additional Search Keywords

Secure Remote Peripheral Encryption Tunnel, SeRPEnT, client endpoint systems, end-to-end cryptography, Universal Serial Bus, USB, trusted computer paths

 

Page last updated: June 14, 2012   |   Top of page

Homeland Security Center Center for Enterprise Modernization Command, Control, Communications and Intelligence Center Center for Advanced Aviation System Development

 
 
 

Solutions That Make a Difference.®
Copyright © 1997-2013, The MITRE Corporation. All rights reserved.
MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only.

IDG's Computerworld Names MITRE a "Best Place to Work in IT" for Eighth Straight Year The Boston Globe Ranks MITRE Number 6 Top Place to Work Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"
 

Privacy Policy | Contact Us