New Authentication Standard Will Make USB-C Devices Safer

A new authentication protocol for USB devices could help ensure you never inadvertently fry your laptop with a bogus flash drive again. The USB 3.0 Promoter Group today announced the USB Type-C Authentication specification, defining cryptographic-based authentication for USB Type-C chargers and devices.

The protocol will allow host systems to confirm the authenticity of devices or chargers at the moment wired connections are made, before any power surges occur or malware can be transferred.

?EU?For a traveler concerned about charging their phone at a public terminal, their phone can implement a policy only allowing charge from certified USB chargers,?EU? the USB promoter group said in a statement announcing the new specifications. ?EU?A company, tasked with protecting corporate assets, can set a policy in its PCs granting access only to verified USB storage devices.?EU?

Tackling USB Security Problems

As the Type-C becomes more popular, some problems with the new design have become apparent. In particular, the tendency for a faulty or non-compliant cable to create a power surge capable of frying a laptop. The new power delivery specification will ensure the system can authenticate the validity of a device before that can happen.

The authentication specs for the Type-C connector provide a number of security features to protect users?EU? hardware, including a standard protocol for authenticating all certified USB Type-C devices, cables, and power sources. The specifications also support authentication over either USB data bus or USB power delivery communications channels.

The new security features are also designed to tackle another big problem with USB ports: the potential for them to be exploited by hackers to deliver malicious payloads. The authentication protocol is designed to give administrators more control over what can be connected to their systems.

Devices that use the authentication protocol will retain control over whatever security policies an administrator chooses to implement and...

Comments are closed.