Wearable Device Could Secure Laptop Computer Files

Join Our Community of Science Lovers!

On supporting science journalism

If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.

Laptop computers get smaller, lighter and more powerful each year. But along with the ability to take work on the road, the machines bring security concerns because thieves find them all too easy to walk off with. This is particularly worrisome when the contents of the computer are confidential or a matter of national security. Now a new approach to computer encryption could help protect the files of stolen laptops.

The technique, developed by Mark D. Corner and Brian D. Noble of the University of Michigan College of Engineering, is dubbed Zero-Interaction Authentication, or ZIA. It requires two pieces of hardware: the laptop and a so-called authentication token that communicates with the computer via a wireless link. As long as the token, which can be built into a wearable accessory such as a watch, is within range of the computer, the computer's systems function normally. But once the computer is separated from the token, its files automatically become encrypted. "When a user walks away from his laptop to get a cup of coffee, it will sense that he is leaving and begin securing the computer," Noble says. "As he returns, as soon as the user comes within radio range, the computer will begin unlocking the computer so that it is ready to resume work when the user sits down." In preliminary tests, files became scrambled within five seconds of the user's departure and could be unscrambled just six seconds after the worker returned. And although ZIA is as yet only a prototype, it does not appear to slow the computer down significantly more than current protection schemes do.

ZIA utilizes common encryption procedures but its design eliminates the need for the computer's owner to input a decryption key, in the form of a password. Many current systems require entry of the password at regular intervals or after the computer has gone to sleep or been idle. If a machine is stolen with the key intact (or if a user has disabled the security system because he finds it annoying) all of its files are vulnerable. According to the scientists, who will discuss their security solution at next month's Association of Computing Machinery MobiCom 2002 conference, "ZIA is the first system to provide encrypted filing services that defend against physical attack while imposing negligible usability and performance burdens on a trusted user."

It’s Time to Stand Up for Science

If you enjoyed this article, I’d like to ask for your support. Scientific American has served as an advocate for science and industry for 180 years, and right now may be the most critical moment in that two-century history.

I’ve been a Scientific American subscriber since I was 12 years old, and it helped shape the way I look at the world. SciAm always educates and delights me, and inspires a sense of awe for our vast, beautiful universe. I hope it does that for you, too.

If you subscribe to Scientific American, you help ensure that our coverage is centered on meaningful research and discovery; that we have the resources to report on the decisions that threaten labs across the U.S.; and that we support both budding and working scientists at a time when the value of science itself too often goes unrecognized.

In return, you get essential news, captivating podcasts, brilliant infographics, can't-miss newsletters, must-watch videos, challenging games, and the science world's best writing and reporting. You can even gift someone a subscription.

There has never been a more important time for us to stand up and show why science matters. I hope you’ll support us in that mission.

Thank you,

David M. Ewalt, Editor in Chief, Scientific American