Playing "Hide and Seek" with Stored Keys
FC '99 Proceedings of the Third International Conference on Financial Cryptography
Data remanence in semiconductor devices
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Shredding your garbage: reducing data lifetime through secure deallocation
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Self-encryption scheme for data security in mobile devices
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
AESSE: a cold-boot resistant implementation of AES
Proceedings of the Third European Workshop on System Security
TRESOR runs encryption securely outside RAM
SEC'11 Proceedings of the 20th USENIX conference on Security
Unicorn: two-factor attestation for data security
Proceedings of the 18th ACM conference on Computer and communications security
Security through amnesia: a software-based solution to the cold boot attack on disk encryption
Proceedings of the 27th Annual Computer Security Applications Conference
I/O Attacks in Intel PC-based Architectures and Countermeasures
SYSSEC '11 Proceedings of the 2011 First SysSec Workshop
TreVisor: OS-independent software-based full disk encryption secure against main memory attacks
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Progressive authentication: deciding when to authenticate on mobile phones
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Eternal sunshine of the spotless machine: protecting privacy with ephemeral channels
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
CleanOS: limiting mobile data exposure with idle eviction
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
TRESOR-HUNT: attacking CPU-bound encryption
Proceedings of the 28th Annual Computer Security Applications Conference
FROST: forensic recovery of scrambled telephones
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
ARMORED: CPU-Bound Encryption for Android-Driven ARM Devices
ARES '13 Proceedings of the 2013 International Conference on Availability, Reliability and Security
| Hi-index | 0.00 |
Android devices use volume encryption to protect private data storage. While this paradigm has been widely adopted for safeguarding PC storage, the always-on mobile usage model makes volume encryption a weaker proposition for data confidentiality on mobile devices. PCs are routinely shut down which effectively secures private data and encryption keys. Mobile devices, on the other hand, typically remain powered-on for long periods and rely on a lock-screen for protection. This leaves lock-screen protection, something routinely bypassed, as the only barrier securing private data and encryption keys. Users are unlikely to embrace a practice of shutting down their mobile phones, as it impairs their communication and computing abilities. We propose Deadbolt: a method for maintaining most mobile computing functionality, while offering the security benefits of a powered off device with respect to storage encryption. Deadbolt prevents access to internal storage even if the adversary can exploit a lock screen bypass vulnerability or perform a cold boot attack. Users can gracefully switch between the Deadbolt and unlocked modes in less time than a system reboot. Deadbolt offers the additional benefit of an incognito environment in which logs and actions will not be recorded.