![]() ![]() This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices, including both encryption and secure deletion. Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime, respectively. To provide confidentiality guarantee, the data should be protected when they are preserved in the personal computing devices (i.e., confidentiality during their lifetime) and also, they should be rendered irrecoverable after they are removed from the devices (i.e., confidentiality after their lifetime). We incur between 2-2.5 seconds delay during boot, and no performance penalty at run-time.Įnsuring confidentiality of sensitive data is of paramount importance, since data leakage may not only endanger data owners’ privacy, but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act. Based on our two primary Gracewipe prototypes (i.e., software-based FDE with TrueCrypt and hardware-based FDE with self-encrypting drive), we also design and implement an extended family of unlocking schemes for triggering deletion, to achieve better plausibility, security and usability. To unlock the target encryption key, the adversary can only guess passwords through the valid Gracewipe environment with a high-risk of triggering deletion of the real key. When coerced, a user can fake compliance and enter the deletion password and then, the user can prove to the adversary that Gracewipe has been executed and the real key is no longer available (through a TPM quote), hoping for a favorable situation (e.g., end of torture). Using secure storage on a trusted platform module (TPM) and modern CPU's trusted execution mode (e.g., Intel TXT), we design Gracewipe to enable secure and verifiable deletion of encryption keys through a special deletion password. Therefore, making data verifiably inaccessible in a stealthy and quick fashion may be the preferred choice, specifically for users, such as government/corporate agents, journalists, and human rights activists with highly confidential secrets, when caught and interrogated in a hostile territory. Traditional full disk encryption (FDE) or plausibly deniable encryption cannot adequately address such situations. ![]() For users in possession of password-protected encrypted data in persistent storage (i.e., 'data at rest'), an obvious problem is that the password may be extracted by an adversary through dictionary attacks, or by coercing the user. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |