Cryptographic key protection against FROST for mobile devices

Xiaosong Zhang, Yu an Tan, Yuan Xue, Quanxin Zhang, Yuanzhang Li, Can Zhang, Jun Zheng*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

30 Citations (Scopus)

Abstract

With the flourish of applications based on the internet of things and cloud computing, privacy issues have been attracting a lot of attentions. Although the increasing use of full disk encryption (FDE) significantly hamper privacy leakage and digital forensics, cold boot attacks have thwarted FDE since forensic recovery of scrambled telephones (FROST), a forensic tool, is proposed. The cryptographic keys which are stored in the mobile devices are inclined to be obtained by FROST. Recent research results have shown CPU-bound encryption methods to resist FROST. However, these methods performs AES encryption solely on CPU registers, whose advantage comes at the cost of encryption speed. This paper, therefore, presents a cryptographic key protection scheme for android devices which prevents FROST from acquiring the key of AES by changing storage location of the key in memory. The storage location of the key is switched to the fixed position where command line parameters will be stored when android boots. Therefore, the key will be covered by command line parameters while the system reboots, which negates FROST from obtaining the key. Compared with the popular CPU-bound encryption methods, our method has less impact on encryption efficiency and employs no additional storage resources.

Original languageEnglish
Pages (from-to)2393-2402
Number of pages10
JournalCluster Computing
Volume20
Issue number3
DOIs
Publication statusPublished - 1 Sept 2017

Keywords

  • AES
  • Android
  • Anti-forensics
  • Cold boot attacks
  • FDE
  • Key protection

Fingerprint

Dive into the research topics of 'Cryptographic key protection against FROST for mobile devices'. Together they form a unique fingerprint.

Cite this