SoK: Cryptographic Confidentiality of Data on Mobile Devices

  title={SoK: Cryptographic Confidentiality of Data on Mobile Devices},
  author={Maximilian Zinkus and Tushar M. Jois and Matthew Green},
  journal={Proceedings on Privacy Enhancing Technologies},
  pages={586 - 607}
Abstract Mobile devices have become an indispensable component of modern life. Their high storage capacity gives these devices the capability to store vast amounts of sensitive personal data, which makes them a high-value target: these devices are routinely stolen by criminals for data theft, and are increasingly viewed by law enforcement agencies as a valuable source of forensic data. Over the past several years, providers have deployed a number of advanced cryptographic features intended to… 

Tables from this paper


User-friendly deniable storage for mobile devices
MobiPluto is presented, a user-friendly PDE scheme for denying the existence of sensitive data stored on mobile devices that any block-based file systems can be deployed on top of it and introduces a fast switching mechanism and incorporates the widely-used Near Field Communication technology.
SoK: Privacy on Mobile Devices – It’s Complicated
This work surveys the numerous components of mobile devices, giving particular attention to those that collect, process, or protect users’ private data, and suggests that abstracted complexity is the major cause of many privacy-related vulnerabilities.
SADUS: Secure data deletion in user space for mobile devices
The logic structure and operation characteristics of flash memory are studied, the adversary capability and threat model is defined, and an approach in user space that uses the user space file system to provide secure deletion guarantees at file granularity is proposed, independent of the characteristics of the underlying file system and storage medium.
SoK: Secure Data Deletion
This paper surveys the related work in detail and organizes existing approaches in terms of their interfaces to physical media in order to present a taxonomy of adversaries differing in their capabilities as well as a systematization for the characteristics of secure deletion approaches.
DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer
DFTL is the first PDE design which incorporates deniability to Flash Translation Layer (FTL), a pervasively deployed "translation layer" which stays between NAND flash and the file system in literally all the computing devices.
INFUSE: Invisible plausibly-deniable file system for NAND flash
This work introduces INFUSE, a plausibly-deniable file system that hides not only contents but also the evidence that a particular system is being used to hide data, and is secure in the presence of multi-snapshot adversaries.
Beyond Full Disk Encryption: Protection on Security-Enhanced Commodity Processors
On-going work to develop and measure a clean-slate operating system --- Bear --- that leverages on-chip encryption to provide confidentiality of code and data is described.
All Your Droid Are Belong to Us: A Survey of Current Android Attacks
This paper discusses the Android security model and some potential weaknesses of the model, and provides a taxonomy of attacks to the platform demonstrated by real attacks that in the end guarantee privileged access to the device.
DEFY: A Deniable, Encrypted File System for Log-Structured Storage
D DEFY is presented, a deniable file system following a log-structured design that provides features not offered by prior work, including authenticated encryption, fast secure deletion, and support for multiple layers of deniability.
Trusted Hardware: Can It Be Trustworthy?
Although major challenges still confront secure software system development, there has been substantial progress and the notions of trust and trustworthiness are presented and challenges to trusted hardware development are explored.