Access the full text.
Sign up today, get DeepDyve free for 14 days.
Carlo Meijer, B. Gastel (2019)
Self-Encrypting Deception: Weaknesses in the Encryption of Solid State Drives2019 IEEE Symposium on Security and Privacy (SP)
A. Zuck, Yue Li, Jehoshua Bruck, Donald Porter, Dan Tsafrir (2018)
Stash in a FlashProceedings of the 11th ACM International Systems and Storage Conference
Chiara Galdi, J. Dugelay (2017)
FIRE: Fast Iris REcognition on mobile phones by combining colour and texture featuresPattern Recognit. Lett., 91
Diego Ongaro, J. Ousterhout (2014)
In Search of an Understandable Consensus Algorithm
(2019)
The Art of iPhone Acquisition
Fenghao Xu, Wenrui Diao, Zhou Li, Jiongyi Chen, Kehuan Zhang (2019)
BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth PeripheralsProceedings 2019 Network and Distributed System Security Symposium
A. Abate, Silvio Barra, Luigi Gallo, F. Narducci (2017)
Kurtosis and skewness at pixel level as input for SOM networks to iris recognition on mobile devicesPattern Recognit. Lett., 91
S. Delaune, S. Kremer, G. Steel (2008)
Formal Analysis of PKCS#112008 21st IEEE Computer Security Foundations Symposium
Apple Pay security and privacy overview
(2019)
Technical analysis of the checkm8 exploit
Man Zhou, Qian Wang, Jingxiao Yang, Qi Li, Feng Xiao, Zhibo Wang, Xiaofeng Chen (2018)
PatternListener: Cracking Android Pattern Lock Using Acoustic SignalsProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
Elissa Redmiles, N. Warford, Amritha Jayanti, Aravind Koneru, Sean Kross, Miraida Morales, Rock Stevens, Michelle Mazurek (2020)
A Comprehensive Quality Evaluation of Security and Privacy Advice on the Web
Unlock cloud-based evidence to solve the case sooner
Philipp Markert, D. Bailey, M. Golla, Markus Dürmuth, Adam Aviv (2020)
This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs2020 IEEE Symposium on Security and Privacy (SP)
(2015)
Verifi-able Data Structures
Ben Laurie (2014)
Certificate transparencyCommunications of the ACM, 57
(2021)
Up-date your Apple devices now. New Pegasus hack prompts company to issue new software to fix iMessage vulnerability
(2019)
Technology Preview for secure value recovery
Braden Shaw (2012)
a message to our customers
A. Shamir (1979)
How to share a secretCommun. ACM, 22
Luther Martin (2010)
XTS: A Mode of AES for Encrypting Hard DisksIEEE Security & Privacy, 8
S. Bellovin, M. Blaze, Sandy Clark, S. Landau (2013)
Going Bright: Wiretapping without Weakening Communications InfrastructureIEEE Security & Privacy, 11
Touch ID, Face ID, passcodes, and passwords
Nirvan Tyagi, M. Mughees, T. Ristenpart, Ian Miers (2018)
BurnBox: Self-Revocable Encryption in a World Of Compelled Access
J. Götzfried, Moritz Eckert, Sebastian Schinzel, Tilo Müller (2017)
Cache Attacks on Intel SGXProceedings of the 10th European Workshop on Systems Security
Aya Fukami, Saugata Ghose, Yixin Luo, Yu Cai, O. Mutlu (2017)
Improving the reliability of chip-off forensic analysis of NAND flash memory devicesDigit. Investig., 20 Supplement
(2011)
Cyber Threats to Mobile Phones
We Built a Database of Over 500 iPhones Cops Have Tried to Unlock
Adrian-Stefan Ungureanu, Shejin Thavalengal, Timothée Cognard, Claudia Costache, P. Corcoran (2017)
Unconstrained palmprint as a smartphone biometricIEEE Transactions on Consumer Electronics, 63
M. Blaze (1993)
A cryptographic file system for UNIX
(2014)
NSA targets the privacy-conscious
G. Klein, Kevin Elphinstone, G. Heiser, June Andronick, David Cock, Philip Derrin, D. Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, Simon Winwood (2009)
seL4: formal verification of an OS kernel
Y. Aumann, Yehuda Lindell (2007)
Security Against Covert Adversaries: Efficient Protocols for Realistic AdversariesJournal of Cryptology, 23
(2019)
Global requests for user information
C. Wright (2018)
Crypto Crumple Zones: Protecting Encryption in a Time of Political Uncertainty
M. Hatamian, Jetzabel Serna, K. Rannenberg (2019)
Revealing the unrevealed: Mining smartphone users privacy perception on app marketsComput. Secur., 83
J. Laub (2010)
Test Results for Mobile Device Acquisition Tool: Device Seizure 4.0
K. Basu, Deepraj Soni, M. Nabeel, R. Karri (2019)
NIST Post-Quantum Cryptography- A Hardware Evaluation StudyIACR Cryptol. ePrint Arch., 2019
Tobias Matzner (2014)
Why privacy is not enough privacy in the context of "ubiquitous computing" and "big data"J. Inf. Commun. Ethics Soc., 12
(2018)
, are you listening? privacy perceptions, concerns and privacy-seeking behaviors with smart speakers
A. Heinrich, Milan Stute, T. Kornhuber, M. Hollick (2021)
Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking SystemProceedings on Privacy Enhancing Technologies, 2021
Shuzhe Yang, Gökhan Bal (2012)
Balancing Security and Usability of Local Security Mechanisms for Mobile Devices
David M'Raïhi, M. Bellare, F. Hoornaert, D. Naccache, Ohad Ranen (2005)
HOTP: An HMAC-Based One-Time Password AlgorithmRFC, 4226
Joel Reardon, D. Basin, Srdjan Capkun (2014)
On Secure Data DeletionIEEE Secur. Priv., 12
(2021)
Man steals over 600K iCloud photos searching for nudes
M. Abadi (1997)
Strengthening Passwords
P. Schaik, J. Jansen, Joseph Onibokun, J. Camp, Petko, Kusev (2018)
Security and privacy in online social networking: Risk perceptions and precautionary behaviourComput. Hum. Behav., 78
Sanjam Garg, Craig Gentry, A. Sahai, Brent Waters (2013)
Witness encryption and its applicationsIACR Cryptol. ePrint Arch., 2013
Cryptographic Confidentiality of Data on Mobile Devices 19
濵﨑 一樹, 藤原 賢二, 吉田 則裕, RaulaGaikovinaKula, 伏田 享平, 飯田 元 (2012)
Android Open Source Projectを対象としたパッチレビュー活動の調査, 2012
Behavior changes: all apps. https://developer. android.com/about/versions/pie/android-9.0-changes-all, 12 2019
(2018)
Google and Android have your back by protecting your backups
S. Savage (2018)
Lawful Device Access without Mass Surveillance Risk: A Technical Design DiscussionProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
J. Benet (2014)
IPFS - Content Addressed, Versioned, P2P File SystemArXiv, abs/1407.3561
(2018)
Apple iPhone Forensics: Significant Locations
Legal Process Guidelines
David M'Raïhi, S. Machani, Mingliang Pei, Johan Rydell (2011)
TOTP: Time-Based One-Time Password AlgorithmRFC, 6238
Tarjei Mandt, Mathew Solnik, David Wang (2016)
Demystifying the Secure Enclave Processor
E. Casey, Gerasimos Stellatos (2008)
The impact of full disk encryption on digital forensicsOperating Systems Review, 42
(2020)
Apple Helps FBI Track Down George Floyd Protester Accused Of Firebombing Cop Cars
(2019)
Accessing iCloud With and Without a Pass-word in 2019
(2016)
Smartphone Encryption: Why Only 10 Per Cent of Android Smartphones Are Encrypted
Silvio Barra, M. Marsico, M. Nappi, F. Narducci, D. Riccio (2019)
A hand-based biometric system in visible light for mobile environmentsInf. Sci., 479
P. Peterson (2010)
Cryptkeeper: Improving security with encrypted RAM2010 IEEE International Conference on Technologies for Homeland Security (HST)
Providing low risk exceptional access
M. Green, Gabriel Kaptchuk, Gijs Laer (2021)
Abuse Resistant Law Enforcement Access Systems
Stronger security for your Google Account
Learn more about iCloud in China mainland
K. Nelson (2010)
Going DarkSewanee Review, 118
(2015)
On the Impact of TouchID on iPhone Passcodes
D. Bruggen (2014)
Studying the Impact of Security Awareness Efforts on User Behavior
Jin Im (2002)
Privacy
Sean Smith, V. Austel (1998)
Trusting Trusted Hardware: Towards a Formal Model for Programmable Secure Coprocessors
M. Zurko (1996)
User-centered security
J. Kelsey, B. Schneier, Chris Hall, D. Wagner (1997)
Secure Applications of Low-Entropy Keys
(2019)
iPhone Warrant Database
50: jailbreak-free extraction without an Apple Developer Account
Clemens Fruhwirth (2005)
New Methods in Hard Disk Encryption
Nik Unger, Sergej Dechand, Joseph Bonneau, S. Fahl, H. Perl, I. Goldberg, Matthew Smith (2015)
SoK: Secure Messaging2015 IEEE Symposium on Security and Privacy
Sebastian Uellenbeck, Markus Dürmuth, Christopher Wolf, Thorsten Holz (2013)
Quantifying the security of graphical passwords: the case of android unlock patternsProceedings of the 2013 ACM SIGSAC conference on Computer & communications security
(2018)
GrayKey iPhone unlocker poses serious security concerns
J. Daemen, V. Rijmen (1998)
The Block Cipher Rijndael
(2016)
Police are filing warrants for Android’s vast store of location data
M. Green, Matthew Smith (2016)
Developers are Not the Enemy!: The Need for Usable Security APIsIEEE Security & Privacy, 14
Ian McQuoid, Mike Rosulek, Lawrence Roy (2020)
Minimal Symmetric PAKE and 1-out-of-N OT from Programmable-Once Public FunctionsProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
(2020)
Back up user data with Auto Backup
(2018)
Exploiting Qualcomm EDL Programmers (1): Gaining Access & PBL Internals
U. Manber (1996)
A simple scheme to make passwords based on one-way functions much harder to crackComput. Secur., 15
(2019)
The Clever Cryptography Behind Apple’s ’Find My’ Feature
Michael Henson, Stephen Taylor (2013)
Beyond Full Disk Encryption: Protection on Security-Enhanced Commodity Processors
Karan Ahuja, Rahul Islam, F. Barbhuiya, K. Dey (2017)
Convolutional neural networks for ocular smartphone-based biometricsPattern Recognit. Lett., 91
Sarah Scheffler, Mayank Varia (2020)
Protecting Cryptography Against Compelled Self-Incrimination
(2020)
Pangu 9 Internals
M. Bellare, P. Rogaway (1993)
Entity Authentication and Key Distribution
(2020)
Transparency Report
(2020)
ARM Holdings
(2019)
Victory: Pennsylvania Supreme Court Rules Police Can’t Force You to Tell Them Your Pass-word
Robin Tan, M. Perkowski (2017)
Toward Improving Electrocardiogram (ECG) Biometric Verification using Mobile Sensors: A Two-Stage Classifier ApproachSensors (Basel, Switzerland), 17
(2018)
This $39 Device Can Defeat iOS USB Restricted Mode
(2019)
Mobile Device Forensic Tool Specification
Marcela Melara, Aaron Blankstein, Joseph Bonneau, E. Felten, M. Freedman (2015)
CONIKS: Bringing Key Transparency to End Users
Craig Gentry (2009)
Fully homomorphic encryption using ideal lattices
Michael Halcrow (2010)
eCryptfs: An Enterprise-class Encrypted Filesystem for Linux
(2014)
Chinese developers release untethered iOS 7.1.X jailbreak to much controversy
Kasper Larsen, J. Nielsen (2018)
Yes, There is an Oblivious RAM Lower Bound!Electron. Colloquium Comput. Complex., TR18
Stanislaw Jarecki, H. Krawczyk, Jiayu Xu (2018)
OPAQUE: An Asymmetric PAKE Protocol Secure Against Pre-Computation AttacksIACR Cryptol. ePrint Arch., 2018
Timothy Vidas, Daniel Votipka, Nicolas Christin (2011)
All Your Droid Are Belong to Us: A Survey of Current Android Attacks
(2016)
iCloud celebrity nude
Levent Demir, Mathieu Thiery, V. Roca, Jean-Michel Tenkes, Jean-Louis Roch (2020)
Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors
D. Boneh, A. Sahai, Brent Waters (2011)
Functional Encryption: Definitions and Challenges
Documentation for Android 9
C. Irvine, K. Levitt (2007)
Trusted Hardware: Can It Be Trustworthy?2007 44th ACM/IEEE Design Automation Conference
(2020)
Working Around the iPhone USB Restricted Mode
D. Bhattacharyya, R. Ranjan, F. Alisherov, Minkyu Choi (2009)
Biometric Authentication: A Review
(2020)
FCC ID 2AV7EGK01
Use Handoff to continue tasks on your other devices
Chen Chen, Anrin Chakraborti, R. Sion (2020)
INFUSE: Invisible plausibly-deniable file system for NAND flashProceedings on Privacy Enhancing Technologies, 2020
A. Barr (2019)
PurismCubism and Abstract Art
(2020)
S.3398 - EARN IT Act of
Dayeol Lee, David Kohlbrenner, Shweta Shinde, K. Asanović, D. Song (2020)
Keystone: an open framework for architecting trusted execution environmentsProceedings of the Fifteenth European Conference on Computer Systems
Joel Reardon, D. Basin, Srdjan Capkun (2013)
SoK: Secure Data Deletion2013 IEEE Symposium on Security and Privacy
Marc Walker, J. Halderman, Brent Waters, E. Felten (2005)
A convenient method for securely managing passwords
(2020)
Exclusive: Apple dropped plan for encrypting backups after FBI complained - sources
Adam Aviv, Devon Budzitowski, Ravi Kuber (2015)
Is Bigger Better? Comparing User-Generated Passwords on 3x3 vs. 4x4 Grid Sizes for Android's Pattern UnlockProceedings of the 31st Annual Computer Security Applications Conference
(2017)
Broadpwn
A. Adams, M. Sasse (1999)
Users are not the enemyCommun. ACM, 42
(2018)
A few thoughts on Ray Ozzie’s “Clear” proposal
Apple Inc. Two-factor authentication for Apple ID
H. Abelson, Ross Anderson, S. Bellovin, Josh Benaloh, M. Blaze, W. Diffie, J. Gilmore, Matthew Green, S. Landau, P. Neumann, Ronald Rivest, J. Schiller, B. Schneier, Michael Specter, D. Weitzner (2015)
Keys under doormats: mandating insecurity by requiring government access to all data and communications ‡
A. Senarath, N. Arachchilage (2018)
Understanding user privacy expectations: A software developer's perspectiveTelematics Informatics, 35
Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, W. Zhu, Yingjiu Li, Zhan Wang (2018)
User-friendly deniable storage for mobile devicesComput. Secur., 72
Ahmed Mahfouz, Tarek Mahmoud, A. Eldin (2017)
A Survey on Behavioral Biometric Authentication on SmartphonesJ. Inf. Secur. Appl., 37
B. Kaliski (2000)
PKCS #5: Password-Based Cryptography Specification Version 2.0RFC, 2898
C. Shannon (1949)
Communication theory of secrecy systemsBell Syst. Tech. J., 28
S. Ray, G. Das (2020)
ExtractionProcess Equipment and Plant Design
(2015)
A new hack could let thieves bypass the iPhone’s lockscreen
unc0ver jailbreak
Moses Liskov, R. Rivest, D. Wagner (2002)
Tweakable Block CiphersJournal of Cryptology, 24
Jolyon Clulow (2003)
On the Security of PKCS#11
(2019)
Valsorda. Proposal: Secure the Public Go Module Ecosystem
Josephine Lau, Benjamin Zimmerman, F. Schaub (2018)
Alexa, Are You Listening?Proceedings of the ACM on Human-Computer Interaction, 2
(2018)
Filecoin: A decentralized storage network
(2020)
Arm TrustZone Technology
(2020)
Here Are Detailed Photos of iPhone Unlocking Tech GrayKey
Li Yang, Teng Wei, Fengwei Zhang, Jianfeng Ma (2018)
SADUS: Secure data deletion in user space for mobile devicesComput. Secur., 77
J. Bennington (1989)
“Milan”Local Economy: The Journal of the Local Economy Policy Unit, 4
(2016)
FBI Director Comments on San Bernardino Matter
(2018)
Titan M makes Pixel 3 our most secure phone yet
What Happens When You Press that Button ?
Alexander Würstlein, M. Gernoth, J. Götzfried, Tilo Müller (2016)
Exzess: Hardware-Based RAM Encryption Against Physical Memory Disclosure
Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices
Sarah Lumba (2018)
On the WireLandscapes: the journal of the international centre for landscape and language, 8
A. Rattani, R. Derakhshani (2017)
Online co-training in mobile ocular biometric recognition2017 IEEE International Symposium on Technologies for Homeland Security (HST)
Chad Spensky, Jeffrey Stewart, Arkady Yerukhimovich, Richard Shay, A. Trachtenberg, Rick Housley, R. Cunningham (2016)
SoK: Privacy on Mobile Devices – It’s ComplicatedProceedings on Privacy Enhancing Technologies, 2016
S. Nakamoto (2008)
Bitcoin: A Peer-to-Peer Electronic Cash System
Thomas Wu (1998)
The Secure Remote Password Protocol
M. Bortolozzo, Matteo Centenaro, R. Focardi, G. Steel (2010)
Attacking and fixing PKCS#11 security tokens
F. Alonso-Fernandez, K. Raja, C. Busch, J. Bigün (2017)
Log-likelihood score level fusion for improved cross-sensor smartphone periocular recognition2017 25th European Signal Processing Conference (EUSIPCO)
Jo Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, M. Silberstein, T. Wenisch, Y. Yarom, Raoul Strackx (2018)
Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution
S. Skorobogatov (2016)
The bumpy road towards iPhone 5c NAND mirroringArXiv, abs/1609.04327
Paul Crowley, E. Biggers (2018)
Adiantum: length-preserving encryption for entry-level processorsIACR Trans. Symmetric Cryptol., 2018
Shijie Jia, Luning Xia, Bo Chen, Peng Liu (2017)
DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation LayerProceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
(2019)
Moving the Encryption Policy Conversation Forward. Technical report
L. Lamport, R. Shostak, M. Pease (1982)
The Byzantine Generals ProblemACM Trans. Program. Lang. Syst., 4
(2018)
Private by Design: How we built Firefox Sync
Adam Aviv, Katherine Gibson, Evan Mossop, M. Blaze, Jonathan Smith (2010)
Smudge Attacks on Smartphone Touch Screens
Apple Security Updates
A. Whitten, J. Tygar (1999)
Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0
What does iCloud back up?
Ross Anderson, R. Needham, A. Shamir (1998)
The Steganographic File System
D. Dolev, A. Yao (1983)
On the security of public key protocols22nd Annual Symposium on Foundations of Computer Science (sfcs 1981)
Hui Lu, Xiaohan Helu, Chengjie Jin, Yanbin Sun, Man Zhang, Zhihong Tian (2019)
Salaxy: Enabling USB Debugging Mode Automatically to Control Android DevicesIEEE Access, 7
(2018)
Protecting Your Data and Apple Account If They Know Your iPhone Passcode
R. Fischer, Edward Halibozek, David Walters (2019)
SecurityIntroduction to Security
Published by the FCC, accessed via unofficial viewer
(2017)
Titan in depth: Security in plaintext
Oded Goldreich (2001)
The Foundations of Cryptography - Volume 2: Basic Applications
Timothy Peters, Mark Gondree, Zachary Peterson (2015)
DEFY: A Deniable, Encrypted File System for Log-Structured Storage
(2021)
Data security on mobile devices
(2019)
Guard your data with the Qualcomm Snap-dragon Mobile Platform
(2019)
Number of smartphone users worldwide from 2016 to 2021
Spongebob Squarepants (2008)
Bitcoin: A Peer-to-Peer Electronic Cash SystemSSRN Electronic Journal
(2020)
DMCrypt. https://gitlab.com/cryptsetup/ cryptsetup/-/wikis/DMCrypt, 9 2020
(2014)
Instruction sets should be free: The case for risc-v
AbstractMobile devices have become an indispensable component of modern life. Their high storage capacity gives these devices the capability to store vast amounts of sensitive personal data, which makes them a high-value target: these devices are routinely stolen by criminals for data theft, and are increasingly viewed by law enforcement agencies as a valuable source of forensic data. Over the past several years, providers have deployed a number of advanced cryptographic features intended to protect data on mobile devices, even in the strong setting where an attacker has physical access to a device. Many of these techniques draw from the research literature, but have been adapted to this entirely new problem setting.This involves a number of novel challenges, which are incompletely addressed in the literature. In this work, we outline those challenges, and systematize the known approaches to securing user data against extraction attacks. Our work proposes a methodology that researchers can use to analyze cryptographic data confidentiality for mobile devices. We evaluate the existing literature for securing devices against data extraction adversaries with powerful capabilities including access to devices and to the cloud services they rely on. We then analyze existing mobile device confidentiality measures to identify research areas that have not received proper attention from the community and represent opportunities for future research.
Proceedings on Privacy Enhancing Technologies – de Gruyter
Published: Jan 1, 2022
Keywords: personal data; cryptography; mobile; cloud
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.