Skip to main content
SpringerLink
Log in

Cryptographic key protection against FROST for mobile devices

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

With the flourish of applications based on the internet of things and cloud computing, privacy issues have been attracting a lot of attentions. Although the increasing use of full disk encryption (FDE) significantly hamper privacy leakage and digital forensics, cold boot attacks have thwarted FDE since forensic recovery of scrambled telephones (FROST), a forensic tool, is proposed. The cryptographic keys which are stored in the mobile devices are inclined to be obtained by FROST. Recent research results have shown CPU-bound encryption methods to resist FROST. However, these methods performs AES encryption solely on CPU registers, whose advantage comes at the cost of encryption speed. This paper, therefore, presents a cryptographic key protection scheme for android devices which prevents FROST from acquiring the key of AES by changing storage location of the key in memory. The storage location of the key is switched to the fixed position where command line parameters will be stored when android boots. Therefore, the key will be covered by command line parameters while the system reboots, which negates FROST from obtaining the key. Compared with the popular CPU-bound encryption methods, our method has less impact on encryption efficiency and employs no additional storage resources.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Gupta, B.B., Agrawal, D.P., Yamaguchi, S.: Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security. IGI Global, Hershey (2016)

    Book  Google Scholar 

  2. Xu, M., Song, C., Ji, Y., Shih, M.-W., Lu, K., Zheng, C., Duan, R., Jang, Y., Lee, B., Qian, C., et al.: Toward engineering a secure android ecosystem: a survey of existing techniques. ACM Comput. Surv. (CSUR) 49(2), 38 (2016)

    Article  Google Scholar 

  3. Sufatrio, Darell, J.J., Chua, T.-W., Thing, V.L.L.: Securing android: a survey, taxonomy, and challenges. ACM Comput. Surv. 47(4), 1–45 (2015)

    Article  Google Scholar 

  4. Rastogi, S., Bhushan, K., Gupta, B.B.: Android applications repackaging detection techniques for smartphone devices. Proced. Comput. Sci. 78, 26–32 (2016)

    Article  Google Scholar 

  5. Sharma, K., Gupta, B.B.: Multi-layer defense against malware attacks on smartphone wi-fi access channel. Proced. Comput. Sci. 78, 19–25 (2016)

  6. Zhu, R., Tan, Y., Zhang, Q., Wu, F., Zheng, J., Xue, Y.: Determining image base of firmware files for arm devices. IEICE Trans. Inf. Syst. 99(2), 351–359 (2016)

    Article  Google Scholar 

  7. Zhu, R., Tan, Y., Zhang, Q., Li, Y., Zheng, Jun: Determining image base of firmware for arm devices by matching literal pools. Digit. Invest. 16, 19–28 (2016)

    Article  Google Scholar 

  8. Müller, T., Spreitzenbarth, M.: Frost. In: International Conference on Applied Cryptography and Network Security, pp. 373–388. Springer, New York (2013)

  9. Carbone, R., Bean, C., Salois, M.: An in-depth analysis of the cold boot attack. DRDC Valcartier, Defence Research and Development, Canada, Tech. Rep. (2011)

  10. Gruhn, M., Müller, T.: On the practicability of cold boot attacks. In: Eighth International Conference on Availability, Reliability and Security (ARES), 2013, pp. 390–397. IEEE (2013)

  11. Zidlicky, R.: Re: the cold-boot attack—a paper tiger? www.spinics.net/lists/crypto/msg04668.html (2008). Accessed 30 Oct 2016

  12. Müller, T., Dewald, A., Freiling, F.C.: Aesse: a cold-boot resistant implementation of aes. In: Proceedings of the Third European Workshop on System Security, pp. 42–47. ACM (2010)

  13. Simmons, P.: Security through amnesia: a software-based solution to the cold boot attack on disk encryption. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 73–82. ACM (2011)

  14. Müller, T., Freiling, F.C., Dewald, A.: Tresor runs encryption securely outside ram. In: USENIX Security Symposium, vol. 17 (2011)

  15. Müller, T., Taubmann, B., Freiling, F.C.: Trevisor. In: International Conference on Applied Cryptography and Network Security, pp. 66–83. Springer (2012)

  16. Götzfried, J., Müller, T.: Armored: Cpu-bound encryption for android-driven arm devices. In: Eighth International Conference on Availability, Reliability and Security (ARES) 2013, pp. 161–168. IEEE (2013)

  17. Nilsson, A., Andersson, M., Axelsson, S.: Key-hiding on the arm platform. Digit. Invest. 11, S63–S67 (2014)

    Article  Google Scholar 

  18. Henson, M., Taylor, S.: Memory encryption: a survey of existing techniques. ACM Comput. Surv. (CSUR) 46(4), 53 (2014)

    Article  MATH  Google Scholar 

  19. McGregor, P., Hollebeek, T., Volynkin, A., White, M.: Braving the cold: new methods for preventing cold boot attacks on encryption keys. In: Black Hat Security Conference, Las Vegas (2008)

  20. TCG.: Tcg platform reset attack mitigation specification. https://www.trustedcomputinggroup.org/resources/pc_client_work_group_platform_reset_attack_mitigation_specification_version_10/ (2008). Accessed 30 Oct 2016

  21. Gutmann, P.: Data remanence in semiconductor devices. In: Proceedings of the 10th conference on USENIX Security Symposium, vol. 10. USENIX Association (2001)

  22. Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)

    Article  Google Scholar 

  23. Saout, C.: dm-crypt: a device-mapper crypto target. http://www.saout.de/misc/dm-crypt/ (2011). Accessed 30 Oct 2016

  24. Google.: Encryption. https://source.android.com/security/encryption/ (2016). Accessed 30 Oct 2016

  25. Beniamini, G.: Extracting qualcomm’s keymaster keys—breaking android full disk encryption. https://bits-please.blogspot.jp/2016/06/extracting_qualcomms_keymaster_keys.html (2016). Accessed 30 Oct 2016

Download references

Acknowledgements

This research was supported by the National Natural Science Foundation of China (No. 61370063) and Special Program for Applied Research on Super Computation of the NSFC-Guangdong Joint Fund (the second phase).

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Beijing Institute of Technology, Beijing, 100081, China

    Xiaosong Zhang, Yu-an Tan, Yuan Xue, Quanxin Zhang, Yuanzhang Li, Can Zhang & Jun Zheng

  2. Department of Computer Science and Technology, Tangshan University, Tangshan, 063000, China

    Xiaosong Zhang

  3. Research Center of Massive Language Information Processing and Cloud Computing Application, Beijing, 100081, China

    Yu-an Tan & Jun Zheng

Authors
  1. Xiaosong Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu-an Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuan Xue
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Quanxin Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yuanzhang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Can Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Jun Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jun Zheng.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, X., Tan, Ya., Xue, Y. et al. Cryptographic key protection against FROST for mobile devices. Cluster Comput 20, 2393–2402 (2017). https://doi.org/10.1007/s10586-016-0721-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-016-0721-3

Keywords

Search

Navigation