Kavli Affiliate: Jia Liu
| First 5 Authors: David Galindo, Jia Liu, Chris McMahon Stone, Mihai Ordean,
| Summary:
File-based encryption (FBE) schemes have been developed by software vendors
to address security concerns related to data storage. While methods of
encrypting data-at-rest may seem relatively straightforward, the main
proponents of these technologies in mobile devices have nonetheless created
seemingly different FBE solutions. As most of the underlying design decisions
are described either at a high-level in whitepapers, or are accessible at a
low-level by examining the corresponding source code (Android) or through
reverse-engineering (iOS), comparisons between schemes and discussions on their
relative strengths are scarce. In this paper, we propose a formal framework for
the study of file-based encryption systems, focusing on two prominent
implementations: the FBE scheme used in Android and Linux operating systems, as
well as the FBE scheme used in iOS. Our proposed formal model and our detailed
description of the existing algorithms are based on documentation of diverse
nature, such as whitepapers, technical reports, presentations and blog posts,
among others. Using our framework we validate the security of the existing key
derivation chains, as well as the security of the overall designs, under
widely-known security assumptions for symmetric ciphers, such as IND-CPA or
INT-CTXT security, in the random-oracle model.
| Search Query: ArXiv Query: search_query=au:”Jia Liu”&id_list=&start=0&max_results=10