Gracewipe: Secure and Verifiable Deletion under Coercion

Zhao, Lianying; Mannan, Mohammad

doi:10.14722/ndss.2015.23258

Cited by 9 publications

(5 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Many other schemes, as well as adversary models of device capture are discussed in [24]. In [38], the authors proposed a method to securely delete data when under coercion. This is done through a deletion password, which when entered, will verifiably delete the data within a special disk in the device.…”

Section: Secure Deletionmentioning

confidence: 99%

“…For example, the device may be split up into different volumes, which unlocks depending on which password the user enters. The idea of the system is as follows: when the user is requested to enter their password, they will input a 'decoy' password instead, to which the file system will direct the user to a file directory with predetermined inconspicuous-looking data [33,38].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Nakula: Coercion Resistant Data Storage against Time-Limited Adversary

Imanda,

Rasmussen

2023

Proceedings of the 18th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

Both private citizens and professionals including journalists and whistleblowers can find themselves in a situation where they need to physically carry confidential data on a mobile device, through a situation where they might have their device seized and be subject to interrogation. In that case the user may be required to hand over the data by providing the password to unlock the device, violating confidentiality. Many existing proposals to address this issue involve the user lying to the interrogator to convince them that there is no data present, or that they forgot the password, or provide them with a second password that reveal different information. Although data hiding or alternative passwords can be useful solutions, we want to avoid this and instead focus on a scheme where the user can show that they cannot possibly access the data.In this paper we propose Nakula, a mechanism that enables a user to lock down data with a single click (or voice command, gesture, etc.), enabling secure data transport. The information remains confidential against a very strong adversary who has full control over both the network and the device; and has the ability to force the user to cooperate through coercion. Nakula is designed so that the user does not have to lie or provide any misleading information at all. To achieve this, the user temporarily loses the ability to access the data and will need a trusted third party to recover it. We present a detailed design and security analysis of Nakula, and a proof-of-concept implementation that demonstrates the feasibility of using standard mobile phones to carry data. Finally we discuss several context-specific authentication methods that can be used with the scheme to enable data recovery in a variety of situations.

show abstract

Section: Secure Deletionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Nakula: Coercion Resistant Data Storage against Time-Limited Adversary

Imanda,

Rasmussen

2023

Proceedings of the 18th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

show abstract

“…A few files overwriting tools, e.g, srm (Jagdmann 2015) and wipe (Durak 2006), can be used to securely remove files. Gracewipe (Zhao and Mannan 2015), as has been discussed in "PDE for desktop computers" section, can achieve secure and verifiable deletion of encryption keys through a special deletion password by taking advantage of TPM and Intel TXT, thus making the encrypted data permanently inaccessible. In the case of database, there is also a secure deletion interface, which can be used to overwrite data with zeros in the underlying file system.…”

Section: Secure Deletion For Hdds-based Storage Systemsmentioning

confidence: 99%

“…They may also have different deletion granularity. Generally, the encryption-based secure deletion approaches for HDDs-based storage systems Peterson et al 2005;Zhao and Mannan 2015) have relatively low performance overheads since only keys need to be deleted to achieve secure deletion.…”

Section: Secure Deletion For Hdds-based Storage Systemsmentioning

confidence: 99%

Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a survey

et al. 2018

View full text Add to dashboard Cite

Ensuring confidentiality of sensitive data is of paramount importance, since data leakage may not only endanger data owners' privacy, but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act. To provide confidentiality guarantee, the data should be protected when they are preserved in the personal computing devices (i.e., confidentiality during their lifetime); and also, they should be rendered irrecoverable after they are removed from the devices (i.e., confidentiality after their lifetime). Encryption and secure deletion are used to ensure data confidentiality during and after their lifetime, respectively. This work aims to perform a thorough literature review on the techniques being used to protect confidentiality of the data in personal computing devices, including both encryption and secure deletion. Especially for encryption, we mainly focus on the novel plausibly deniable encryption (PDE), which can ensure data confidentiality against both a coercive (i.e., the attacker can coerce the data owner for the decryption key) and a non-coercive attacker.

show abstract

“…Cloud data assured deletion based on trusted execution environments. 10,11 The basic idea of this method is to build a secure deleted executable environment from two aspects of hardware and software, but it needs to add trusted enhancement settings on the existing cloud computing infrastructure, so this method is difficult to achieve. 2.…”

Section: Introductionmentioning

confidence: 99%

An assured deletion scheme for encrypted data in Internet of Things

2019

Advances in Mechanical Engineering

View full text Add to dashboard Cite

With the development of Internet of Things, heterogeneous data from all kinds of sensors are processed and stored in the cloud server provider. Cloud can be regarded as one of the important layers in the Internet of Things architecture and Internet of Things is the biggest customer of the cloud. As to the security in the Internet of Things, encryption is one of the important mechanisms to achieve confidentiality of the data. However, data encryption introduces new challenges for its assured deletion in cloud, which becomes crucial for big data storage and processing in cloud for Internet of Things. Most existing solutions of cloud data assured deletion only delete the key while the ciphertext is still intact. On the other hand, the decryption time of the user increases with the size of data in the solutions. In this article, we propose a novel assured deletion scheme over encrypted cloud data based on the idea of uploading by sampling slice and outsourcing the decryption of ciphertext policy attributebased encryption. The analysis and simulation results show that our scheme is secure and efficient, especially on reducing the decryption time of the user. We also designed a ciphertext deduplication scheme based on this scheme and explained its flow.

show abstract

Gracewipe: Secure and Verifiable Deletion under Coercion

Cited by 9 publications

References 0 publications

Nakula: Coercion Resistant Data Storage against Time-Limited Adversary

Nakula: Coercion Resistant Data Storage against Time-Limited Adversary

Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a survey

An assured deletion scheme for encrypted data in Internet of Things

Contact Info

Product

Resources

About