Saved in:
Bibliographic Details
Main Authors: Muslukhov, Ildar, Sun, San-Tsai, Wijesekera, Primal, Boshmaf, Yazan, Beznosov, Konstantin
Format: Recurso digital
Language:
Published: Zenodo 2016
Online Access:https://doi.org/10.5281/zenodo.3264730
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866901741100859392
author Muslukhov, Ildar
Sun, San-Tsai
Wijesekera, Primal
Boshmaf, Yazan
Beznosov, Konstantin
author_facet Muslukhov, Ildar
Sun, San-Tsai
Wijesekera, Primal
Boshmaf, Yazan
Beznosov, Konstantin
contents Smartphones store sensitive and confidential data, e.g., business related documents or emails. If a smartphone is stolen, such data are at risk of disclosure. To mitigate this risk, modern smartphones allow users to enable data encryption, which uses a locking password to protect the data encryption key. Unfortunately, users either do not lock their devices at all, due to usability issues, or use weak and easy to guess 4-digit PINs. This makes the current approach of protecting confidential data-at-rest ineffective against password guessing attackers. To address this problem we design, implement and evaluate the Sidekick system — a system that uses a wearable device to decouple data encryption and smartphone locking. Evaluation of the Sidekick system revealed that the proposal can run on an 8-bit System-on-Chip, uses only 4 Kb/20 Kb of RAM/ROM, allows data encryption key fetching in less than two seconds, while lasting for more than a year on a single coin-cell battery.
format Recurso digital
id zenodo_https___doi_org_10_5281_zenodo_3264730
institution Zenodo
language
publishDate 2016
publisher Zenodo
record_format zenodo
spellingShingle Decoupling data-at-rest encryption and smartphone locking with wearable devices
Muslukhov, Ildar
Sun, San-Tsai
Wijesekera, Primal
Boshmaf, Yazan
Beznosov, Konstantin
Smartphones store sensitive and confidential data, e.g., business related documents or emails. If a smartphone is stolen, such data are at risk of disclosure. To mitigate this risk, modern smartphones allow users to enable data encryption, which uses a locking password to protect the data encryption key. Unfortunately, users either do not lock their devices at all, due to usability issues, or use weak and easy to guess 4-digit PINs. This makes the current approach of protecting confidential data-at-rest ineffective against password guessing attackers. To address this problem we design, implement and evaluate the Sidekick system — a system that uses a wearable device to decouple data encryption and smartphone locking. Evaluation of the Sidekick system revealed that the proposal can run on an 8-bit System-on-Chip, uses only 4 Kb/20 Kb of RAM/ROM, allows data encryption key fetching in less than two seconds, while lasting for more than a year on a single coin-cell battery.
title Decoupling data-at-rest encryption and smartphone locking with wearable devices
url https://doi.org/10.5281/zenodo.3264730