Forward Secure On-device Encryption Scheme Withstanding Cold Boot Attack

Abstract

Encryption of data residing on the permanent memory of a device, also known as On-Device Encryption (ODE), is a well studied problem with many popular software available these days. We consider the adversary who is capable of taking one RAM snapshot (e.g: Cold Boot Attack) when the device is in locked state. Writing data securely, when the device is in locked state can be handled in the presence of this strong adversary, by employing public key encryption techniques. When it comes to reading of data from a locked device, it is not known until now, whether it is possible. In this paper, we state the impossibility of performing the read operation securely, when the device is in locked state. Moreover, we propose a new forward secure ODE scheme which supports secure writing in locked state and is more efficient when compared to the public key based solution. We have proposed the security model for forward secure ODE and proved the security of our scheme in the proposed security model.