Skip to Main content Skip to Navigation
Journal articles

Secure storage—Confidentiality and authentication

Abstract : Secure disk storage is a rich and complex topic and its study is challenging in theory as well as in practice. In case of loss or theft of mobile devices (such as laptops and smartphones), the threat of data exposure is important and a natural security objective is to guarantee the confidentiality of the data-at-rest stored in such devices (e.g. on disks or solid-state drives). Classical approaches to encrypt data may have a severe impact on performance if the underlying architectural specificities are not considered. In particular, it is usually assumed that an encryption scheme suitable for the application of disk encryption must be length preserving. This so-called "full disk encryption" method provides confidentiality but does not provide cryptographic data integrity protection. It indeed rules out the use of authenticated encryption where an authentication tag is concatenated to the ciphertext. Moreover, authenticated encryption requires storing tags, and latency is added due to extra read/write accesses and tag computations. We present a comprehensive study of full disk encryption solutions and compare their features from a security perspective. We additionally present threat models for authenticated disk encryption and present a systematized analysis of the techniques usable in these settings (which has, up to now, received little attention from the research community). We finally review the current state-of-the-art of incremental cryptography and provide new insights for its use in secure disk storage contexts.
Document type :
Journal articles
Complete list of metadata

https://hal.archives-ouvertes.fr/hal-03626423
Contributor : Damien Vergnaud Connect in order to contact the contributor
Submitted on : Thursday, March 31, 2022 - 3:12:55 PM
Last modification on : Monday, April 4, 2022 - 10:54:15 AM
Long-term archiving on: : Friday, July 1, 2022 - 7:10:56 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2022-09-24

Please log in to resquest access to the document

Identifiers

Citation

Ryad Benadjila, Louiza Khati, Damien Vergnaud. Secure storage—Confidentiality and authentication. Computer Science Review, Elsevier, 2022, 44, pp.100465. ⟨10.1016/j.cosrev.2022.100465⟩. ⟨hal-03626423⟩

Share

Metrics

Record views

25