research-article

Public Access

StrongBox: Confidentiality, Integrity, and Performance using Stream Ciphers for Full Drive Encryption

Authors:

Bernard Dickens III,

Haryadi S. Gunawi,

Ariel J. Feldman,

Henry HoffmannAuthors Info & Claims

ACM SIGPLAN Notices, Volume 53, Issue 2

Pages 708 - 721

https://doi.org/10.1145/3296957.3173183

Published: 19 March 2018 Publication History

PDF eReader

Abstract

Full-drive encryption (FDE) is especially important for mobile devices because they contain large quantities of sensitive data yet are easily lost or stolen. Unfortunately, the standard approach to FDE-the AES block cipher in XTS mode-is 3--5× slower than unencrypted storage. Authenticated encryption based on stream ciphers is already used as a faster alternative to AES in other contexts, such as HTTPS, but the conventional wisdom is that stream ciphers are unsuitable for FDE. Used naively in drive encryption, stream ciphers are vulnerable to attacks, and mitigating these attacks with on-drive metadata is generally believed to ruin performance. In this paper, we argue that recent developments in mobile hardware invalidate this assumption, making it possible to use fast stream ciphers for FDE. Modern mobile devices employ solid-state storage with Flash Translation Layers (FTL), which operate similarly to Log-structured File Systems (LFS). They also include trusted hardware such as Trusted Execution Environments (TEEs) and secure storage areas. Leveraging these two trends, we propose StrongBox, a stream cipher-based FDE layer that is a drop-in replacement for dm-crypt, the standard Linux FDE module based on AES-XTS. StrongBox introduces a system design and on-drive data structures that exploit LFS»s lack of overwrites to avoid costly rekeying and a counter stored in trusted hardware to protect against attacks. We implement StrongBox on an ARM big.LITTLE mobile processor and test its performance under multiple popular production LFSes. We find that StrongBox improves read performance by as much as 2.36× (1.72× on average) while offering stronger integrity guarantees.

References

[1]

Daniel J. Bernstein. 2005. The Poly1305-AES message-authentication code. Technical Report. University of Illinois at Chicago.

Google Scholar

[2]

Daniel J. Bernstein. 2008. ChaCha, a variant of Salsa20. Technical Report. University of Illinois at Chicago.

Google Scholar

[3]

D. Chakraborty, C. Mancillas-López, and P. Sarkar. 2015. STES: A Stream Cipher Based Low Cost Scheme for Securing Stored Data. IEEE Trans. Comput. Vol. 64, 9 (2015), 2691--2707. 1007/11599548_15

Crossref

Google Scholar

[4]

Rui Zhang, Natalie Stanley, Christopher Griggs, Andrew Chi, and Cynthia Sturton . 2017. Identifying Security Critical Properties for the Dynamic Verification of a Processor Proceedings of the Twenty-Second International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2017, Xi'an, China, April 8--12, 2017. 541--554.

Digital Library

Google Scholar

Cited By

View all

Pratama Hartono ABrito AFetzer C(2024)CRISP: Confidentiality, Rollback, and Integrity Storage Protection for Confidential Cloud-Native Computing2024 IEEE 17th International Conference on Cloud Computing (CLOUD)10.1109/CLOUD62652.2024.00026(141-152)Online publication date: 7-Jul-2024
https://doi.org/10.1109/CLOUD62652.2024.00026
Chowdhuryy MJung MYao FAwad A(2023)D-Shield: Enabling Processor-side Encryption and Integrity Verification for Secure NVMe Drives2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10070924(908-921)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10070924
Khalid FMasood A(2022)Vulnerability Analysis of Qualcomm Secure Execution Environment (QSEE)Computers & Security10.1016/j.cose.2022.102628(102628)Online publication date: Jan-2022
https://doi.org/10.1016/j.cose.2022.102628
Show More Cited By

Index Terms

Recommendations

StrongBox: Confidentiality, Integrity, and Performance using Stream Ciphers for Full Drive Encryption
ASPLOS '18: Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems

Full-drive encryption (FDE) is especially important for mobile devices because they contain large quantities of sensitive data yet are easily lost or stolen. Unfortunately, the standard approach to FDE-the AES block cipher in XTS mode-is 3--5× slower ...
The design and implementation of a log-structured file system

This paper presents a new technique for disk storage management called a log-structured file system. A log-structured file system writes all modifications to disk sequentially in a log-like structure, thereby speeding up both file writing and crash ...
LSDM: Improving the Performance of Mobile Storage with a Log-Structured Address Remapping Device Driver
NGMAST '14: Proceedings of the 2014 Eighth International Conference on Next Generation Mobile Apps, Services and Technologies

Mobile devices use low-cost SSDs such as microSD cards and eMMC devices for persistent data storage. However, The controllers of low-cost SSDs are optimized for reads and for sequential writes and they perform poorly under random writes. In this paper, ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACM SIGPLAN Notices Volume 53, Issue 2

ASPLOS '18

February 2018

809 pages

ISSN:0362-1340

EISSN:1558-1160

DOI:10.1145/3296957

Editor:
Matthew Fluet
Rodchester Institude of Technology

Issue’s Table of Contents

ASPLOS '18: Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems
March 2018
827 pages
ISBN:9781450349116
DOI:10.1145/3173162
General Chairs:
Xipeng Shen
North Carolina State University, USA
,
James Tuck
North Carolina State University, USA
,
Program Chairs:
Ricardo Bianchini
Microsoft Research, USA
,
Vivek Sarkar
Georgia Institute of Technology, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 March 2018

Published in SIGPLAN Volume 53, Issue 2

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
1,055
Total Downloads

Downloads (Last 12 months)247
Downloads (Last 6 weeks)34

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Pratama Hartono ABrito AFetzer C(2024)CRISP: Confidentiality, Rollback, and Integrity Storage Protection for Confidential Cloud-Native Computing2024 IEEE 17th International Conference on Cloud Computing (CLOUD)10.1109/CLOUD62652.2024.00026(141-152)Online publication date: 7-Jul-2024
https://doi.org/10.1109/CLOUD62652.2024.00026
Chowdhuryy MJung MYao FAwad A(2023)D-Shield: Enabling Processor-side Encryption and Integrity Verification for Secure NVMe Drives2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10070924(908-921)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10070924
Khalid FMasood A(2022)Vulnerability Analysis of Qualcomm Secure Execution Environment (QSEE)Computers & Security10.1016/j.cose.2022.102628(102628)Online publication date: Jan-2022
https://doi.org/10.1016/j.cose.2022.102628
Cai WChen HWang ZZhang X(2021)Implementation and optimization of ChaCha20 stream cipher on sunway taihuLight supercomputerThe Journal of Supercomputing10.1007/s11227-021-04023-9Online publication date: 24-Aug-2021
https://doi.org/10.1007/s11227-021-04023-9
Buccafurri FDe Angelis VLazzaro S(2024)MQTT-I: Achieving End-to-End Data Flow Integrity in MQTTIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2024.3358630(1-18)Online publication date: 2024
https://doi.org/10.1109/TDSC.2024.3358630
Khani PMoeinaddini EAbnavi NShahraki A(2024)Explainable artificial intelligence for feature selection in network traffic classification: A comparative studyTransactions on Emerging Telecommunications Technologies10.1002/ett.497035:4Online publication date: 14-Apr-2024
https://doi.org/10.1002/ett.4970
Chowdhuryy MJung MYao FAwad A(2023)D-Shield: Enabling Processor-side Encryption and Integrity Verification for Secure NVMe Drives2023 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA56546.2023.10070924(908-921)Online publication date: Feb-2023
https://doi.org/10.1109/HPCA56546.2023.10070924
Benadjila RKhati LVergnaud D(2022)Secure storage—Confidentiality and authenticationComputer Science Review10.1016/j.cosrev.2022.10046544:COnline publication date: 1-May-2022
https://dl.acm.org/doi/10.1016/j.cosrev.2022.100465
Gogineni BKumar VRao GNalajala SDeepthi MPrasad C(2021)Notice of Violation of IEEE Publication Principles: FLEXCRYPT: Kernel Support for Heterogeneous Full Drive Encryption2021 5th International Conference on Electronics, Communication and Aerospace Technology (ICECA)10.1109/ICECA52323.2021.9676063(732-739)Online publication date: 2-Dec-2021
https://doi.org/10.1109/ICECA52323.2021.9676063
Liang SWang YLei LJing JZhou Q(2020)SecureESFS: Sharing Android External Storage Files in a Securer Way2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom50675.2020.00180(1339-1347)Online publication date: Dec-2020
https://doi.org/10.1109/TrustCom50675.2020.00180

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Index Terms

Recommendations