Müller T, Freiling F (2014)
Publication Language: English
Publication Type: Journal article, Original article
Publication year: 2014
Publisher: IEEE
Edited Volumes: Transactions on Dependable and Secure Computing (TDSC)
City/Town: Washington
Book Volume: 12
Pages Range: 491-503
Edition: 99
Journal Issue: 5
DOI: 10.1109/TDSC.2014.2369041
Organizations as well as private users frequently report the loss and theft of mobile devices such as laptops and smartphones. The threat of data exposure in such scenarios can be mitigated by protection mechanisms based on encryption. Full disk encryption (FDE) is an effective method to protect data against unauthorized access. FDE can generally be classified into software- and hardware-based solutions. We assess the practical security that users can expect from these FDE solutions regarding physical access threats. We assume that strong cryptography like AES cannot be broken but focus on vulnerabilities arising from practical FDE implementations. We present the results of a comprehensive and systematic comparison of the security of software- and hardware-based FDE. Thereby, we exhibit attacks on widespread FDE standards in many common scenarios and different system configurations. As a result, we show that neither software- nor hardware-based FDE provides perfect security, nor is one clearly superior to the other.
APA:
Müller, T., & Freiling, F. (2014). A Systematic Assessment of the Security of Full Disk Encryption. IEEE Transactions on Dependable and Secure Computing, 12(5), 491-503. https://doi.org/10.1109/TDSC.2014.2369041
MLA:
Müller, Tilo, and Felix Freiling. "A Systematic Assessment of the Security of Full Disk Encryption." IEEE Transactions on Dependable and Secure Computing 12.5 (2014): 491-503.
BibTeX: Download