Results & Downloads
Paper in ‘IEEE Security and Privacy Workshops (SPW)’
SHEPHERD, Carlton, MARKANTONAKIS, Konstantinos, et JALOYAN, Georges-Axel: “LIRA-V: Lightweight remote attestation for constrained RISC-V devices”
Paper in ‘Computers & Security’
SHEPHERD, Carlton, MARKANTONAKIS, Konstantinos, VAN HEIJNINGEN, Nico, et al: “Physical fault injection and side-channel attacks on mobile devices: A comprehensive analysis”
D2.1 “Fundamental support study on Encryption and Fundamental Rights”
This deliverable is the first legal analysis of the EXFILES project. It is the result of the study of numerous national and European documents from various sources – institutional, academic, legal, technical, law enforcement, and NGO – as well as contributions from the project partners on the legal framework applicable in their country. It assesses the legal and soft-law provisions regarding fundamental rights and the use of encryption, in the context of collection of evidence from encrypted devices.
Paper in ‘Forensic Science International: Digital Investigation’
FUKAMI, Aya, STOYKOVA, Radina, et GERADTS, Zeno: A new model for forensic data extraction from encrypted mobile devices
EXFILES newsletter #1
D5.1 “Vulnerabilities analysis and attack scenarios description”
This report presents the state of the art in physical fault injection and side-channel attacks on mobile devices. It surveys over 40 research papers from which 15 attack scenarios are sourced and compared.
D3.1 “TEE security study”
This report describes mobile TEEs and their common security mechanisms. An open-source, whitebox testbed is then presented for conducting security research on TEE-equipped mobile systems.
D8.1 “Project quality plan”
The project quality plan (the project handbook) constitutes a set of project templates, explanations on the project management process, review process, quality checks, meeting organisation, which is communicated to all partners.
D7.1 “Internal and external IT communication infrastructure and project website”
The external IT communication infrastructure constitutes a guideline for communication of the EXFILES project to external target groups including conferences, marketing measures and communication channels. Furthermore, this deliverable constitutes the launch of the internal EXFILES communication infrastructure including the establishment of mailing lists, a subversion repository server and the EXFILES website.
D1.1 “State of the art in mobile forensics”
In the current smartphone market, Android and iOS are the dominant operating systems where Samsung, Huawei and Apple are the major smartphone developers, all using state-of-the-art ARM based chip technology. Traditional data acquisition methods are less effective against modern smartphones, without proper user authentication, due to strong cryptographic security mechanisms at the operating system level. Future forensic techniques need to focus on the exploitation of hardware and software vulnerabilities to escalate privileges to the level where an examiner can directly acquire decrypted user data from a running device, or extract key material that can be used to decrypt extracted user data afterwards. This results in new business models for forensic tools vendors but also raises legal issues related to network based data acquisition and responsible disclosure.