TY - JOUR
T1 - A secure data deletion scheme for IoT devices through key derivation encryption and data analysis
AU - Xiong, Jinbo
AU - Chen, Lei
AU - Bhuiyan, Md Zakirul Alam
AU - Cao, Chunjie
AU - Wang, Minshen
AU - Luo, Entao
AU - Liu, Ximeng
N1 - Publisher Copyright:
© 2019 Elsevier B.V.
PY - 2020/10
Y1 - 2020/10
N2 - With the widespread adoption of mobile devices in various IoT services, an increasing amount of personal sensitive data are stored in IoT devices using flash memory as storage medium. Personal sensitive data are subject to privacy leakage due to unauthorized access, accidentally loss or resale of IoT devices. To tackle this challenge, in this paper, we present a novel key derivation encryption (KDE) algorithm, which is then used to construct a secure data deletion (SDDK) scheme for IoT devices. Initially, we design a nodal key tree based on flash memory's hierarchical structure, and present a KDE algorithm to generate data key for encrypting user's sensitive data and simplify key management. Meanwhile, based on KDE, we propose an SDDK scheme by combining partial block erasure with key deletion to remove both the ciphertext and the key components after data expiration, thereby implementing secure data deletion on IoT devices. Furthermore, we formally describe the process of SDDK using a mathematical analysis model, and give an optimal solution to reduce the page transfer overhead by employing implicit enumeration analysis algorithm. Finally, security analysis shows that the KDE algorithm is provably secure and the SDDK scheme implements data privacy protection and secure deletion of invalid data. Performance analysis and experimental results indicate that the SDDK scheme is effective and efficient.
AB - With the widespread adoption of mobile devices in various IoT services, an increasing amount of personal sensitive data are stored in IoT devices using flash memory as storage medium. Personal sensitive data are subject to privacy leakage due to unauthorized access, accidentally loss or resale of IoT devices. To tackle this challenge, in this paper, we present a novel key derivation encryption (KDE) algorithm, which is then used to construct a secure data deletion (SDDK) scheme for IoT devices. Initially, we design a nodal key tree based on flash memory's hierarchical structure, and present a KDE algorithm to generate data key for encrypting user's sensitive data and simplify key management. Meanwhile, based on KDE, we propose an SDDK scheme by combining partial block erasure with key deletion to remove both the ciphertext and the key components after data expiration, thereby implementing secure data deletion on IoT devices. Furthermore, we formally describe the process of SDDK using a mathematical analysis model, and give an optimal solution to reduce the page transfer overhead by employing implicit enumeration analysis algorithm. Finally, security analysis shows that the KDE algorithm is provably secure and the SDDK scheme implements data privacy protection and secure deletion of invalid data. Performance analysis and experimental results indicate that the SDDK scheme is effective and efficient.
KW - Block erasure
KW - IoT devices
KW - Key derivation
KW - Privacy protection
KW - Secure deletion
UR - http://www.scopus.com/inward/record.url?scp=85075537894&partnerID=8YFLogxK
U2 - 10.1016/j.future.2019.10.017
DO - 10.1016/j.future.2019.10.017
M3 - Article
AN - SCOPUS:85075537894
SN - 0167-739X
VL - 111
SP - 741
EP - 753
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
ER -