Sensitive information is present on our phones, disks, watches and computers. Its protection is essential. Plausible deniability of stored data allows individuals to deny that their device contains a piece of sensitive information. This constitutes a key tool in the fight against oppressive governments and censorship. Unfortunately, existing solutions, such as the now defunct TrueCrypt [2], can defend only against an adversary that can access a user's device at most once ("single-snapshot adversary"). Recent solutions have traded significant performance overheads for the ability to handle more powerful adversaries able to access the device at multiple points in time ("multi-snapshot adversary"). In this paper we show that this sacrifice is not necessary. We introduce and build DataLair, a practical plausible deniability mechanism. When compared with existing approaches, DataLair is two orders of magnitude faster (and as efficient as the underlying raw storage) for public data accesses, and 3-5 times faster for hidden data accesses. An important component in DataLair is a new, efficient write-only ORAM construction, which provides an improved access complexity when compared to the state-of-the-art.
[1]
Bruce Schneier,et al.
Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications
,
2008,
HotSec.
[2]
Guevara Noubir,et al.
Toward Robust Hidden Volumes Using Write-Only Oblivious RAM
,
2014,
IACR Cryptol. ePrint Arch..
[3]
Lichun Li,et al.
Write-only oblivious RAM-based privacy-preserved access of outsourced data
,
2016,
International Journal of Information Security.
[4]
Timothy Peters,et al.
DEFY: A Deniable, Encrypted File System for Log-Structured Storage
,
2015,
NDSS.
[5]
Elaine Shi,et al.
Oblivious RAM with O((logN)3) Worst-Case Cost
,
2011,
ASIACRYPT.
[6]
Markus G. Kuhn,et al.
StegFS: A Steganographic File System for Linux
,
1999,
Information Hiding.