DataLair: Efficient Block Storage with Plausible Deniability against Multi-Snapshot Adversaries

Abstract Sensitive information is present on our phones, disks, watches and computers. Its protection is essential. Plausible deniability of stored data allows individuals to deny that their device contains a piece of sensitive information. This constitutes a key tool in the fight against oppressive governments and censorship. Unfortunately, existing solutions, such as the now defunct TrueCrypt [5], can defend only against an adversary that can access a user’s device at most once (“single-snapshot adversary”). Recent solutions have traded significant performance overheads for the ability to handle more powerful adversaries able to access the device at multiple points in time (“multi-snapshot adversary”). In this paper we show that this sacrifice is not necessary. We introduce and build DataLair1, a practical plausible deniability mechanism. When compared with existing approaches, DataLair is two orders of magnitude faster for public data accesses, and 5 times faster for hidden data accesses. An important component in DataLair is a new write-only ORAM construction which improves on the complexity of the state of the art write-only ORAM by a factor of O(logN), where N denotes the underlying storage disk size.

[1]  Kian-Lee Tan,et al.  StegFS: a steganographic file system , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[2]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[3]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[4]  Lichun Li,et al.  Write-only oblivious RAM-based privacy-preserved access of outsourced data , 2016, International Journal of Information Security.

[5]  Debin Gao,et al.  A multi-user steganographic file system on untrusted shared storage , 2010, ACSAC '10.

[6]  Ling Ren,et al.  Path ORAM , 2012, J. ACM.

[7]  Guevara Noubir,et al.  Toward Robust Hidden Volumes Using Write-Only Oblivious RAM , 2014, IACR Cryptol. ePrint Arch..

[8]  Timothy Peters,et al.  DEFY: A Deniable, Encrypted File System for Log-Structured Storage , 2015, NDSS.

[9]  G. Edward Suh,et al.  Hiding Information in Flash Memory , 2013, 2013 IEEE Symposium on Security and Privacy.

[10]  Dhabaleswar K. Panda,et al.  Designing a high-performance clustered NAS: a case study with pNFS over RDMA on InfiniBand , 2008, HiPC'08.

[11]  Elaine Shi,et al.  PHANTOM: practical oblivious computation in a secure processor , 2013, CCS.

[12]  Radu Sion,et al.  POSTER: DataLair: A Storage Block Device with Plausible Deniability , 2016, CCS.

[13]  Adi Shamir,et al.  The Steganographic File System , 1998, Information Hiding.

[14]  Elaine Shi,et al.  Oblivious RAM with O((logN)3) Worst-Case Cost , 2011, ASIACRYPT.

[15]  Markus G. Kuhn,et al.  StegFS: A Steganographic File System for Linux , 1999, Information Hiding.

[16]  Bruce Schneier,et al.  Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications , 2008, HotSec.

[17]  Mohammad Mannan,et al.  Transactions on Dependable and Secure Computing Mobiflage: Deniable Storage Encryption for Mobile Devices , 2022 .