INFUSE: Invisible plausibly-deniable file system for NAND flash

Abstract Protecting sensitive data stored on local storage devices e.g., laptops, tablets etc. is essential for privacy. When adversaries are powerful enough to coerce users to reveal encryption keys/passwords, encryption alone becomes insufficient for data protection. Additional mechanisms are required to hide the very presence of sensitive data. Plausibly deniable storage systems (PDS) are designed to defend against such powerful adversaries. Plausible deniability allows a user to deny the existence of certain stored data even when an adversary has access to the storage medium. However, existing plausible deniability solutions leave users at the mercy of adversaries suspicious of their very use. Indeed, it may be difficult to justify the use of a plausible deniability system while claiming that no sensitive data is being hidden. This work introduces INFUSE, a plausibly-deniable file system that hides not only contents but also the evidence that a particular system is being used to hide data. INFUSE is “invisible” (identical layout with standard file system), provides redundancy, handles overwrites, survives data loss, and is secure in the presence of multi-snapshot adversaries. INFUSE is efficient. Public data operations are orders of magnitude faster than existing multi-snapshot resilient PD systems, and only 15% slower than a standard non-PD baseline, and hidden data operations perform comparably to existing systems.

[1]  Kian-Lee Tan,et al.  StegFS: a steganographic file system , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[2]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[3]  Radu Sion,et al.  DataLair: Efficient Block Storage with Plausible Deniability against Multi-Snapshot Adversaries , 2017, Proc. Priv. Enhancing Technol..

[4]  Markus G. Kuhn,et al.  StegFS: A Steganographic File System for Linux , 1999, Information Hiding.

[5]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[6]  Debin Gao,et al.  A multi-user steganographic file system on untrusted shared storage , 2010, ACSAC '10.

[7]  Sungjin Lee,et al.  FlexFS: A Flexible Flash File System for MLC NAND Flash Memory , 2009, USENIX Annual Technical Conference.

[8]  Donald Beaver,et al.  Plug and Play Encryption , 1997, CRYPTO.

[9]  Guevara Noubir,et al.  Toward Robust Hidden Volumes Using Write-Only Oblivious RAM , 2014, IACR Cryptol. ePrint Arch..

[10]  Timothy Peters,et al.  DEFY: A Deniable, Encrypted File System for Log-Structured Storage , 2015, NDSS.

[11]  Radu Sion,et al.  PD-DM: An efficient locality-preserving block device mapper with plausible deniability , 2019, Proc. Priv. Enhancing Technol..

[12]  Adi Shamir,et al.  The Steganographic File System , 1998, Information Hiding.

[13]  Jehoshua Bruck,et al.  Stash in a Flash , 2018, FAST.

[14]  Mohammad Mannan,et al.  On Implementing Deniable Storage Encryption for Mobile Devices , 2013, NDSS.

[15]  G. Edward Suh,et al.  Flash Memory for Ubiquitous Hardware Security Functions: True Random Number Generation and Device Fingerprints , 2012, 2012 IEEE Symposium on Security and Privacy.