1. bookVolume 2022 (2022): Edizione 2 (April 2022)
Dettagli della rivista
License
Formato
Rivista
eISSN
2299-0984
Prima pubblicazione
16 Apr 2015
Frequenza di pubblicazione
4 volte all'anno
Lingue
Inglese
access type Accesso libero

SoK: Plausibly Deniable Storage

Pubblicato online: 03 Mar 2022
Volume & Edizione: Volume 2022 (2022) - Edizione 2 (April 2022)
Pagine: 132 - 151
Ricevuto: 31 Aug 2021
Accettato: 16 Dec 2021
Dettagli della rivista
License
Formato
Rivista
eISSN
2299-0984
Prima pubblicazione
16 Apr 2015
Frequenza di pubblicazione
4 volte all'anno
Lingue
Inglese
Abstract

Data privacy is critical in instilling trust and empowering the societal pacts of modern technology-driven democracies. Unfortunately it is under continuous attack by overreaching or outright oppressive governments, including some of the world’s oldest democracies. Increasingly-intrusive anti-encryption laws severely limit the ability of standard encryption to protect privacy. New defense mechanisms are needed.

Plausible deniability (PD) is a powerful property, enabling users to hide the existence of sensitive information in a system under direct inspection by adversaries. Popular encrypted storage systems such as TrueCrypt and other research efforts have attempted to also provide plausible deniability. Unfortunately, these efforts have often operated under less well-defined assumptions and adversarial models. Careful analyses often uncover not only high overheads but also outright security compromise. Further, our understanding of adversaries, the underlying storage technologies, as well as the available plausible deniable solutions have evolved dramatically in the past two decades. The main goal of this work is to systematize this knowledge. It aims to: (1) identify key PD properties, requirements and approaches; (2) present a direly-needed unified framework for evaluating security and performance; (3) explore the challenges arising from the critical interplay between PD and modern system layered stacks; (4) propose a new “trace-oriented” PD paradigm, able to decouple security guarantees from the underlying systems and thus ensure a higher level of flexibility and security independent of the technology stack.

This work is meant also as a trusted guide for system and security practitioners around the major challenges in understanding, designing and implementing plausible deniability into new or existing systems.

Keywords

[1] A robust flash file system since 2002. “https://yaffs.net/”. Search in Google Scholar

[2] TrueCrypt. “http://truecrypt.sourceforge.net/”. Search in Google Scholar

[3] Ross Anderson, Roger Needham, and Adi Shamir. The steganographic file system. In Information Hiding, pages 73–82. Springer, 1998.10.1007/3-540-49380-8_6 Search in Google Scholar

[4] Erik-Oliver Blass, Travis Mayberry, Guevara Noubir, and Kaan Onarlioglu. Toward robust hidden volumes using write-only oblivious ram. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 203–214. ACM, 2014. Search in Google Scholar

[5] Elette Boyle and Moni Naor. Is there an oblivious ram lower bound? In Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science, pages 357–368, 2016.10.1145/2840728.2840761 Search in Google Scholar

[6] Ran Canetti, Sunoo Park, and Oxana Poburinnaya. Fully deniable interactive encryption. In Daniele Micciancio and Thomas Ristenpart, editors, Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17-21, 2020, Proceedings, Part I, volume 12170 of Lecture Notes in Computer Science, pages 807–835. Springer, 2020.10.1007/978-3-030-56784-2_27 Search in Google Scholar

[7] Rein Canetti, Cynthia Dwork, Moni Naor, and Rafail Ostrovsky. Deniable encryption. In Advances in Cryptology – CRYPTO’97, pages 90–104. Springer, 1997.10.1007/BFb0052229 Search in Google Scholar

[8] Anrin Chakraborti, Adam J. Aviv, Seung Geol Choi, Travis Mayberry, Daniel S. Roche, and Radu Sion. roram: Efficient range ORAM with o(log2 N) locality. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019. The Internet Society, 2019.10.14722/ndss.2019.23320 Search in Google Scholar

[9] Anrin Chakraborti, Chen Chen, and Radu Sion. Datalair: Efficient block storage with plausible deniability against multisnapshot adversaries. Proceedings on Privacy Enhancing Technologies, 2017(3):179–197, 2017. Search in Google Scholar

[10] Anrin Chakraborti and Radu Sion. Concuroram: Highthroughput stateless parallel multi-client ORAM. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019. The Internet Society, 2019.10.14722/ndss.2019.23411 Search in Google Scholar

[11] Anrin Chakraborti and Radu Sion. Sqoram: Read-optimized sequential write-only oblivious RAM. Proc. Priv. Enhancing Technol., 2020(1):216–234, 2020. Search in Google Scholar

[12] Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang. Mobipluto: File system friendly deniable storage for mobile devices. In Proceedings of the 31st Annual Computer Security Applications Conference, ACSAC 2015, page 381–390, New York, NY, USA, 2015. Association for Computing Machinery.10.1145/2818000.2818046 Search in Google Scholar

[13] Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen-Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching. MobiCeal: Towards secure and practical plausibly deniable encryption on mobile devices. In 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pages 454–465. IEEE, 2018.10.1109/DSN.2018.00054 Search in Google Scholar

[14] Chen Chen, Anrin Chakraborti, and Radu Sion. Pd-dm: An efficient locality-preserving block device mapper with plausible deniability. Proceedings on Privacy Enhancing Technologies, 2019(1), 2019.10.2478/popets-2019-0009 Search in Google Scholar

[15] Chen Chen, Anrin Chakraborti, and Radu Sion. Infuse: Invisible plausibly-deniable file system for nand flash. Proceedings on Privacy Enhancing Technologies, 4:239–254, 2020. Search in Google Scholar

[16] Chen Chen, Anrin Chakraborti, and Radu Sion. PEARL: Plausibly deniable flash translation layer using WOM coding. In 30th USENIX Security Symposium (USENIX Security 21), Vancouver, B.C., August 2021. USENIX Association. Search in Google Scholar

[17] Alexei Czeskis, David J. St. Hilaire, Karl Koscher, Steven D. Gribble, Tadayoshi Kohno, and Bruce Schneier. Defeating encrypted and deniable file systems: Truecrypt v5.1a and the case of the tattling os and applications. In Proceedings of the 3rd Conference on Hot Topics in Security, HOTSEC’08, pages 7:1–7:7, Berkeley, CA, USA, 2008. USENIX Association. Search in Google Scholar

[18] Fred Douglis and John Ousterhout. Log-structured file systems. In COMPCON Spring’89. Thirty-Fourth IEEE Computer Society International Conference: Intellectual Leverage, Digest of Papers., pages 124–129. IEEE, 1989. Search in Google Scholar

[19] Philippe Godlewski. Wom-codes construits à partir des codes de hamming. Discrete mathematics, 65(3):237–243, 1987.10.1016/0012-365X(87)90055-0 Search in Google Scholar

[20] Oded Goldreich and Rafail Ostrovsky. Software protection and simulation on oblivious rams. Journal of the ACM (JACM), 43(3):431–473, 1996.10.1145/233551.233553 Search in Google Scholar

[21] Ian Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, and Yoshua Bengio. Generative adversarial nets. Advances in neural information processing systems, 27, 2014. Search in Google Scholar

[22] Pavel Hubácek, Michal Kouckỳ, Karel Král, and Veronika Slívová. Stronger lower bounds for online oram. In Theory of Cryptography Conference, pages 264–284. Springer, 2019.10.1007/978-3-030-36033-7_10 Search in Google Scholar

[23] R. P. Weinmann J. Assange and S. Dreyfus. Rubber-hose: cryptographically deniable transparent disk encryption system. “http://marutukku.org”. Search in Google Scholar

[24] Shijie Jia, Luning Xia, Bo Chen, and Peng Liu. Deftl: Implementing plausibly deniable encryption in flash translation layer. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 2217–2229. ACM, 2017. Search in Google Scholar

[25] Gabriela Kennedy. Encryption policies: Codemakers, codebreakers and rulemakers: Dilemmas in current encryption policies. Computer Law & Security Review, 16(4):240–247, 2000. Search in Google Scholar

[26] Diederik P Kingma and Max Welling. Auto-encoding variational bayes. arXiv preprint arXiv:1312.6114, 2013. Search in Google Scholar

[27] Kasper Green Larsen and Jesper Buus Nielsen. Yes, there is an oblivious ram lower bound! In Annual International Cryptology Conference, pages 523–542. Springer, 2018.10.1007/978-3-319-96881-0_18 Search in Google Scholar

[28] Sungjin Lee, Keonsoo Ha, Kangwon Zhang, Jihong Kim, and Junghwan Kim. Flexfs: A flexible flash file system for mlc nand flash memory. In USENIX Annual Technical Conference, pages 1–14, 2009. Search in Google Scholar

[29] Lichun Li and Anwitaman Datta. Write-only oblivious ram-based privacy-preserved access of outsourced data. International Journal of Information Security, 16(1):23–42, 2017.10.1007/s10207-016-0329-x Search in Google Scholar

[30] Andrew D McDonald and Markus G Kuhn. StegFS: A steganographic file system for Linux. In Information Hiding, pages 463–477. Springer, 1999.10.1007/10719724_32 Search in Google Scholar

[31] J. Mull. How a syrian refugee risked his life to bear witness to atrocities. toronto Star Online, posted 14-March-2012, 2012. Search in Google Scholar

[32] Adam O’Neill, Chris Peikert, and Brent Waters. Bi-deniable public-key encryption. In Annual Cryptology Conference, pages 525–542. Springer, 2011.10.1007/978-3-642-22792-9_30 Search in Google Scholar

[33] HweeHwa Pang, Kian-Lee Tan, and Xuan Zhou. Stegfs: A steganographic file system. In Data Engineering, 2003. Proceedings. 19th International Conference on, pages 657–667. IEEE, 2003. Search in Google Scholar

[34] Timothy Peters, Mark Gondree, and Zachary N. J. Peterson. DEFY: A deniable, encrypted file system for log-structured storage. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8-11, 2014, 2015.10.14722/ndss.2015.23078 Search in Google Scholar

[35] Fabien AP Petitcolas, Ross J Anderson, and Markus G Kuhn. Information hiding-a survey. Proceedings of the IEEE, 87(7):1062–1078, 1999.10.1109/5.771065 Search in Google Scholar

[36] Denver Post. Password case reframes fifth amendment rights in context of digital world. “http://www.denverpost.com/news/ci_19669803”. Search in Google Scholar

[37] The Register. Youth jailed for not handing over encryption password. 2010. Search in Google Scholar

[38] Ronald L Rivest and Adi Shamir. How to reuse a “write-once memory”. Information and control, 55(1-3):1–19, 1982.10.1016/S0019-9958(82)90344-8 Search in Google Scholar

[39] Daniel S Roche, Adam Aviv, Seung Geol Choi, and Travis Mayberry. Deterministic, stash-free write-only oram. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 507–521, 2017.10.1145/3133956.3134051 Search in Google Scholar

[40] Amir Shpilka. New constructions of wom codes using the wozencraft ensemble. IEEE Transactions on Information Theory, 59(7):4520–4529, 2013.10.1109/TIT.2013.2251455 Search in Google Scholar

[41] Adam Skillen and Mohammad Mannan. Mobiflage: Deniable storage encryption for mobile devices. IEEE Transactions on Dependable and Secure Computing, 11(3):224–237, 2013. Search in Google Scholar

[42] Adam Skillen and Mohammad Mannan. On implementing deniable storage encryption for mobile devices. 2013. Search in Google Scholar

[43] Toronto Star. How a syrian refugee risked his life to bear witness to atrocities. 2012. Search in Google Scholar

[44] Emil Stefanov, Elaine Shi, and Dawn Song. Towards practical oblivious ram. arXiv preprint arXiv:1106.3652, 2011. Search in Google Scholar

[45] Emil Stefanov, Marten Van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. Path oram: an extremely simple oblivious ram protocol. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 299–310. ACM, 2013.10.1145/2508859.2516660 Search in Google Scholar

[46] M Weaver. Developer tortured by raiders with crowbars. 31 October 97. Search in Google Scholar

[47] Mor Weiss and Daniel Wichs. Is there an oblivious ram lower bound for online reads? In Theory of Cryptography Conference, pages 603–635. Springer, 2018.10.1007/978-3-030-03810-6_22 Search in Google Scholar

[48] WhisperSystems. Github: Whispersystems/whisperyaffs: Wiki, 2012. “https://github.com/WhisperSystems/WhisperYAFFS/wiki”. Search in Google Scholar

[49] Wikipedia. Key disclosure law. “http://en.wikipedia.org/wiki/Key_disclosure_law”. Search in Google Scholar

[50] Eitan Yaakobi, Scott Kayser, Paul H Siegel, Alexander Vardy, and Jack Keil Wolf. Codes for write-once memories. IEEE Transactions on Information Theory, 58(9):5985–5999, 2012.10.1109/TIT.2012.2200291 Search in Google Scholar

[51] Aviad Zuck, Udi Shriki, Donald E Porter, and Dan Tsafrir. Preserving hidden data with an ever-changing disk. In Proceedings of the 16th Workshop on Hot Topics in Operating Systems, pages 50–55, 2017.10.1145/3102980.3102989 Search in Google Scholar

Articoli consigliati da Trend MD

Pianifica la tua conferenza remota con Sciendo