Abstract
Nowadays, smartphones have started being used as a tool to collect and spread politically sensitive or activism information. The exposure of the possession of such sensitive data shall pose a risk in severely threatening the life safety of the device owner. Particularly, the data owner may be caught and coerced to give away the encryption keys. Under this circumstances, applying the encryption to data still fails to mitigate such risk.
Plausibly deniable encryption (PDE) promisingly helps to circumvent the coercive attack by allowing the data owner to deny the existence of certain data. In this work, we present MobiHydra, a more pragmatic PDE scheme featuring multi-level deniability on mobile devices. MobiHydra is pragmatic in that it remarkably supports hiding opportunistic data without necessarily rebooting the device. In addition, MobiHydra favorably mitigates the so-called booting-time defect, which is a whistle-blower to expose the usage of PDE in previous solutions. We implement a prototype for MobiHydra on Google Nexus S. The evaluation results demonstrate that MobiHydra introduces very low overhead compared with other PDE solutions for mobile devices.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
SXSW Schedule. Caught in the Act: Mobile Tech & Human Rights (2014), www Document: http://schedule.sxsw.com/2014/events/event_IAP21063
Windows Inc. BitLocker Drive Encryption (2014), www Document: http://windows.microsoft.com/en-us/windows7/products/features/bitlocker
Google Inc. Linux Unified Key Setup (2014), www Document: https://code.google.com/p/cryptsetup/
Google Inc. dm-crypt: Linux kernel device-mapper crypto target (2014), www Document: https://code.google.com/p/cryptsetup/wiki/DMCrypt
Canetti, R., Dwork, C., Naor, M., Ostrovsky, R.: Deniable Encryption. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 90–104. Springer, Heidelberg (1997)
FreeOTFE. FreeOTFE - Free disk encryption software for PCs and PDAs. version 5.21 (2012), Project website: http://www.freeotfe.org/
Pang, H., Lee Tan, K., Zhou, X.: StegFS: A Steganographic File System. In: 19th International Conference on Data Engineering, ICDE 2002 (2002)
Anderson, R., Needham, R., Shamir, A.: The Steganographic File System. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 73–82. Springer, Heidelberg (1998)
Skillen, A., Mannan, M.: On Implementing Deniable Storage Encryption for Mobile Devices. In: 20th Annual Symposium on Network and Distributed System Security (NDSS 2013) (2013)
Yu, X., Chen, B., Wang, Z., Chang, B., Zhu, W.T., Jing, J.: MobiHydra Technical Report (2014), www Document: http://www.chenirvine.org/publications/MobiHydra_technical_report.pdf
Kaliski, B.: PKCS 5: Password-based cryptography specification, version 2.0. RFC 2898 (informational) (2000)
Assange, J., Weinmann, R.-P., Dreyfus, S.: Rubberhose: Cryptographically Deniable Transparent Disk Encryption System (1997), Project website: http://marutukku.org
Han, J., Pan, M., Gao, D., Pang, H.: A Multi-user Steganographic File System on Untrusted Shared Storage. In: 26th Annual Computer Security Applications Conference, ACSAC 2010 (2010)
Zhou, X., Pang, H., Tan, K.-L.: Hiding Data Accesses in Steganographic File System. In: 20th International Conference on Data Engineering, ICDE 2003 (2003)
Wikipedia. Hydra (2014), www Document: http://en.wikipedia.org/wiki/Hydra
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Yu, X., Chen, B., Wang, Z., Chang, B., Zhu, W.T., Jing, J. (2014). MobiHydra: Pragmatic and Multi-level Plausibly Deniable Encryption Storage for Mobile Devices. In: Chow, S.S.M., Camenisch, J., Hui, L.C.K., Yiu, S.M. (eds) Information Security. ISC 2014. Lecture Notes in Computer Science, vol 8783. Springer, Cham. https://doi.org/10.1007/978-3-319-13257-0_36
Download citation
DOI: https://doi.org/10.1007/978-3-319-13257-0_36
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13256-3
Online ISBN: 978-3-319-13257-0
eBook Packages: Computer ScienceComputer Science (R0)