INFUSE: Invisible plausibly-deniable file system for NAND flash

Chen Chen 1 , Anrin Chakraborti 2 ,  und Radu Sion 3
  • 1 Stony Brook University,
  • 2 Stony Brook University,
  • 3 Stony Brook University,

Abstract

Protecting sensitive data stored on local storage devices e.g., laptops, tablets etc. is essential for privacy. When adversaries are powerful enough to coerce users to reveal encryption keys/passwords, encryption alone becomes insufficient for data protection. Additional mechanisms are required to hide the very presence of sensitive data.

Plausibly deniable storage systems (PDS) are designed to defend against such powerful adversaries. Plausible deniability allows a user to deny the existence of certain stored data even when an adversary has access to the storage medium. However, existing plausible deniability solutions leave users at the mercy of adversaries suspicious of their very use. Indeed, it may be difficult to justify the use of a plausible deniability system while claiming that no sensitive data is being hidden.

This work introduces INFUSE, a plausibly-deniable file system that hides not only contents but also the evidence that a particular system is being used to hide data. INFUSE is “invisible” (identical layout with standard file system), provides redundancy, handles overwrites, survives data loss, and is secure in the presence of multi-snapshot adversaries. INFUSE is efficient. Public data operations are orders of magnitude faster than existing multi-snapshot resilient PD systems, and only 15% slower than a standard non-PD baseline, and hidden data operations perform comparably to existing systems.

Falls das inline PDF nicht korrekt dargestellt ist, können Sie das PDF hier herunterladen.

  • [1] Defy implementation. “https://bitbucket.org/solstice/defy/ “.

  • [2] Filebench. “https://github.com/filebench”.

  • [3] Flash filesystem benchmarks 3.1. “http://elinux.org/Flash_Filesystem_Benchmarks_3.1”.

  • [4] Memory technology devices. “http://www.linux-mtd.infradead.org/index.html”.

  • [5] Missing thumb drive contains information about portland jetport employees, pilots. “https://www.pressherald.com/2016/06/21/missing-thumb-drive-contains-informationabout-portland-jetport-employees-pilots/”.

  • [6] Nasa breach update: Stolen laptop had data on 10,000 users. “https://www.computerworld.com/article/2493084/nasa-breach-update--stolen-laptop-had-data-on-10-000-users.html”.

  • [7] A robust flash file system since 2002. “https://yaffs.net/”.

  • [8] TrueCrypt. “http://truecrypt.sourceforge.net/”.

  • [9] Youth jailed for not handing over encryption password. “https://www.theregister.co.uk/2010/10/06/jail_password_ripa/”.

  • [10] R. Anderson, R. Needham, and A. Shamir. The steganographic file system. In Information Hiding, pages 73–82. Springer, 1998.

  • [11] D. Beaver. Plug and play encryption. In Advances in Cryptology – CRYPTO’97, pages 75–89. springer.

  • [12] E.-O. Blass, T. Mayberry, G. Noubir, and K. Onarlioglu. Toward robust hidden volumes using write-only oblivious ram. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 203–214. ACM, 2014.

  • [13] R. Canetti, C. Dwork, M. Naor, and R. Ostrovsky. Deniable encryption. In Advances in Cryptology – CRYPTO’97, pages 90–104. Springer, 1997.

  • [14] A. Chakraborti, C. Chen, and R. Sion. Datalair: Efficient block storage with plausible deniability against multisnapshot adversaries. Proceedings on Privacy Enhancing Technologies, 2017(3):179–197, 2017.

  • [15] C. Chen, A. Chakraborti, and R. Sion. Pd-dm: An efficient locality-preserving block device mapper with plausible deniability. Proceedings on Privacy Enhancing Technologies, 2019(1), 2019.

  • [16] M. J. Dworkin. Sp 800-38d. recommendation for block cipher modes of operation: Galois/counter mode (gcm) and gmac. 2007.

  • [17] J. Han, M. Pan, D. Gao, and H. Pang. A multi-user steganographic file system on untrusted shared storage. In Proceedings of the 26th Annual Computer Security Applications Conference, pages 317–326. ACM, 2010.

  • [18] R. P. W. J. Assange and S. Dreyfus. Rubberhose: cryptographically deniable transparent disk encryption system. “http://marutukku.org”.

  • [19] S. Lee, K. Ha, K. Zhang, J. Kim, and J. Kim. Flexfs: A flexible flash file system for mlc nand flash memory. In USENIX Annual Technical Conference, pages 1–14, 2009.

  • [20] A. D. McDonald and M. G. Kuhn. Stegfs: A steganographic file system for linux. In Information Hiding, pages 463–477. Springer, 1999.

  • [21] J. Mull. How a syrian refugee risked his life to bear witness to atrocities. toronto Star Online, posted 14-March-2012, 2012. “http://www.thestar.com/news/world/2012/03/14/how_a_syrian_refugee_risked_his_life_to_bear_witness_to_atrocities.html”.

  • [22] H. Pang, K.-L. Tan, and X. Zhou. Stegfs: A steganographic file system. In Data Engineering, 2003. Proceedings. 19th International Conference on, pages 657–667. IEEE, 2003.

  • [23] T. Peters, M. Gondree, and Z. N. J. Peterson. DEFY: A deniable, encrypted file system for log-structured storage. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8-11, 2014, 2015.

  • [24] A. Skillen and M. Mannan. On implementing deniable storage encryption for mobile devices. 2013.

  • [25] Y. Wang, W.-k. Yu, S. Wu, G. Malysa, G. E. Suh, and E. C. Kan. Flash memory for ubiquitous hardware security functions: True random number generation and device fingerprints. In Security and Privacy (SP), 2012 IEEE Symposium on, pages 33–47. IEEE, 2012.

  • [26] A. Zuck, Y. Li, J. Bruck, D. E. Porter, and D. Tsafrir. Stash in a flash. 2018.

OPEN ACCESS

Zeitschrift + Hefte

Suche