Login | Register

Deniable Storage Encryption for Mobile Devices

Title:

Deniable Storage Encryption for Mobile Devices

Skillen, Adam (2013) Deniable Storage Encryption for Mobile Devices. Masters thesis, Concordia University.

[thumbnail of Skillen_MASc_S2013.pdf]
Preview
Text (application/pdf)
Skillen_MASc_S2013.pdf - Accepted Version
Available under License Spectrum Terms of Access.
3MB
[thumbnail of Mobiflage source code]
Archive (Mobiflage source code) (application/x-gzip)
mobiflage-src.tar.gz - Supplemental Material
22kB
[thumbnail of Myphrase source code (Android)]
Archive (Myphrase source code (Android)) (application/x-gzip)
myphrase_android.tar.gz - Supplemental Material
205kB
[thumbnail of Myphrase source code (Firefox)]
Archive (Myphrase source code (Firefox)) (application/zip)
myphrase_firefox.zip - Accepted Version
624kB

Abstract

Smartphones, and other mobile computing devices, are being widely adopted globally as the de-facto personal computing platform. Given the amount of sensitive information accumulated by these devices, there are serious privacy and security implications for both personal use and enterprise deployment. Confidentiality of data-at-rest can be effectively preserved through storage encryption. All major mobile OSes now incorporate some form of storage encryption. In certain situations, this is inadequate, as users may be coerced into disclosing their decryption keys. In this case, the data must be hidden so that its very existence can be denied. Steganographic techniques and deniable encryption algorithms have been devised to address this specific problem. This dissertation explores the feasibility and efficacy of deniable storage encryption for mobile devices. A feature that allows the user to feign compliance with a coercive adversary, by decrypting plausible and innocuous decoy data, while maintaining the secrecy of their sensitive or contentious hidden data. A deniable storage encryption system, Mobiflage, was designed and implemented for the Android OS, the first such application for mobile devices. Current mobile encryption mechanisms all rely, in some way, on a user secret. Users notoriously choose weak passwords that are easily guessed/cracked. This thesis offers a new password scheme for use with storage encryption. The goal is to create passwords that are suitably strong for protection of encryption keys, easier to input on mobile devices, and build on memorability research in cognitive psychology for a better user experience than current password guidelines.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Item Type:Thesis (Masters)
Authors:Skillen, Adam
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Information Systems Security
Date:3 April 2013
ID Code:977020
Deposited By: ADAM SKILLEN
Deposited On:02 Jul 2013 14:38
Last Modified:18 Jan 2018 17:43
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top