Login | Register

On Implementing Deniable Storage Encryption for Mobile Devices


On Implementing Deniable Storage Encryption for Mobile Devices

Skillen, Adam and Mannan, Mohammad (2013) On Implementing Deniable Storage Encryption for Mobile Devices. In: 20th Annual Network & Distributed System Security Symposium, 24-27 February 2013, San Diego, CA United States.

[thumbnail of Mobiflage NDSS'13]
Text (Mobiflage NDSS'13) (application/pdf)
Mobiflage-NDSS13.pdf - Published Version
Available under License Spectrum Terms of Access.

Official URL: http://www.internetsociety.org/events/ndss-symposi...


Data confidentiality can be effectively preserved through encryption. In certain situations, this is inadequate, as users may be coerced into disclosing their decryption keys. In this case, the data must be hidden so that its very existence can be denied. Steganographic techniques and deniable encryption algorithms have been devised to address this specific problem. Given the recent proliferation of smartphones and tablets, we examine the feasibility and efficacy of deniable storage encryption for mobile devices. We evaluate existing, and discover new, challenges that can compromise plausibly deniable encryption (PDE) in a mobile environment. To address these obstacles, we design a system called Mobiflage that enables PDE on mobile devices by hiding encrypted volumes within random data on a device’s external storage. We leverage lessons learned from known issues in deniable encryption in the desktop environment, and design new countermeasures for threats specific to mobile systems. Key features of Mobiflage include: deniable file systems with limited impact on throughput; efficient storage use with no data expansion; and restriction/prevention of known sources of leakage and disclosure. We provide a proof-of-concept implementation for the Android OS to assess the feasibility and performance of Mobiflage. We also compile a list of best practices users should follow to restrict other known forms of leakage and collusion that may compromise deniability.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Item Type:Conference or Workshop Item (Paper)
Authors:Skillen, Adam and Mannan, Mohammad
Date:25 February 2013
Keywords:Mobile Device, Security, Deniable Encryption
ID Code:975074
Deposited By: ADAM SKILLEN
Deposited On:08 Jan 2013 14:28
Last Modified:18 Jan 2018 17:39
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top