FSPDE: A Full Stack Plausibly Deniable Encryption System for Mobile Devices

Authors

Jinghui Liao, Wayne State University
Niusen Chen, Michigan Technological UniversityFollow
Lichen Xia, University of Delaware
Bo Chen, Michigan Technological UniversityFollow
Weisong Shi, University of Delaware

Document Type

Conference Proceeding

Publication Date

6-19-2024

Department

Department of Computer Science

Abstract

In today’s digital landscape, the ubiquity of mobile devices underscores the urgent need for stringent security protocols in both data transmission and storage. Plausibly deniable encryption (PDE) stands out as a pivotal solution, particularly in jurisdictions marked by rigorous regulations or increased vulnerabilities of personal data. However, the existing PDE systems for mobile platforms have evident limitations. These include vulnerabilities to multi-snapshot attacks over RAM and flash memory, an undue dependence on non-secure operating systems, traceable PDE entry point, and a conspicuous PDE application prone to reverse engineering. To address these limitations, we have introduced FSPDE, the first Full-Stack mobile PDE system design which can mitigate PDE compromises present at both the execution and the storage layers of mobile stack as well as the cross-layer communication. Utilizing the resilient security features of ARM TrustZone and collaborating multiple storage sub-layers (block device, flash translation layer, etc.), FSPDE offers a suite of improvements. At the heart of our design, the MUTE and MIST protocols serve both as fortifications against emerging threats and as tools to mask sensitive data, including the PDE access point. A real-world prototype of FSPDE was developed using OP-TEE, a leading open-source Trusted Execution Environment, in tandem with an open-sourced NAND flash controller. Security analysis and experimental evaluations justify both the security and the practicality of our design.

Publisher's Statement

© 2024 Copyright held by the owner/author(s). Publisher’s version of record: https://doi.org/10.1145/3626232.3653262

Publication Title

CODASPY 2024 - Proceedings of the 14th ACM Conference on Data and Application Security and Privacy

ISBN

[9798400704215]

Recommended Citation

Liao, J., Chen, N., Xia, L., Chen, B., & Shi, W. (2024). FSPDE: A Full Stack Plausibly Deniable Encryption System for Mobile Devices. CODASPY 2024 - Proceedings of the 14th ACM Conference on Data and Application Security and Privacy, 265-276. http://doi.org/10.1145/3626232.3653262
Retrieved from: https://digitalcommons.mtu.edu/michigantech-p2/934

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Version

Publisher's PDF