TY - GEN
T1 - DEFTL
T2 - 24th ACM SIGSAC Conference on Computer and Communications Security, CCS 2017
AU - Jia, Shijie
AU - Xia, Luning
AU - Chen, Bo
AU - Liu, Peng
N1 - Publisher Copyright:
© 2017 author(s).
PY - 2017/10/30
Y1 - 2017/10/30
N2 - Mobile devices today have been increasingly used to store and process sensitive information. To protect sensitive data, mobile operating systems usually incorporate a certain level of encryption to protect sensitive data. However, conventional encryption cannot defend against a coercive attacker who can capture the device owner, and force the owner to disclose keys used for decrypting sensitive information. To defend against such a coercive adversary, Plausibly Deniable Encryption (PDE) was introduced to allow the device owner to deny the very existence of sensitive data stored on his/her device. The existing PDE systems, built on flash storage devices, are problematic, since they either neglect the special nature of the underlying storage medium (which is usually NAND flash), or suer from deniability compromises. In this paper, we propose DEFTL, a Deniability Enabling Flash Translation Layer for devices which use-ash-based block devices as storage media. DEFTL is the first PDE design which incorporates deniability to Flash Translation Layer (FTL), a pervasively deployed "translation layer" which stays between NAND-ash and the le system in literally all the computing devices. A salient advantage of DEFTL lies in its capability of achieving deniability while being able to accommodate the special nature of NAND-ash as well as eliminate deniability compromises from it. We implement DEFTL using an open-source NAND flash controller. The experimental results show that, compared to conventional encryption which does not provide deniability, our DEFTL design only incurs a small overhead.
AB - Mobile devices today have been increasingly used to store and process sensitive information. To protect sensitive data, mobile operating systems usually incorporate a certain level of encryption to protect sensitive data. However, conventional encryption cannot defend against a coercive attacker who can capture the device owner, and force the owner to disclose keys used for decrypting sensitive information. To defend against such a coercive adversary, Plausibly Deniable Encryption (PDE) was introduced to allow the device owner to deny the very existence of sensitive data stored on his/her device. The existing PDE systems, built on flash storage devices, are problematic, since they either neglect the special nature of the underlying storage medium (which is usually NAND flash), or suer from deniability compromises. In this paper, we propose DEFTL, a Deniability Enabling Flash Translation Layer for devices which use-ash-based block devices as storage media. DEFTL is the first PDE design which incorporates deniability to Flash Translation Layer (FTL), a pervasively deployed "translation layer" which stays between NAND-ash and the le system in literally all the computing devices. A salient advantage of DEFTL lies in its capability of achieving deniability while being able to accommodate the special nature of NAND-ash as well as eliminate deniability compromises from it. We implement DEFTL using an open-source NAND flash controller. The experimental results show that, compared to conventional encryption which does not provide deniability, our DEFTL design only incurs a small overhead.
UR - http://www.scopus.com/inward/record.url?scp=85038920206&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85038920206&partnerID=8YFLogxK
U2 - 10.1145/3133956.3134011
DO - 10.1145/3133956.3134011
M3 - Conference contribution
AN - SCOPUS:85038920206
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 2217
EP - 2229
BT - CCS 2017 - Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
PB - Association for Computing Machinery
Y2 - 30 October 2017 through 3 November 2017
ER -