MDEFTL: Incorporating Multi-Snapshot Plausible Deniability into Flash Translation Layer

Shijie Jia, Qionglu Zhang, Luning Xia, Jiwu Jing, Peng Liu

Research output: Contribution to journalArticlepeer-review

1 Scopus citations


Conventional encryption solutions cannot defend against a coercive attacker who can capture the device owner, and force the owner to disclose keys used for decrypting sensitive data. To defend against such a coercive adversary, Plausibly Deniable Encryption (PDE) was introduced to allow the device owner to deny the very existence of sensitive data. The existing PDE systems built for computing devices equipped with flash storage media, are problematic, since they cannot defend against multi-snapshot adversaries, who may have access to the storage medium of a user's device at different points of time. In this article, we propose MDEFTL, a secure multi-snapshot PDE system for mobile devices which incorporates plausible deniability into Flash Translation Layer (FTL). MDEFTL is the first practical design which integrates multi-snapshot PDE into FTL, a pervasively deployed layer in literally all the current mobile devices. A salient advantage of MDEFTL lies in its capability of achieving multi-snapshot plausible deniability while being able to accommodate the special nature of NAND flash as well as eliminate deniability compromises from it. We implemented MDEFTL using an open-source NAND flash controller. The experimental results show that, compared to conventional encryption which does not provide deniability, our MDEFTL only incurs a small overhead.

Original languageEnglish (US)
Pages (from-to)3494-3507
Number of pages14
JournalIEEE Transactions on Dependable and Secure Computing
Issue number5
StatePublished - 2022

All Science Journal Classification (ASJC) codes

  • General Computer Science
  • Electrical and Electronic Engineering


Dive into the research topics of 'MDEFTL: Incorporating Multi-Snapshot Plausible Deniability into Flash Translation Layer'. Together they form a unique fingerprint.

Cite this