Mobile devices are prevalently used to process sensitive data, but traditional encryption may not work when an adversary is able to coerce the device owners to disclose the encryption keys. Plausibly Deniable Encryption (PDE) is thus designed to protect sensitive data against this powerful adversary. In this paper, we present MobiPluto, a user-friendly PDE scheme for denying the existence of sensitive data stored on mobile devices. A salient difference between MobiPluto and the existing PDE systems is that any block-based file systems can be deployed on top of it. To further improve usability and deniability of MobiPluto, we introduce a fast switching mechanism and incorporate the widely-used Near Field Communication (NFC) technology. Users can securely switch from the public mode to the hidden mode within 10 seconds, which is a significant improvement compared to previous solutions. Users can also store strong passwords on NFC cards and tap them to enter the system, which significantly liberates them from the burden of memorizing and typing strong passwords. Most importantly, the users can deny the existence of the hidden data without the skill to camouflage as long as the NFC cards are used properly.
Plausibly deniable encryption, Mobile security, Near field communication, Thin provisioning, Coercive attack
Digital Communications and Networking | Information Security
Computers and Security
CHANG, Bing; CHENG, Yao; CHEN, Bo; ZHANG, Fengwei; ZHU, Wen-Tao; LIU, Yanju; and WANG, Zhan.
User-friendly deniable storage for mobile devices. (2018). Computers and Security. 72, 163-174. Research Collection School Of Information Systems.
Available at: https://ink.library.smu.edu.sg/sis_research/3843
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.