mobiflage deniable encryption for mobile devices
TRANSCRIPT
![Page 1: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/1.jpg)
![Page 2: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/2.jpg)
Structure of Presentation
MotivationOverviewIntroductionImplementation compromisesLimitationsConclusion
Structure of Presentation
![Page 3: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/3.jpg)
3
Motivation
![Page 4: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/4.jpg)
4
Overview
Syrian refugee risked his life to smuggle his phone’s micro SD card, containing evidence of atrocities, across international borders by stitching the card beneath his skin.
http://www.thestar.com/news/world/article/1145824
![Page 5: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/5.jpg)
5
What is plausible deniable encryption (pde)?& Why do We need it??
Deniable encryption algorithms have been devised to hide the very existence of encrypted data.
![Page 6: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/6.jpg)
6
File based encryption
Selected individual files are encrypted with unique keys
Keys are wiped from RAM when device is screen locked
BlackBerry and Apple iOS
System/Full Disk Encryption (FDE)
Block ciphers act on individual disk sectors Files only exist in a decrypted state while they are in RAM Pre-boot authenticator to unlock/mount disk Key stays in RAM while screen locked (for background IO) Google Android and Microsoft Windows Phone
Background on mobile storage encryption
![Page 7: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/7.jpg)
7
Plausible deniable encryption (PDE)
Level of protection beyond semantic security
Tools such as TrueCrypt provide PDE for desktop/laptop PCs
Different reasonable plaintexts may be output from a given ciphertext, when decrypted under different decoy keys.
PDE is arguably more important for mobile devices
Background on mobile storage encryption
![Page 8: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/8.jpg)
8
Mobiflage is a steganographic (data hiding) technique.
Mobiflage enables PDE on mobile devices by hiding encrypted volumes within random data in a device's free storage space.
Mobiflage scheme was designed and implemented for the Android OS.
Counter measures for threats specific to mobile systems and known attacks against desktop PDE implementations are incorporated into the design
Mobiflage
![Page 9: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/9.jpg)
9
Android 4.x has two partitions that store data. Ext4 Internal partition Store userdata (Apps ,Settings etc..) Meta data located anywhere on the disk FAT32
External partition. Stores documents, downloads, photos, etc. All meta-data at beginning of volume
File-system Support
![Page 10: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/10.jpg)
10
Implementation
We implement mobiflage by hiding data in the external storage of the device
![Page 11: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/11.jpg)
11
User boots into a given mode based on the supplied passwordStandard Mode Encryption without deniability For day-to-day use of mobile device Mounts outer volumes PDE Mode Encryption with deniability Used only when the user needs to gather/store hidden data Mounts hidden volume
Apps and data in each mode are independent ,essentially two isolated installations are present
Mobiflage Modes
![Page 12: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/12.jpg)
12
![Page 13: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/13.jpg)
13
![Page 14: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/14.jpg)
14
![Page 15: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/15.jpg)
15
H - hash function vlen -number of 512-byte sectors on the storage device pwd - true password salt -random value for Hash function The generated off set is greater than one half and less than three quarters of the disk
![Page 16: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/16.jpg)
16
Leakage from File-system
Leakage from software
Password guessing
Storage snapshots
Sources of compromise addressed by Mobiflage
![Page 17: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/17.jpg)
17
Mismatch between device logs and carrier/web service logs
Some defenses include: Disable cell antenna Use anonymous SIM Use public WiFi Use pseudonymous accounts
Collusion with carriers
![Page 18: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/18.jpg)
18
Currently requires removable SD card or internal FAT32 partition
User cannot choose size of hidden volumes
Only 50% of SD card can be used safely
Currently, we support only one hidden volume offset
No clean solution to transfer data between modes
Limitations
![Page 19: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/19.jpg)
19
Mobiflage hides encrypted volumes in external storage incurring a tolerable impact on performance
Requires conscientious users to maintain deniability
Mobiflage will be more useful to regular users and human rights activists
Conclusion
![Page 20: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/20.jpg)
20
[1] International Journal of Emerging Technology and Innovative Engineering Volume I, Issue 4, April 2015
[2] Mobiflage: Deniable Storage Encryption for Mobile Devices by Adam Skillen and Mohammad Mannan[IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTINGVOL. 11, NO. 3, MAY-JUNE
2014]
[3] Deniable Storage Encryption for Mobile Devices by Adam Skillen [A Thesis in the Concordia Institute for Information Systems Engineering April 2013] [4] On Implementing Deniable Storage Encryption for Mobile Devices by Adam Skillen and Mohammad Mannan
Reference
![Page 21: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/21.jpg)
21
![Page 22: Mobiflage deniable encryption for mobile devices](https://reader031.vdocuments.us/reader031/viewer/2022030401/58ad65cf1a28ab9e428b5585/html5/thumbnails/22.jpg)
22