Session J4: Flash Security CCS’17, October 30-November 3, 2017, Dallas, TX, USA DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer Shijie Jiayz, Luning Xiayz, Bo Chenx, Peng Liu{ yData Assurance and Communication Security Research Center, Chinese Academy of Sciences, Beijing, China zState Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China xDepartment of Computer Science, Michigan Technological University, USA {College of Information Sciences and Technology, The Pennsylvania State University, USA {jiashijie,xialuning}@iie.ac.cn,[email protected],[email protected] ABSTRACT 1 INTRODUCTION Mobile devices today have been increasingly used to store and Mobile computing devices (e.g., smart phones and tablets) are in- process sensitive information. To protect sensitive data, mobile creasingly ubiquitous nowadays. Due to their portability and mo- operating systems usually incorporate a certain level of encryption bility, more and more people today turn to such devices for daily to protect sensitive data. However, conventional encryption cannot communications, web browsing, online shopping, electronic bank- defend against a coercive attacker who can capture the device ing, etc. This however, leaves large amounts of sensitive personal/- owner, and force the owner to disclose keys used for decrypting corporate data in these devices. To protect sensitive information, sensitive information. To defend against such a coercive adversary, all the major mobile operating systems have incorporated a certain Plausibly Deniable Encryption (PDE) was introduced to allow the level of encryption [2, 25]. A broadly used encryption technique is device owner to deny the very existence of sensitive data stored full disk encryption (FDE), which has been available on Android on his/her device. The existing PDE systems, built on ash storage phones since version 3.0 [35]. FDE can defend against a passive devices, are problematic, since they either neglect the special nature attacker who tries to retrieve sensitive information from the data of the underlying storage medium (which is usually NAND ash), storage. However, it cannot defend against an active attacker, who or suer from deniability compromises. can capture the device owner, and force the owner to disclose the In this paper, we propose DEFTL, a Deniability Enabling Flash key used for decrypting the sensitive information. This applies to a Translation Layer for devices which use ash-based block devices lot of real world scenarios. For example, a professional journalist as storage media. DEFTL is the rst PDE design which incorporates or human rights worker collects criminal evidence using his/her deniability to Flash Translation Layer (FTL), a pervasively deployed mobile device in a region of oppression or conict, and stores the “translation layer” which stays between NAND ash and the le information encrypted. However, when he/she tries to cross the bor- system in literally all the computing devices. A salient advantage der, the boarder inspector may notice the existence of the encrypted of DEFTL lies in its capability of achieving deniability while being data and may coerce him/her to disclose the decryption key. We able to accommodate the special nature of NAND ash as well as need a technique which can protect the sensitive data even when eliminate deniability compromises from it. We implement DEFTL the data owner faces such a coercive attack. This is a necessary using an open-source NAND ash controller. The experimental technique for protecting the sensitive data as well as the people results show that, compared to conventional encryption which who possess them. In 2012, a videographer smuggled evidence of does not provide deniability, our DEFTL design only incurs a small human rights violations out of Syria. Due to lack of eective data overhead. protection mechanisms, he instead hid a MicroSD card in a wound on his arm [27, 31]. CCS CONCEPTS Plausibly Deniable Encryption (PDE) has been proposed to de- • Security and privacy → Embedded systems security; fend against adversaries who can coerce users into revealing the encrypted sensitive content (e.g., by forcing the victims to disclose KEYWORDS the keys for decryption). The high-level idea of PDE is: the original sensitive data are encrypted into a cipher-text in such a way that, Plausibly Deniable Encryption; Flash Memory; FTL when using a decoy key, a dierent reasonable and innocuous plain- Permission to make digital or hard copies of all or part of this work for personal or text will be generated; only when using the true key, the original classroom use is granted without fee provided that copies are not made or distributed sensitive data will be disclosed. Upon being coerced, the victim can for prot or commercial advantage and that copies bear this notice and the full citation on the rst page. Copyrights for components of this work owned by others than ACM simply disclose the decoy key to avoid being tortured. Leveraging must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, the concept of PDE, a variety of deniable storage systems have been to post on servers or to redistribute to lists, requires prior specic permission and/or a proposed for PC platforms, e.g., TrueCrypt [38], Rubberhose [16], fee. Request permissions from [email protected]. CCS’17, Oct. 30–Nov. 3, 2017, Dallas, TX, USA. HIVE [3], Gracewipe [45], Steganographic File Systems [1, 23, 30], © 2017 ACM. ISBN 978-1-4503-4946-8/17/10...$15.00 etc. DOI: http://dx.doi.org/10.1145/3133956.3134011 2217 Session J4: Flash Security CCS’17, October 30-November 3, 2017, Dallas, TX, USA However, achieving deniability in modern mobile platforms is devices as storage. DEFTL is the rst design that incorporates PDE much more challenging than in PC platforms because: First, com- in FTL, a pervasively deployed “translation layer” which stays be- pared to a PC platform, a mobile platform is usually equipped with tween the physical ash layer and the le system layer in literally limited computational resources and sensitive to energy consump- all the mobile computing devices. Our design relies on several key tion. In other words, the PDE designs for mobile platforms have insights: much higher requirements in eciency and energy eectiveness. First, having observed that most of the existing PDE systems Therefore, the existing PDE systems [1, 3, 23, 30, 38] built for PC incorporate deniability in the upper layers (e.g., le system layer [1, platforms are not immediately applicable to the mobile platforms 23, 30] and block layer [3, 6, 33, 34, 38, 44]) and may suer from due to their large overhead. Second, modern mobile devices usually deniability compromises in the lower layers (e.g., storage medium use NAND ash as storage media. Flash storage products like SD layer), we move the PDE design downwards. This is especially cards, MicroSD cards, and eMMC cards have dominated the stor- necessary for mobile devices equipped with ash storage, because age of mobile devices. Compared to mechanical disks which are the adversary can have access to the raw ash, and obtain a view used broadly in the PC platforms, ash memory has signicantly dierent from the PDE systems working on the upper layers. Such a dierent nature: 1) Flash memory is update unfriendly. A ash cell dierent view may allow the adversary to observe those unexpected cannot be over-written before it has been erased. However, the “traces” of the sensitive data (due to handling the special nature erase can only be performed on the basis of a large region (i.e., of ash memory), whose existence need to be denied. By moving a 128-KB block); 2) Flash memory is vulnerable to wear. A ash PDE to the lower layers, we make it possible to eliminate those cell can only be programmed/erased for a limited number of times deniability compromises in the raw ash, since we can now have the before the wear begins to deteriorate its integrity. same view as the adversary. In addition, our design is compatible Although deniable storage systems have also been proposed with ash-based block devices, the most popular form of ash for mobile platforms (e.g., Mobiage [33, 34], Mobihydra [44], Mo- storage which exposes a block access interface. This can allow bipluto [6], DEFY [31], etc.), most of the existing PDE systems any block-based le systems (e.g., EXT4, FAT32) to be deployed, for mobile devices [6, 33, 34, 44], unfortunately, neglect the above achieving le system friendliness. unique nature of the underlying ash memory and view the ash Second, we incorporate two modes, a public mode and a PDE storage as block devices. This can simplify the PDE designs, but mode, into FTL, and carefully isolate the two modes to achieve the resulting PDE systems may suer from deniability compro- deniability. When operating in the public mode, the user can store mises in the underlying ash storage, which usually incorporates and process public non-sensitive data which can be known by the special techniques to accommodate ash memory’s unique nature adversary; when operating in the PDE mode, the user can store and (concrete attacks are shown in Sec. 3.1). When deniability is (par- process sensitive data which should be hidden and their existence tially) compromised, the concrete attacks we will present shortly should be able to be denied. The deniability is achieved by using the in Sec. 3.1 show that the attacker can gure out the existence of data (and their behavior) in the public mode to deny the data (and hidden sensitive data. their behavior) in the PDE mode. To avoid deniability compromises, DEFY [31] is till now the sole PDE system which works with the public mode should not have any knowledge on the existence ash memory to achieve deniability while being able to accommo- of the PDE mode.