MobiPluto: File System Friendly Deniable Storage for Mobile Devices

Mobile devices are prevalently used for processing personal private data and sometimes collecting evidence of social injustice or political oppression. The device owners may always feel reluctant to expose this type of data to undesired observers or inspectors. This usually can be achieved by encryption. However, the traditional encryption may not work when an adversary is able to coerce device owners into revealing their encrypted content. Plausibly Deniable Encryption (PDE) is thus designed to protect sensitive data against this type of powerful adversaries.

In this paper, we present MobiPluto, a file system friendly PDE scheme for denying the existence of sensitive data stored on mobile devices. MobiPluto achieves deniability feature as nothing but a “side-effect” of combining thin provisioning, a well-established tool in Linux kernel, with encryption. This feature makes MobiPluto more plausible for users to have such software on their mobile devices. A salient difference between MobiPluto and the existing PDE schemes is that MobiPluto is “file system friendly”, i.e., any block-based file systems can be deployed on top of it. Thus, it is possible to deploy MobiPluto on most mobile devices. We provide a proof-of-concept implementation for MobiPluto in an Android phone to assess its feasibility and performance.

Author(s):

Bing Chang    
Institute of Information Engineering, CAS
China

Zhan Wang    
Institute of Information Engineering, CAS
China

Bo Chen    
The Pennsylvania State University
United States

Fengwei Zhang    
Wayne State University
United States