mobiflage deniable encryption for mobile devices
TRANSCRIPT
Structure of Presentation
MotivationOverviewIntroductionImplementation compromisesLimitationsConclusion
Structure of Presentation
3
Motivation
4
Overview
Syrian refugee risked his life to smuggle his phone’s micro SD card, containing evidence of atrocities, across international borders by stitching the card beneath his skin.
http://www.thestar.com/news/world/article/1145824
5
What is plausible deniable encryption (pde)?& Why do We need it??
Deniable encryption algorithms have been devised to hide the very existence of encrypted data.
6
File based encryption
Selected individual files are encrypted with unique keys
Keys are wiped from RAM when device is screen locked
BlackBerry and Apple iOS
System/Full Disk Encryption (FDE)
Block ciphers act on individual disk sectors Files only exist in a decrypted state while they are in RAM Pre-boot authenticator to unlock/mount disk Key stays in RAM while screen locked (for background IO) Google Android and Microsoft Windows Phone
Background on mobile storage encryption
7
Plausible deniable encryption (PDE)
Level of protection beyond semantic security
Tools such as TrueCrypt provide PDE for desktop/laptop PCs
Different reasonable plaintexts may be output from a given ciphertext, when decrypted under different decoy keys.
PDE is arguably more important for mobile devices
Background on mobile storage encryption
8
Mobiflage is a steganographic (data hiding) technique.
Mobiflage enables PDE on mobile devices by hiding encrypted volumes within random data in a device's free storage space.
Mobiflage scheme was designed and implemented for the Android OS.
Counter measures for threats specific to mobile systems and known attacks against desktop PDE implementations are incorporated into the design
Mobiflage
9
Android 4.x has two partitions that store data. Ext4 Internal partition Store userdata (Apps ,Settings etc..) Meta data located anywhere on the disk FAT32
External partition. Stores documents, downloads, photos, etc. All meta-data at beginning of volume
File-system Support
10
Implementation
We implement mobiflage by hiding data in the external storage of the device
11
User boots into a given mode based on the supplied passwordStandard Mode Encryption without deniability For day-to-day use of mobile device Mounts outer volumes PDE Mode Encryption with deniability Used only when the user needs to gather/store hidden data Mounts hidden volume
Apps and data in each mode are independent ,essentially two isolated installations are present
Mobiflage Modes
12
13
14
15
H - hash function vlen -number of 512-byte sectors on the storage device pwd - true password salt -random value for Hash function The generated off set is greater than one half and less than three quarters of the disk
16
Leakage from File-system
Leakage from software
Password guessing
Storage snapshots
Sources of compromise addressed by Mobiflage
17
Mismatch between device logs and carrier/web service logs
Some defenses include: Disable cell antenna Use anonymous SIM Use public WiFi Use pseudonymous accounts
Collusion with carriers
18
Currently requires removable SD card or internal FAT32 partition
User cannot choose size of hidden volumes
Only 50% of SD card can be used safely
Currently, we support only one hidden volume offset
No clean solution to transfer data between modes
Limitations
19
Mobiflage hides encrypted volumes in external storage incurring a tolerable impact on performance
Requires conscientious users to maintain deniability
Mobiflage will be more useful to regular users and human rights activists
Conclusion
20
[1] International Journal of Emerging Technology and Innovative Engineering Volume I, Issue 4, April 2015
[2] Mobiflage: Deniable Storage Encryption for Mobile Devices by Adam Skillen and Mohammad Mannan[IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTINGVOL. 11, NO. 3, MAY-JUNE
2014]
[3] Deniable Storage Encryption for Mobile Devices by Adam Skillen [A Thesis in the Concordia Institute for Information Systems Engineering April 2013] [4] On Implementing Deniable Storage Encryption for Mobile Devices by Adam Skillen and Mohammad Mannan
Reference
21
22