DEFTL: Implementing Plausibly Deniable Encryption in Flash Translation Layer

Abstract

Mobile devices today have been increasingly used to store and process sensitive information. To protect sensitive data, mobile operating systems usually incorporate a certain level of encryption to protect sensitive data. However, conventional encryption cannot defend against a coercive attacker who can capture the device owner, and force the owner to disclose keys used for decrypting sensitive information. To defend against such a coercive adversary, Plausibly Deniable Encryption (PDE) was introduced to allow the device owner to deny the very existence of sensitive data stored on his/her device. The existing PDE systems, built on flash storage devices, are problematic, since they either neglect the special nature of the underlying storage medium (which is usually NAND flash), or suffer from deniability compromises. In this paper, we propose DEFTL, a Deniability Enabling Flash Translation Layer for devices which use flash-based block devices as storage media. DEFTL is the first PDE design which incorporates deniability to Flash Translation Layer (FTL), a pervasively deployed "translation layer" which stays between NAND flash and the file system in literally all the computing devices. A salient advantage of DEFTL lies in its capability of achieving deniability while being able to accommodate the special nature of NAND flash as well as eliminate deniability compromises from it. We implement DEFTL using an open-source NAND flash controller. The experimental results show that, compared to conventional encryption which does not provide deniability, our DEFTL design only incurs a small overhead.