TrustZone Enhanced Plausibly Deniable Encryption System for Mobile Devices

Jinghui Liao, Bo Chen, Weisong Shi
{"title":"TrustZone Enhanced Plausibly Deniable Encryption System for Mobile Devices","authors":"Jinghui Liao, Bo Chen, Weisong Shi","doi":"10.1145/3453142.3493512","DOIUrl":null,"url":null,"abstract":"Modern mobile devices are increasingly used to store and process sensitive data. In order to prevent the sensitive data from being leaked, one of the best ways of protecting them and their owner is to hide the data with plausible deniability. Plausibly Deniable Encryption (PDE) has been designed for such purpose. The existing PDE systems for mobile devices however, have suffered from significant drawbacks as they either ignore the deniability compromises present in the special underlying storage media of mobile devices or are vulnerable to various new attacks such as side-channel attacks. In this work, we propose a new PDE system design for mobile devices which takes advantage of the hardware features equipped in the mainstream mobile devices. Our preliminary design has two major component: First, we strictly isolate the hidden and the public data in the flash layer, so that a multi-snapshot adversary is not able to identify the existence of the hidden sensitive data when having access to the low layer storage medium of the device. Second, we incorporate software and operating system level deniability into ARM TrustZone. With this TrustZone-enhanced isolation, our PDE system is immune to side-channel attacks at the operating system layer.","PeriodicalId":6779,"journal":{"name":"2021 IEEE/ACM Symposium on Edge Computing (SEC)","volume":"50 1","pages":"441-447"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE/ACM Symposium on Edge Computing (SEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3453142.3493512","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3

Abstract

Modern mobile devices are increasingly used to store and process sensitive data. In order to prevent the sensitive data from being leaked, one of the best ways of protecting them and their owner is to hide the data with plausible deniability. Plausibly Deniable Encryption (PDE) has been designed for such purpose. The existing PDE systems for mobile devices however, have suffered from significant drawbacks as they either ignore the deniability compromises present in the special underlying storage media of mobile devices or are vulnerable to various new attacks such as side-channel attacks. In this work, we propose a new PDE system design for mobile devices which takes advantage of the hardware features equipped in the mainstream mobile devices. Our preliminary design has two major component: First, we strictly isolate the hidden and the public data in the flash layer, so that a multi-snapshot adversary is not able to identify the existence of the hidden sensitive data when having access to the low layer storage medium of the device. Second, we incorporate software and operating system level deniability into ARM TrustZone. With this TrustZone-enhanced isolation, our PDE system is immune to side-channel attacks at the operating system layer.
TrustZone增强的可信可否认移动设备加密系统
现代移动设备越来越多地用于存储和处理敏感数据。为了防止敏感数据泄露,保护敏感数据及其所有者的最佳方法之一是用合理的否认来隐藏数据。合理可否认加密(PDE)就是为此目的而设计的。然而,用于移动设备的现有PDE系统存在明显的缺陷,因为它们要么忽略了移动设备的特殊底层存储介质中存在的可否认性妥协,要么容易受到各种新攻击(如侧信道攻击)的攻击。在这项工作中,我们提出了一种新的移动设备PDE系统设计,它利用了主流移动设备所配备的硬件特性。我们的初步设计有两个主要组成部分:首先,我们严格隔离了闪存层中的隐藏数据和公开数据,使得多快照攻击者在访问设备的底层存储介质时无法识别隐藏敏感数据的存在。其次,我们将软件和操作系统级别的可否认性纳入ARM TrustZone。通过这种trustzone增强的隔离,我们的PDE系统可以免受操作系统层的侧信道攻击。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信