SoK: Plausibly Deniable Storage

Chen, Chen; Liang, Xiao; Cărbunar, Bogdan; Sion, Radu

doi:10.2478/popets-2022-0039

Cited by 1 publication

(2 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our security definition does not account for adversaries profiling the access patterns of a user, which calls for additional techniques to either randomize or ''equalize'' all access sequences. Future work will thus investigate extensions to our scheme by means of private information retrieval or other techniques (see the related work, in particular [22]), to analyze if information-theoretic security remains accomplishable or deteriorates against attackers that profile the (physical) device usage.…”

Section: Discussionmentioning

confidence: 99%

“…An interesting additional security consideration is resilience against leakage of information from access patterns. In a series of papers [20], [21], [22], the focus of VOLUME 11, 2023 plausible deniability constructions was shifted to hiding access patterns, as well as leveraging properties of the physical storage devices, using oblivious RAM among other techniques. Our discussion is agnostic of such physical features and does not hide access patterns as such, since the adversary model used here is only concerned with attacks on a static snapshot of the ciphertext, but allows partial side-information to be available to the adversary (similar as what access patterns could leak).…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

False-Bottom Encryption: Deniable Encryption From Secret Sharing

2023

View full text Add to dashboard Cite

We show how to implement a deniable encryption method from secret sharing. Unlike the related concept of honey encryption, which employs a preprocessing step in symmetric encryption to re-shape the distribution of a plaintext towards making the real plaintext indistinguishable from a ciphertext for a fake message, we can avoid both, computational intractability assumptions and preprocessing of the data. This accomplishes deniability against an attacker that can force decryptions, and it can brute-force break a ciphertext with sufficient computational power. Following the concept of plausible deniability, we herein have different decryption keys to open up distinct plaintexts from within the same ciphertext. For instance, a plaintext revealed from a ciphertext with a key which was shared by a victim under duress, will convince the attacker that it is real, while the actual secret remains unnoticed. False Bottom Encryption constructs a symmetric scheme (in the sense of using the same key to encrypt and decrypt) that shares the properties of both honey encryption and deniable encryption. We specifically formalize and differentiate ''deniable'' from ''plausibly deniable'' as a security feature, showing how plausible deniability falls back to (only) deniability, depending on the plaintext distribution. Our scheme is simple, lightweight to implement and efficient in terms of encryption and decryption, and is based on secret sharing. As such, we do not rely on computational intractability. We corroborate the construction by giving numeric examples and providing implementations of the method as a Jupyter notebook supplementary to this work.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%