{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,20]],"date-time":"2024-09-20T04:30:27Z","timestamp":1726806627094},"reference-count":51,"publisher":"Privacy Enhancing Technologies Symposium Advisory Board","issue":"2","license":[{"start":{"date-parts":[[2022,3,3]],"date-time":"2022-03-03T00:00:00Z","timestamp":1646265600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/3.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,4,1]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Data privacy is critical in instilling trust and empowering the societal pacts of modern technology-driven democracies. Unfortunately it is under continuous attack by overreaching or outright oppressive governments, including some of the world\u2019s oldest democracies. Increasingly-intrusive anti-encryption laws severely limit the ability of standard encryption to protect privacy. New defense mechanisms are needed.<\/jats:p><jats:p>Plausible deniability (PD) is a powerful property, enabling users to hide the existence of sensitive information in a system under direct inspection by adversaries. Popular encrypted storage systems such as TrueCrypt and other research efforts have attempted to also provide plausible deniability. Unfortunately, these efforts have often operated under less well-defined assumptions and adversarial models. Careful analyses often uncover not only high overheads but also outright security compromise. Further, our understanding of adversaries, the underlying storage technologies, as well as the available plausible deniable solutions have evolved dramatically in the past two decades. The main goal of this work is to systematize this knowledge. It aims to: (1) identify key PD properties, requirements and approaches; (2) present a direly-needed unified framework for evaluating security and performance; (3) explore the challenges arising from the critical interplay between PD and modern system layered stacks; (4) propose a new \u201ctrace-oriented\u201d PD paradigm, able to decouple security guarantees from the underlying systems and thus ensure a higher level of flexibility and security independent of the technology stack.<\/jats:p><jats:p>This work is meant also as a trusted guide for system and security practitioners around the major<jats:italic>challenges<\/jats:italic>in understanding, designing and implementing plausible deniability into new or existing systems.<\/jats:p>","DOI":"10.2478\/popets-2022-0039","type":"journal-article","created":{"date-parts":[[2022,3,5]],"date-time":"2022-03-05T04:25:31Z","timestamp":1646454331000},"page":"132-151","source":"Crossref","is-referenced-by-count":1,"title":["SoK: Plausibly Deniable Storage"],"prefix":"10.56553","volume":"2022","author":[{"given":"Chen","family":"Chen","sequence":"first","affiliation":[{"name":"Stony Brook University"}]},{"given":"Xiao","family":"Liang","sequence":"additional","affiliation":[{"name":"Stony Brook University"}]},{"given":"Bogdan","family":"Carbunar","sequence":"additional","affiliation":[{"name":"FIU"}]},{"given":"Radu","family":"Sion","sequence":"additional","affiliation":[{"name":"Stony Brook University"}]}],"member":"35752","published-online":{"date-parts":[[2022,3,3]]},"reference":[{"key":"2022060207204628108_j_popets-2022-0039_ref_001","unstructured":"[1] A robust flash file system since 2002. \u201chttps:\/\/yaffs.net\/\u201d."},{"key":"2022060207204628108_j_popets-2022-0039_ref_002","unstructured":"[2] TrueCrypt. \u201chttp:\/\/truecrypt.sourceforge.net\/\u201d."},{"key":"2022060207204628108_j_popets-2022-0039_ref_003","doi-asserted-by":"crossref","unstructured":"[3] Ross Anderson, Roger Needham, and Adi Shamir. The steganographic file system. In Information Hiding, pages 73\u201382. Springer, 1998.10.1007\/3-540-49380-8_6","DOI":"10.1007\/3-540-49380-8_6"},{"key":"2022060207204628108_j_popets-2022-0039_ref_004","unstructured":"[4] Erik-Oliver Blass, Travis Mayberry, Guevara Noubir, and Kaan Onarlioglu. Toward robust hidden volumes using write-only oblivious ram. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 203\u2013214. ACM, 2014."},{"key":"2022060207204628108_j_popets-2022-0039_ref_005","doi-asserted-by":"crossref","unstructured":"[5] Elette Boyle and Moni Naor. Is there an oblivious ram lower bound? In Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science, pages 357\u2013368, 2016.10.1145\/2840728.2840761","DOI":"10.1145\/2840728.2840761"},{"key":"2022060207204628108_j_popets-2022-0039_ref_006","doi-asserted-by":"crossref","unstructured":"[6] Ran Canetti, Sunoo Park, and Oxana Poburinnaya. Fully deniable interactive encryption. In Daniele Micciancio and Thomas Ristenpart, editors, Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17-21, 2020, Proceedings, Part I, volume 12170 of Lecture Notes in Computer Science, pages 807\u2013835. Springer, 2020.10.1007\/978-3-030-56784-2_27","DOI":"10.1007\/978-3-030-56784-2_27"},{"key":"2022060207204628108_j_popets-2022-0039_ref_007","doi-asserted-by":"crossref","unstructured":"[7] Rein Canetti, Cynthia Dwork, Moni Naor, and Rafail Ostrovsky. Deniable encryption. In Advances in Cryptology \u2013 CRYPTO\u201997, pages 90\u2013104. Springer, 1997.10.1007\/BFb0052229","DOI":"10.1007\/BFb0052229"},{"key":"2022060207204628108_j_popets-2022-0039_ref_008","doi-asserted-by":"crossref","unstructured":"[8] Anrin Chakraborti, Adam J. Aviv, Seung Geol Choi, Travis Mayberry, Daniel S. Roche, and Radu Sion. roram: Efficient range ORAM with o(log2 N) locality. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019. The Internet Society, 2019.10.14722\/ndss.2019.23320","DOI":"10.14722\/ndss.2019.23320"},{"key":"2022060207204628108_j_popets-2022-0039_ref_009","doi-asserted-by":"crossref","unstructured":"[9] Anrin Chakraborti, Chen Chen, and Radu Sion. Datalair: Efficient block storage with plausible deniability against multisnapshot adversaries. Proceedings on Privacy Enhancing Technologies, 2017(3):179\u2013197, 2017.","DOI":"10.1515\/popets-2017-0035"},{"key":"2022060207204628108_j_popets-2022-0039_ref_010","doi-asserted-by":"crossref","unstructured":"[10] Anrin Chakraborti and Radu Sion. Concuroram: Highthroughput stateless parallel multi-client ORAM. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019. The Internet Society, 2019.10.14722\/ndss.2019.23411","DOI":"10.14722\/ndss.2019.23411"},{"key":"2022060207204628108_j_popets-2022-0039_ref_011","doi-asserted-by":"crossref","unstructured":"[11] Anrin Chakraborti and Radu Sion. Sqoram: Read-optimized sequential write-only oblivious RAM. Proc. Priv. Enhancing Technol., 2020(1):216\u2013234, 2020.","DOI":"10.2478\/popets-2020-0012"},{"key":"2022060207204628108_j_popets-2022-0039_ref_012","doi-asserted-by":"crossref","unstructured":"[12] Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang. Mobipluto: File system friendly deniable storage for mobile devices. In Proceedings of the 31st Annual Computer Security Applications Conference, ACSAC 2015, page 381\u2013390, New York, NY, USA, 2015. Association for Computing Machinery.10.1145\/2818000.2818046","DOI":"10.1145\/2818000.2818046"},{"key":"2022060207204628108_j_popets-2022-0039_ref_013","doi-asserted-by":"crossref","unstructured":"[13] Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen-Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching. MobiCeal: Towards secure and practical plausibly deniable encryption on mobile devices. In 2018 48th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pages 454\u2013465. IEEE, 2018.10.1109\/DSN.2018.00054","DOI":"10.1109\/DSN.2018.00054"},{"key":"2022060207204628108_j_popets-2022-0039_ref_014","doi-asserted-by":"crossref","unstructured":"[14] Chen Chen, Anrin Chakraborti, and Radu Sion. Pd-dm: An efficient locality-preserving block device mapper with plausible deniability. Proceedings on Privacy Enhancing Technologies, 2019(1), 2019.10.2478\/popets-2019-0009","DOI":"10.2478\/popets-2019-0009"},{"key":"2022060207204628108_j_popets-2022-0039_ref_015","doi-asserted-by":"crossref","unstructured":"[15] Chen Chen, Anrin Chakraborti, and Radu Sion. Infuse: Invisible plausibly-deniable file system for nand flash. Proceedings on Privacy Enhancing Technologies, 4:239\u2013254, 2020.","DOI":"10.2478\/popets-2020-0071"},{"key":"2022060207204628108_j_popets-2022-0039_ref_016","unstructured":"[16] Chen Chen, Anrin Chakraborti, and Radu Sion. PEARL: Plausibly deniable flash translation layer using WOM coding. In 30th USENIX Security Symposium (USENIX Security 21), Vancouver, B.C., August 2021. USENIX Association."},{"key":"2022060207204628108_j_popets-2022-0039_ref_017","unstructured":"[17] Alexei Czeskis, David J. St. Hilaire, Karl Koscher, Steven D. Gribble, Tadayoshi Kohno, and Bruce Schneier. Defeating encrypted and deniable file systems: Truecrypt v5.1a and the case of the tattling os and applications. In Proceedings of the 3rd Conference on Hot Topics in Security, HOTSEC\u201908, pages 7:1\u20137:7, Berkeley, CA, USA, 2008. USENIX Association."},{"key":"2022060207204628108_j_popets-2022-0039_ref_018","doi-asserted-by":"crossref","unstructured":"[18] Fred Douglis and John Ousterhout. Log-structured file systems. In COMPCON Spring\u201989. Thirty-Fourth IEEE Computer Society International Conference: Intellectual Leverage, Digest of Papers., pages 124\u2013129. IEEE, 1989.","DOI":"10.1109\/CMPCON.1989.301914"},{"key":"2022060207204628108_j_popets-2022-0039_ref_019","doi-asserted-by":"crossref","unstructured":"[19] Philippe Godlewski. Wom-codes construits \u00e0 partir des codes de hamming. Discrete mathematics, 65(3):237\u2013243, 1987.10.1016\/0012-365X(87)90055-0","DOI":"10.1016\/0012-365X(87)90055-0"},{"key":"2022060207204628108_j_popets-2022-0039_ref_020","doi-asserted-by":"crossref","unstructured":"[20] Oded Goldreich and Rafail Ostrovsky. Software protection and simulation on oblivious rams. Journal of the ACM (JACM), 43(3):431\u2013473, 1996.10.1145\/233551.233553","DOI":"10.1145\/233551.233553"},{"key":"2022060207204628108_j_popets-2022-0039_ref_021","unstructured":"[21] Ian Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, and Yoshua Bengio. Generative adversarial nets. Advances in neural information processing systems, 27, 2014."},{"key":"2022060207204628108_j_popets-2022-0039_ref_022","doi-asserted-by":"crossref","unstructured":"[22] Pavel Hub\u00e1cek, Michal Kouck\u1ef3, Karel Kr\u00e1l, and Veronika Sl\u00edvov\u00e1. Stronger lower bounds for online oram. In Theory of Cryptography Conference, pages 264\u2013284. Springer, 2019.10.1007\/978-3-030-36033-7_10","DOI":"10.1007\/978-3-030-36033-7_10"},{"key":"2022060207204628108_j_popets-2022-0039_ref_023","unstructured":"[23] R. P. Weinmann J. Assange and S. Dreyfus. Rubber-hose: cryptographically deniable transparent disk encryption system. \u201chttp:\/\/marutukku.org\u201d."},{"key":"2022060207204628108_j_popets-2022-0039_ref_024","unstructured":"[24] Shijie Jia, Luning Xia, Bo Chen, and Peng Liu. Deftl: Implementing plausibly deniable encryption in flash translation layer. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 2217\u20132229. ACM, 2017."},{"key":"2022060207204628108_j_popets-2022-0039_ref_025","doi-asserted-by":"crossref","unstructured":"[25] Gabriela Kennedy. Encryption policies: Codemakers, codebreakers and rulemakers: Dilemmas in current encryption policies. Computer Law & Security Review, 16(4):240\u2013247, 2000.","DOI":"10.1016\/S0267-3649(00)89131-1"},{"key":"2022060207204628108_j_popets-2022-0039_ref_026","unstructured":"[26] Diederik P Kingma and Max Welling. Auto-encoding variational bayes. arXiv preprint arXiv:1312.6114, 2013."},{"key":"2022060207204628108_j_popets-2022-0039_ref_027","doi-asserted-by":"crossref","unstructured":"[27] Kasper Green Larsen and Jesper Buus Nielsen. Yes, there is an oblivious ram lower bound! In Annual International Cryptology Conference, pages 523\u2013542. Springer, 2018.10.1007\/978-3-319-96881-0_18","DOI":"10.1007\/978-3-319-96881-0_18"},{"key":"2022060207204628108_j_popets-2022-0039_ref_028","unstructured":"[28] Sungjin Lee, Keonsoo Ha, Kangwon Zhang, Jihong Kim, and Junghwan Kim. Flexfs: A flexible flash file system for mlc nand flash memory. In USENIX Annual Technical Conference, pages 1\u201314, 2009."},{"key":"2022060207204628108_j_popets-2022-0039_ref_029","doi-asserted-by":"crossref","unstructured":"[29] Lichun Li and Anwitaman Datta. Write-only oblivious ram-based privacy-preserved access of outsourced data. International Journal of Information Security, 16(1):23\u201342, 2017.10.1007\/s10207-016-0329-x","DOI":"10.1007\/s10207-016-0329-x"},{"key":"2022060207204628108_j_popets-2022-0039_ref_030","doi-asserted-by":"crossref","unstructured":"[30] Andrew D McDonald and Markus G Kuhn. StegFS: A steganographic file system for Linux. In Information Hiding, pages 463\u2013477. Springer, 1999.10.1007\/10719724_32","DOI":"10.1007\/10719724_32"},{"key":"2022060207204628108_j_popets-2022-0039_ref_031","unstructured":"[31] J. Mull. How a syrian refugee risked his life to bear witness to atrocities. toronto Star Online, posted 14-March-2012, 2012."},{"key":"2022060207204628108_j_popets-2022-0039_ref_032","doi-asserted-by":"crossref","unstructured":"[32] Adam O\u2019Neill, Chris Peikert, and Brent Waters. Bi-deniable public-key encryption. In Annual Cryptology Conference, pages 525\u2013542. Springer, 2011.10.1007\/978-3-642-22792-9_30","DOI":"10.1007\/978-3-642-22792-9_30"},{"key":"2022060207204628108_j_popets-2022-0039_ref_033","doi-asserted-by":"crossref","unstructured":"[33] HweeHwa Pang, Kian-Lee Tan, and Xuan Zhou. Stegfs: A steganographic file system. In Data Engineering, 2003. Proceedings. 19th International Conference on, pages 657\u2013667. IEEE, 2003.","DOI":"10.1109\/ICDE.2003.1260829"},{"key":"2022060207204628108_j_popets-2022-0039_ref_034","doi-asserted-by":"crossref","unstructured":"[34] Timothy Peters, Mark Gondree, and Zachary N. J. Peterson. DEFY: A deniable, encrypted file system for log-structured storage. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8-11, 2014, 2015.10.14722\/ndss.2015.23078","DOI":"10.14722\/ndss.2015.23078"},{"key":"2022060207204628108_j_popets-2022-0039_ref_035","doi-asserted-by":"crossref","unstructured":"[35] Fabien AP Petitcolas, Ross J Anderson, and Markus G Kuhn. Information hiding-a survey. Proceedings of the IEEE, 87(7):1062\u20131078, 1999.10.1109\/5.771065","DOI":"10.1109\/5.771065"},{"key":"2022060207204628108_j_popets-2022-0039_ref_036","unstructured":"[36] Denver Post. Password case reframes fifth amendment rights in context of digital world. \u201chttp:\/\/www.denverpost.com\/news\/ci_19669803\u201d."},{"key":"2022060207204628108_j_popets-2022-0039_ref_037","unstructured":"[37] The Register. Youth jailed for not handing over encryption password. 2010."},{"key":"2022060207204628108_j_popets-2022-0039_ref_038","doi-asserted-by":"crossref","unstructured":"[38] Ronald L Rivest and Adi Shamir. How to reuse a \u201cwrite-once memory\u201d. Information and control, 55(1-3):1\u201319, 1982.10.1016\/S0019-9958(82)90344-8","DOI":"10.1016\/S0019-9958(82)90344-8"},{"key":"2022060207204628108_j_popets-2022-0039_ref_039","doi-asserted-by":"crossref","unstructured":"[39] Daniel S Roche, Adam Aviv, Seung Geol Choi, and Travis Mayberry. Deterministic, stash-free write-only oram. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 507\u2013521, 2017.10.1145\/3133956.3134051","DOI":"10.1145\/3133956.3134051"},{"key":"2022060207204628108_j_popets-2022-0039_ref_040","doi-asserted-by":"crossref","unstructured":"[40] Amir Shpilka. New constructions of wom codes using the wozencraft ensemble. IEEE Transactions on Information Theory, 59(7):4520\u20134529, 2013.10.1109\/TIT.2013.2251455","DOI":"10.1109\/TIT.2013.2251455"},{"key":"2022060207204628108_j_popets-2022-0039_ref_041","doi-asserted-by":"crossref","unstructured":"[41] Adam Skillen and Mohammad Mannan. Mobiflage: Deniable storage encryption for mobile devices. IEEE Transactions on Dependable and Secure Computing, 11(3):224\u2013237, 2013.","DOI":"10.1109\/TDSC.2013.56"},{"key":"2022060207204628108_j_popets-2022-0039_ref_042","unstructured":"[42] Adam Skillen and Mohammad Mannan. On implementing deniable storage encryption for mobile devices. 2013."},{"key":"2022060207204628108_j_popets-2022-0039_ref_043","unstructured":"[43] Toronto Star. How a syrian refugee risked his life to bear witness to atrocities. 2012."},{"key":"2022060207204628108_j_popets-2022-0039_ref_044","unstructured":"[44] Emil Stefanov, Elaine Shi, and Dawn Song. Towards practical oblivious ram. arXiv preprint arXiv:1106.3652, 2011."},{"key":"2022060207204628108_j_popets-2022-0039_ref_045","doi-asserted-by":"crossref","unstructured":"[45] Emil Stefanov, Marten Van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. Path oram: an extremely simple oblivious ram protocol. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 299\u2013310. ACM, 2013.10.1145\/2508859.2516660","DOI":"10.1145\/2508859.2516660"},{"key":"2022060207204628108_j_popets-2022-0039_ref_046","unstructured":"[46] M Weaver. Developer tortured by raiders with crowbars. 31 October 97."},{"key":"2022060207204628108_j_popets-2022-0039_ref_047","doi-asserted-by":"crossref","unstructured":"[47] Mor Weiss and Daniel Wichs. Is there an oblivious ram lower bound for online reads? In Theory of Cryptography Conference, pages 603\u2013635. Springer, 2018.10.1007\/978-3-030-03810-6_22","DOI":"10.1007\/978-3-030-03810-6_22"},{"key":"2022060207204628108_j_popets-2022-0039_ref_048","unstructured":"[48] WhisperSystems. Github: Whispersystems\/whisperyaffs: Wiki, 2012. \u201chttps:\/\/github.com\/WhisperSystems\/WhisperYAFFS\/wiki\u201d."},{"key":"2022060207204628108_j_popets-2022-0039_ref_049","unstructured":"[49] Wikipedia. Key disclosure law. \u201chttp:\/\/en.wikipedia.org\/wiki\/Key_disclosure_law\u201d."},{"key":"2022060207204628108_j_popets-2022-0039_ref_050","doi-asserted-by":"crossref","unstructured":"[50] Eitan Yaakobi, Scott Kayser, Paul H Siegel, Alexander Vardy, and Jack Keil Wolf. Codes for write-once memories. IEEE Transactions on Information Theory, 58(9):5985\u20135999, 2012.10.1109\/TIT.2012.2200291","DOI":"10.1109\/TIT.2012.2200291"},{"key":"2022060207204628108_j_popets-2022-0039_ref_051","doi-asserted-by":"crossref","unstructured":"[51] Aviad Zuck, Udi Shriki, Donald E Porter, and Dan Tsafrir. Preserving hidden data with an ever-changing disk. In Proceedings of the 16th Workshop on Hot Topics in Operating Systems, pages 50\u201355, 2017.10.1145\/3102980.3102989","DOI":"10.1145\/3102980.3102989"}],"container-title":["Proceedings on Privacy Enhancing Technologies"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.sciendo.com\/pdf\/10.2478\/popets-2022-0039","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,19]],"date-time":"2024-09-19T20:21:16Z","timestamp":1726777276000},"score":1,"resource":{"primary":{"URL":"https:\/\/petsymposium.org\/popets\/2022\/popets-2022-0039.php"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,3,3]]},"references-count":51,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2022,3,3]]},"published-print":{"date-parts":[[2022,4,1]]}},"alternative-id":["10.2478\/popets-2022-0039"],"URL":"https:\/\/doi.org\/10.2478\/popets-2022-0039","relation":{},"ISSN":["2299-0984"],"issn-type":[{"type":"electronic","value":"2299-0984"}],"subject":[],"published":{"date-parts":[[2022,3,3]]}}}