Sensitive data protection is essential for mobile users. Plausibly Deniable Encryption (PDE) systems provide an effective manner to protect sensitive data by hiding them on the device. However, existing PDE systems can lose data due to overriding the hidden volume, waste physical storage owing to the “reserved area” for avoiding data loss, and require device reboot when using the hidden volume. This paper presents MobiGyges, a hidden volume-based mobile PDE system, to fill the gap. MobiGyges addresses the problem of data loss by restricting each storage block used only by one volume, and it improves storage utilization by eliminating the “reserved area”. MobiGyges also avoids device reboot by mounting the hidden volume dynamically on-demand with the Dynamic Mounting service. Moreover, we identify two novel PDE oriented attacks, the capacity comparison attack and the fill-to-full attack. MobiGyges can defend against them by jointly leveraging the Shrunk U-disk method and multi-level deniability. We implement the MobiGyges proof-of-concept system on a real mobile phone Google Nexus 6P with LineageOS 13. Experimental results show that MobiGyges prevents data loss, avoids device reboot, improves storage utilization by over 30% with acceptable performance overhead compared with current solutions.
Bibliographical noteFunding Information:
This work was supported in part by the National Key Research and Development Program of China under Grant 2018YFB1003804 , Natural Science Foundation of China under Grant 61921003 , the China Scholarship Council , and the Beijing Institute of Technology Research Fund Program for Young Scholars. We would also like to thank the editors and anonymous reviewers for their valuable comments and suggestions.
© 2020 Elsevier B.V.
- Avoiding reboot
- Data loss preventing
- Hidden volume
- Improving storage utilization
- Sensitive data protection