DataLair: Efficient Block Storage with Plausible Deniability against Multi-Snapshot Adversaries

Abstract

Sensitive information is present on our phones, disks, watches and computers. Its protection is essential. Plausible deniability of stored data allows individuals to deny that their device contains a piece of sensitive information. This constitutes a key tool in the fight against oppressive governments and censorship. Unfortunately, existing solutions, such as the now defunct TrueCrypt [5], can defend only against an adversary that can access a user’s device at most once (“single-snapshot adversary”). Recent solutions have traded significant performance overheads for the ability to handle more powerful adversaries able to access the device at multiple points in time (“multi-snapshot adversary”). In this paper we show that this sacrifice is not necessary. We introduce and build DataLair1, a practical plausible deniability mechanism. When compared with existing approaches, DataLair is two orders of magnitude faster for public data accesses, and 5 times faster for hidden data accesses. An important component in DataLair is a new write-only ORAM construction which improves on the complexity of the state of the art write-only ORAM by a factor of O ( logN ), where N denotes the underlying storage disk size.