Mobihydra: Pragmatic and multi-level plausibly deniable encryption storage for mobile devices

Abstract

Nowadays, smartphones have started being used as a tool to collect and spread politically sensitive or activism information. The exposure of the possession of such sensitive data shall pose a risk in severely threatening the life safety of the device owner. Particularly, the data owner may be caught and coerced to give away the encryption keys. Under this circumstances, applying the encryption to data still fails to mitigate such risk. Plausibly deniable encryption (PDE) promisingly helps to circumvent the coercive attack by allowing the data owner to deny the existence of certain data. In this work, we present MobiHydra, a more pragmatic PDE scheme featuring multi-level deniability on mobile devices. Mobi- Hydra is pragmatic in that it remarkably supports hiding opportunistic data without necessarily rebooting the device. In addition, MobiHydra favorably mitigates the so-called booting-time defect, which is a whistleblower to expose the usage of PDE in previous solutions. We implement a prototype for MobiHydra on Google Nexus S. The evaluation results demonstrate that MobiHydra introduces very low overhead compared with other PDE solutions for mobile devices.