The next Deep Dive will be on Wednesday, February 20 at 1:30PM. Austen Barker will present his research on Artifice, a deniable steganographic file system.

CRSS sponsors are welcome to attend in person or via Zoom teleconference. If you wish to attend in person, please contact Cynthia McCarley no later than noon on the day before the talk (February 19th), so we can arrange a parking permit for you. CRSS sponsors may also join a Zoom teleconference of the talk (meeting ID 576 789 652). Please note that this teleconference will require a password, which was provided in the email to your company's CRSS contact, or can be obtained from Cynthia McCarley.

The video of the deep dive will be recorded, and will be available from this page within a few days after the talk.

Speaker

Austen Barker

Abstract

Individuals such as journalists, human rights activists, and undercover law enforcement often possess sensitive data. While simple encryption of this data provides an effective means of rendering the data unreadable to an adversary the mere presence of an encrypted file can arouse suspicion and incur significant risk for the user. To combat this risk, it is necessary to not only provide data privacy but also deniability. Previous attempts at deniability via steganographic file systems required an encapsulating public file system to be aware of the hidden file system, and are therefore vulnerable to forensic analysis. To solve this problem, we propose Artifice, a truly deniable steganographic file system that hides data within the unallocated space of a publicly visible file system which has no knowledge of Artifice's existence. In our approach, one or more data blocks are combined with one or more entropy blocks provided by the user to produce a set of carrier blocks that are indistinguishable from other high entropy data. Through secret sharing/erasure coding techniques we can harden Artifice against accidental overwrite of the data by the public file system and enable self repair when it is accessed. Lastly in order to ensure true deniability we can place the software for accessing the file system on some easily disposable medium such as a bootable USB drive.