A Multiple Snapshot Attack on Deniable Storage Systems
This work addresses a critical security vulnerability for users of deniable storage systems who face coercive adversaries, revealing a practical attack that undermines existing implementations.
The authors tackled the problem of detecting hidden encrypted volumes in deniable storage systems by proposing the first concrete multiple snapshot attack, which successfully identifies moderately sized and large hidden volumes with high probability and low false positive rates.
While disk encryption is suitable for use in most situations where confidentiality of disks is required, stronger guarantees are required in situations where adversaries may employ coercive tactics to gain access to cryptographic keys. Deniable volumes are one such solution in which the security goal is to prevent an adversary from discovering that there is an encrypted volume. Multiple snapshot attacks, where an adversary is able to gain access to two or more images of a disk, have often been proposed in the deniable storage system literature; however, there have been no concrete attacks proposed or carried out. We present the first multiple snapshot attack, and we find that it is applicable to most, if not all, implemented deniable storage systems. Our attack leverages the pattern of consecutive block changes an adversary would have access to with two snapshots, and demonstrate that with high probability it detects moderately sized and large hidden volumes, while maintaining a low false positive rate.