Design And Implementation Of Android ROM Supporting PDE Storage

As people increasingly rely on smartphones at work and life,more and more privacy data and sensitive data of users are stored on smartphones.Once the important data is leaked,it will cause huge troubles to users and may even threaten their property and life safety.Therefore,data security of smart mobile devices is increasingly becoming a concern as well.Currently,an effective solution is FDE(Full Disk Encryption),which protects security of user data by encrypting the storage space of the smart device transparently.However,when a user is forced to reveal the password of their device,the technology can not provide effective protection for the user's important data.Therefore,the researcher proposed PDE(Plausible Deniable Encryption),which can guide the enemy to decrypt reasonable and harmless data by revealing the decoy password to the enemy.However,the hidden user privacy data and sensitive data can only be obtained by entering the real password,making users' important privacy data deniable.Aiming at the above malicious attacks and intimidation attacks,this paper designs and implements a secure and reliable PDE technology,and deeply customizes and expands the vold source code in the kernel based on Android FDE to successfully import PDE storage into the Android system.In addition,we also design and implemente a custom system service to start and configure PDE and user configuration module to provide users with a graphical configuration interface of PDE mode.The system dynamically configures the offset address of the hidden volume through the user-configured PDE mode password,and does not store any files related to the hidden volume configuration information in the disk,which effectively improves the concealment of the hidden volume.At the same time,in view of the data conflict existing in the existing PDE technology and many PDE related security problems,such as storage medium leakage,encryption primitive leakage,file system and operating system leakage,and boot time attack,this thesis provides effective solutions to protect the deniability of PDE storage.Finally,through the detailed function test of the module and the test of the system's denial,the stability,security and robustness of the system are verified,which can effectively protect the safety of the important private data and sensitive data of the user.