| With the development of the smartphone,more and more private data is being stored on these devices.If,unfortunately,this kind of private data is leaked,it will cause security problems for the users and may even threaten their lives.How to protect the privacy of this kind of data is a difficult problem,one of the effective methods is Full Disk Encryption(FDE).Android forces the use of FDE after version 5.0(Lollipop)to encrypt and protect the private data,however,once the user hands over their passwords,the privacy of the data will be compromised.To solve this problem,researchers designed and implemented Plausible Deniable Encryption(PDE),mainly based on Full Disk Encryption or steganography.In a PDE system,if the user inputs a decoy password,the daily operating system(outer volume)will be mounted and the data inside it is harmless.Only if the user inputs the real password,will the hidden volume be mounted,and the private data found.An FDE-based PDE system is designed and implemented in this thesis.To solve the problem above,the basic work in this thesis including:Developing a customized Android ROM and implementing PDE on CyanogenMod 13/Android 6.0 by changing the technical process of Full Disk Encryption in the source code of "Vold";Solving several security leakage problems;Changing the source code in Ext4 to make it allocate clean blocks sequentially and solving the problem of the pollution between the outer volume and the hidden volume due to the features of Ext4 file system.Adding system services and a user configuration APP module,so that the users can configure the encrypted information in the application layer of Android.There are four innovations in this thesis:Firstly,it solves the problem of data transboundary preliminarily,that is,if too much application data is stored in the outer volume,the hidden volume would be polluted due to data transboundary in most current FDE-based PDE systems.Secondly,a more complex key-storage-algorithm was developed and introduced into this new PDE system,which can better defend against dictionary attacks and password brute-forcing.Thirdly,this thesis proposes a PDE adapter,which can smoothly and easily migrate PDE functions from the old versions to the new versions of the Android system.Fourthly,a file hiding function was designed for the PDE system,which can hide files or directories with specific names in external or hidden volumes,further strengthening the deniability of this PDE system. |
PDF Full Text Request