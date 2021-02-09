Abstract: With the widespread adoption of disk encryption technologies, it has become common for adversaries to employ coercive tactics to force users to surrender encryption keys and similar credentials. For some users this creates a need for hidden volumes that provide plausible deniability: the ability to deny the existence of sensitive information. Plausible deniability directly impacts groups such as democracy advocates relaying information in repressive regimes, journalists covering human rights stories in a war zone, or NGO workers hiding food shipment schedules from violent militias. All of these users would benefit from a plausibly deniable data storage system. Most previous systems rely on some form of steganography, the art of information hiding, to hide sensitive information among innocuous appearing data on a user’s device. Often utilizing the unallocated space on a disk to as an environment contain a plausibly deniable volume. These previous approaches all exhibit the same weaknesses stemming from flawed assumptions that underpin their design. Most importantly the assumption that the presence of the driver software use to run a deniable volume would not be suspicious to an adversary. As a result of these flawedassumptions, previous deniable storage systems only offer pieces of an implementable solution. Our approach, Artifice, seeks to address these shortcomings as the first tunable, operationally secure, self repairing, and fully deniable storage system. With Artifice, hidden data blocks are split with an information dispersal algorithm to produce a set of obfuscated carrier blocks that are indistinguishable from other pseudo-random blocks on the disk. The blocks are then stored in unallocated space and possess a self-repairing capability and rely on combinatorial security. Unlike preceding systems, Artifice addresses problems regarding flash storage devices and multiple snapshot attacks through comparatively simple block allocation schemes and operational security. To hide the user’s ability to run a deniable system and prevent information leakage, Artifice stores its driver software separately from the hidden data.