Huang: The Plausibly Deniable DataBase [LWN.net]

Andrew 'bunnie' Huang introduces PDDB, a database meant to allow users to (plausibly) deny the existence of specific data within it.

Precursor is a device we designed to keep secrets, such as passwords, wallets, authentication tokens, contacts and text messages. We also want it to offer plausible deniability in the face of an attacker that has unlimited access to a physical device, including its root keys, and a set of “broadly known to exist” passwords, such as the screen unlock password and the update signing password. We further assume that an attacker can take a full, low-level snapshot of the entire contents of the FLASH memory, including memory marked as reserved or erased. Finally, we assume that a device, in the worst case, may be subject to repeated, intrusive inspections of this nature.
We created the PDDB (Plausibly Deniable DataBase) to address this threat scenario.

to post comments

Huang: The Plausibly Deniable DataBase

Posted Feb 9, 2022 6:45 UTC (Wed) by rdeforest (guest, #153619) [Link] (16 responses)

I haven't dug very deeply into this, but it's setting off my BS detector.

Huang: The Plausibly Deniable DataBase

Posted Feb 9, 2022 9:24 UTC (Wed) by t-v (guest, #112111) [Link] (1 responses)

Having seen some great previous work bunnie did, I would prima facie expect it to be legit.

Huang: The Plausibly Deniable DataBase

Posted Feb 9, 2022 16:15 UTC (Wed) by martin.langhoff (subscriber, #61417) [Link]

Yeah, I'm expecting it to be legit, but can't find reasonable use cases that aren't full of downsides, limits and gotchas.

It might be a failure of my imagination, or it might need to be coupled with something else to make sense.

Damn interesting machinery in any case.

Huang: The Plausibly Deniable DataBase

Posted Feb 9, 2022 13:39 UTC (Wed) by k3ninho (subscriber, #50375) [Link] (7 responses)

>it's setting off my BS detector
I've been following Precursor. Bunnie and team have a track record in this area. Before now, I've found myself surprised by my ignorance -- I suspect what you don't know, here, is surprising you. Ultimately, the code is there[1] and you could educate yourself.

1: https://github.com/betrusted-io/xous-core/tree/main/servi...

K3n.

Huang: The Plausibly Deniable DataBase

Posted Feb 9, 2022 14:28 UTC (Wed) by nix (subscriber, #2304) [Link] (6 responses)

It's legit, and as such it necessarily has potentially huge downsides. I can easily see a routine precaution by attackers (like, say, customs agents) on this being to force everyone who passes through customs to have their entire disk imaged (so customs can, in theory, recover the data if they ever get the related passphrase) and then forcing the user to download a disk-full of random noise, wiping out all their locked secret bases. Now the attackers potentially have all the secrets, and the user's lost access to the lot (in the absence of backups). It's still deniable, but now it's deniable and *missing* every time it passes through such an attacker's control.

Huang: The Plausibly Deniable DataBase

Posted Feb 10, 2022 0:46 UTC (Thu) by NYKevin (subscriber, #129325) [Link] (4 responses)

Most of these attackers (particularly in western countries like the United States) are heavily dependent on most of their victims not caring enough to try and assert their rights. If you grossly inconvenience a large enough subset of the public, political or legal countermeasures will eventually be brought to bear. CBP doesn't want to explain itself to senators and judges, so therefore they are generally inclined to avoid doing things that cause an unacceptable level of difficulty to a large subset of the public, like wiping everyone's laptop. Lots of ordinary people don't have backups (although they probably should), and if you erase their only copy of their data, they are going to be rather upset about that.

Huang: The Plausibly Deniable DataBase

Posted Feb 10, 2022 2:18 UTC (Thu) by faramir (subscriber, #2327) [Link] (3 responses)

But the CBP didn't erase your laptop. They just rewrote all the empty space on the drive, so what are you complaining about? Since nothing was there, you couldn't possibly have lost anything unless you actually are one of those hackers/terrorists/etc. OTOH, if they did start doing this to everyone it could take a while depending on the storage size. Delaying lots of people at the border in order to overwrite empty space on their disk is likely to get a lot more traction with political leaders.

Huang: The Plausibly Deniable DataBase

Posted Feb 10, 2022 4:28 UTC (Thu) by tzafrir (subscriber, #11501) [Link]

Which will happen to break a copy protection scheme of a game or whatever.

Huang: The Plausibly Deniable DataBase

Posted Feb 10, 2022 9:25 UTC (Thu) by NYKevin (subscriber, #129325) [Link] (1 responses)

There are several different cases that the adversary is likely to observe:

* You're using something "normal" like NTFS or ext4, partitioned to occupy the full extent of the drive. Then you probably don't have any secret crypto stuff (but see last bullet).
* You're using something mildly unusual, like XFS or ZFS, partitioned to occupy the full extent of the drive. Then you probably don't have any secret crypto stuff, but we'll take a full disk image anyway because we can tell the politicians that your system "looked suspicious" and thereby get away with it.
* You have a large (>10 MiB or so) unpartitioned space on your drive. Then you probably have some secret crypto stuff in there (regular users partition most or all of their space), and we're going to proceed under the assumption that you do, regardless of whether we can prove it or not, and tell you to decrypt "everything." If you proceed to decrypt some perfectly innocuous hidden partition without any interesting content, we will assume that you have a second, incriminating partition, which you are keeping from us, and apply whatever consequences would have occurred if you had refused. This is not true deniability.
* You are using a specialized filesystem that facilitates the use of partitioned-but-unallocated space to hide data. As above, this is not true deniability because we can just assume that you have hidden incriminating data (regular users do not use such filesystems).
* Your whole drive is encrypted. Then we'll tell you to decrypt it and proceed as above.
* You have a bunch of high-resolution photos and/or videos, which do not appear to be encrypted at all, and which appear to be innocuous (e.g. photos of the beach, wildlife, plants, family members, etc.). This is arguably the hardest case for the adversary, because you might just be a random tourist, or you might be using file-level steganography to hide encrypted data in the "random" photographic noise which these files will inevitably contain. The drawback is that this is rather inefficient for large volumes of data, and also you can't (shouldn't) use stock photos because it may be possible to find them with a reverse image search (and prove that you didn't take them yourself). Worse, if the adversary can obtain the originals by any means, they can do a binary diff to recover the (encrypted) contents of your hidden data. So you must create the images yourself and destroy the originals as thoroughly as is practical. That's not particularly hard, but it is a minor hassle, especially if you're going to do this repeatedly with differing data against the same adversary (they can keep copies of the images and compare them across multiple inspections, so image reuse is probably unsafe).

The bottom line: You're not deniable unless your data looks indistinguishable to a normal user's data. Normal users don't use tools like PDDB, so "Does the system have PDDB installed?" is already a decently good proxy for "Is the user trying to hide something?", and there's just no practical way around that.

Huang: The Plausibly Deniable DataBase

Posted Feb 10, 2022 11:18 UTC (Thu) by smurf (subscriber, #17840) [Link]

* You have an actual marked-as-crypto partition that contains a bunch of private photos and the data to access your business expense account, which you unlock under protest. The adversary thinks they've succeeded. You get away with the "real" crypto partition, which is hidden in a few of the large movies you carry around on your system. Not to mention the other crypto partition, on the micro-SD card that's hidden in a fold of your luggage, beside the metal frame so that the scanners have a hard time seeing it. Plausible deniability and all that, after all you went to an electronics store to replace the "lost" card yesterday.

Also, imaging a complete disk (or all of the memory cards, still in their "unopened" retail package, which you carry around "for your high-end GoPro") for later perusal is something you might have to prepare for if the adversary thinks you might be carrying high-risk data, but it's not going to be an every-day occurrence. After all, you're sure to going to miss your flight if that happens.

Huang: The Plausibly Deniable DataBase

Posted Feb 10, 2022 20:19 UTC (Thu) by rgmoore (✭ supporter ✭, #75) [Link]

As a practical matter, this is not something you're likely to take with you through customs. If you're going through customs or some other place where the authorities have an opportunity to copy your data, you're best off just not having anything you don't want the government to see on your laptop. Keep anything really important on your server at home and work on it through VPN. This is more likely to be something you'd keep on that server, where the attack mode is the government coming and taking the whole server away.

Huang: The Plausibly Deniable DataBase

Posted Feb 9, 2022 17:45 UTC (Wed) by pebolle (guest, #35204) [Link] (5 responses)

When things like this come up one might as well advise people to memorize psalm 91 instead. So that they can silently recite it while they are dragged into yet another nightly interrogation...

Huang: The Plausibly Deniable DataBase

Posted Feb 10, 2022 4:22 UTC (Thu) by jebba (guest, #4439) [Link] (4 responses)

Exactly... The Rubberhose filesystem*, the closest precursor to PDDB, didn't protect it's author from torture. That said, bunnie Huang is 110% legit. Security in layers. I look forward to getting my Precursor hardware.

* https://en.wikipedia.org/wiki/Rubberhose_%28file_system%29

Huang: The Plausibly Deniable DataBase

Posted Feb 11, 2022 19:43 UTC (Fri) by pebolle (guest, #35204) [Link] (3 responses)

> I look forward to getting my Precursor hardware.

Don't be silly, you don't need it.

And the people that might need it - people targeted by drug cartels, terrorists or the many shady governments one can run into - aren't helped a bit by it. They'll end up dead after spilling loads of information to their adversaries. People in that role should probably know as little as possible and not store anything on whatever devices they use. (Not that I actually know how to be in such a role.)

Precursor sounds like an elaborate element of a LARP.

Huang: The Plausibly Deniable DataBase

Posted Feb 11, 2022 20:47 UTC (Fri) by jebba (guest, #4439) [Link] (2 responses)

>> I look forward to getting my Precursor hardware.

@pebolle
>Don't be silly, you don't need it.

How can you say that? Do you know anything about me? Do you know anything about having my computers taken? Have you ever sat in on an interview when I am being questioned by a government? Do you know anything about my media winding up in the governments' hands? Do you know anything about who I've worked with?

Huang: The Plausibly Deniable DataBase

Posted Feb 11, 2022 23:25 UTC (Fri) by pebolle (guest, #35204) [Link] (1 responses)

> Do you know anything about me?

No, but if you choose to be a good bunnie and use that Precursor device I'll no doubt read all about you on the world's front pages in a few years.

Huang: The Plausibly Deniable DataBase

Posted Feb 11, 2022 23:30 UTC (Fri) by jebba (guest, #4439) [Link]

> if you choose to be a good bunnie and use that Precursor device I'll no doubt read all about you on the world's front pages in a few years.

A few years? I have clients I've worked with in world news already this year and it's February... One of them I even sent Purism devices! Every inch we can make towards securing communications is a plus. Bunnie is the greatest.