Deniable Encryption is like tit for tat. Let us as assume, you want to decipher an encrypted file of your enemy. If an encrypted file gives you wrong information, you are likely to miss it. The required effort to find the correct file will consume too much time. Deniable encryption is a type of encryption that allows to convincingly deny that usable data is encrypted or keeps no way to be able to decipher real data.
As for example, a plain text file with the need to hide content from goverment may face an adversary where goverment can prove that the plaintext data exists. Instead, they will get useless dummy text files.
Normally, an encrypted text can be deciphered into a single simple text. The deniable encryption allows the user to decipher the encrypted text and produce, if necessary, a different simple text that functions as a decoy. The attacker, although in a condition to force the production of a simple text, can not reveal any difference between the true text and the alternative text. The user can always defend himself by choosing, from time to time, which of the texts to produce from the same encrypted text. The concept of “deniable encryption” was used by Julian Assange and Ralf Weinmann in 1996.
Modern techniques of deniable encryption exploit the pseudorandom permutation properties of block ciphers, by which it is not possible to prove that the ciphertext does not coincide with random data generated by a cryptographically secure pseudo-random number generator. Some decoy data is also used, which the user supposedly wants to keep secret and which will be revealed in case of attack, stating that this is all there is. This form of deniable encryption is sometimes referred to as steganography.
Another example of deniable encryption is the encrypted file system that uses the concept of abstract levels, where each level is encrypted with a different key, and special additional levels, with a “chaff” function, full of random data. The user stores decoy files in one or more levels and denies the existence of other levels with hidden files, stating that the rest of the space is occupied only by chaff levels. Physically, these file systems are stored in a single directory and all files have the same size and random timestamp. The names are random – if they belong to chaff levels – or they are cryptographic hashes of the strings that identify the blocks. The Rubberhose and PhoneBookFS file system uses this approach.
Another method, used by some disk encryption software, is the creation of a second encrypted volume within a container volume. The container volume is formatted with random encrypted data and then initialized with a file system that the user fills with credible sensitive data. Then a second hidden and encrypted volume is inserted internally into the container volume, in which the user stores secret data. As in the other examples, the protection of the encrypted volume brings origin of the pseudo-random permutation properties of the ciphers by blocks.
The integrity of the encrypted volume depends on the possibility of not increasing the size of the data contained in the container volume until overwriting the hidden space assigned to the internal encryption. Perhaps it may be necessary to “freeze” the container volume in time to preserve that hidden, running the risk of making it suspect in consequence of the timestamps of the last access and modification never more updated. FreeOTFE and BestCrypt can contain more encrypted volumes inside a container volume; TrueCrypt is limited to a hidden volume.
The denial, although false, can not be verified by the attacker without the cooperation of the user, who might not really be able to decipher the data. The deniable encryption serves to undermine the attacker’s confidence and his doubt becomes another form of protection.
Using cloud storage have grown too higher. For the sake of privacy, some of the cloud storage encryption schemas has been proposed to secure the data from the unwanted. Such schemes assume that providers are secure and are not hackable. Since govermental agencies can not guess whether the obtained secrets are true or false, the providers may ensure that the users’ privacy is securely provided. The deniable encryption schemes rely on the fact that the cloud storage service providers handling key management are trusted. However interception of the communication between the users and cloud storage providers compel storage providers to release user secrets. In such case the encrypted data are assumed to be known and storage providers. Deniable schemes are built to form an audit free cloud storage service. The deniability makes the effort of coercion invalid.
The existence of hidden encrypted data may be revealed by flaws in the implementation, watermarking attack, leaking into non-encrypted disk space. Deniable encryption does not defend users from revealing keys under coercion. Possession of deniable encryption tools could lead the attackers to continue the exploits.