Artifice: A Deniable Steganographic File System

The challenge of deniability for sensitive data can be a life or death issue depending on location. Plausible deniability directly impacts groups such as democracy advocates relaying information in repressive regimes, journalists covering human rights stories in a war zone, and NGO workers hiding food shipment schedules from violent militias. All of these users would benefit from a plausibly deniable data storage system. Previous deniable storage solutions only offer pieces of an implementable solution. Artifice is the first tunable, operationally secure, self repairing, and fully deniable steganographic file system.

Artifice operates through the use of a virtual block device driver stored separately from the hidden data. It uses external entropy sources and erasure codes to deniably and reliably store data within the unallocated space of an existing file system. A set of data blocks to be hidden are combined with entropy blocks through erasure codes to produce a set of obfuscated carrier blocks that are indistinguishable from other pseudorandom blocks on the disk. A subset of these blocks may then be used to reconstruct the data. Artifice presents a truly deniable storage solution through its use of external entropy and erasure codes, while providing better durability than other deniable storage systems.