Discover Internet of Things (Aug 2024)
An application-layer plausibly deniable encryption system for wearable devices
Abstract
Abstract Wearable devices especially smartwatches are widely used in our daily life. With their increased use, a large amount of sensitive data are collected, stored, and managed in those devices. To protect sensitive data, encryption is often used but, traditional encryption is vulnerable to a novel coercive attack in which the adversary can capture the device’s user and coerce the user to disclose the decryption key. To defend against the coercive attack, Plausibly Deniable Encryption (PDE) has been designed which can allow the victim user to deny the existence of hidden sensitive data. The PDE systems have been explored broadly for smartphones. However, the PDE systems which are suitable for wearable devices are still missing in the literature. In this work, we have designed MobiWear, the first PDE system specifically designed for wearable devices. By leveraging PDE, image steganography as well as watermarking, MobiWear ensures plausible deniability and can be easily deployed at the application layer. In addition, MobiWear relies on sensors equipped with the wearable devices to enter passwords, accommodating the wearable devices which have small-size screens and are inconvenient for entering plaintext. Security analysis and experimental evaluation using a real-world prototype (ported to an LG G smartwatch) show that MobiWear can ensure the deniability with a small computational overhead as well as a tiny degradation of the perceived quality of the image.
Keywords