Deniable File Systems

This project is no longer active. Information is still available below.

Journalists, aid workers, and democracy advocates all put themselves in harm’s way for the benefit of others. Yet, there is a glaring need for them to store data securely. Typically, private data is protected with encryption that is assumed unbreakable. Yet, if those in a hostile environment are caught with encrypted data, they could be forced to comply through coercion or threats of bodily harm. We propose to secure data in plain sight by hiding it so that the operating system doesn’t even know it’s there. Therefore, the owner can completely deny the existence of the data. 

A variety of previously developed systems have been designed in an attempt to address this problem. In the process of navigating the compromises inherent to plausibly deniable storage, each of these systems have demonstrated distinctive “tells” that enable a skilled adversary with knowledge of their design to quickly discover them. Since carrying encrypted files or dedicated hardware can be inherently suspicious, a deniable storage system must be hidden within a publicly visible file system or storage device to maintain plausible deniability. It is highly suspicious if there are visible drivers or firmware, unconventional partitioning schemes, excess unusable space in a file system, or unexplained changes to the disk’s free space. To avoid suspicion, the hidden volume must operate in such a way that the encapsulating file system and operating system are entirely unaware of the hidden file system’s existence, even when faced with a detailed forensic examination.

We take a step toward the goal of applying deniable storage systems to safeguard users by addressing the above requirements with Artifice, a block device that provides functional plausible deniablility for both hidden data and the Artifice driver itself. To access a hidden volume, the user boots into a separate, Artifice-aware operating system through a Linux live USB drive which provides effective isolation from the host OS. Unlike earlier systems, this does not leave behind suspicious drivers on the user’s machine and mitigates the impact of malware and information leakage to the public volume. As the public file system cannot be aware of Artifice’s existence, Artifice must protect itself from damage due to overwrites by public operations. Information Dispersal Algorithms (such as Shamir Secret Sharing) provide Artifice overwrite tolerance through the inclusion of redundant blocks and enable a self repair process whenever the user boots the Artifice-aware OS. The overwrites still occur, but don’t cause irreparable harm.

This system will be the first fully deniable, secure, and tunable steganographic file system. All previous attempts might attain overly strong security guarantees or performance but sacrifice deniability. Our project will push the current understanding of deniable storage and it is our goal to build a fully working system that can survive an intensive forensic examination. This will allow users in the field to have a reliable, secure means of carrying information where the presence of that information does not endanger their lives.

We plan to maintain the project indefinitely through publicly available repositories such as Github, as well as on the Storage and Systems Research Center’s web page.



The Artifice prototype is implemented as a Linux Device Mapper that presents the user with a virtual block device formatted like any other disk. The prototype currently supports hiding in FAT-32 and EXT4 file systems with planned support for NTFS and APFS. The prototype also supports both Shamir Secret Sharing and AONT-RS for obfuscation and error correction. The initial prototype can run simple benchmarks, but a stable release is still a work in progress.

The prototype implementation can be found here.

Red Team Evaluation:

We are currently designing and running experiments to better understand the continually shifting environment in which Artifice resides. The amount and location of random data, free space reuse behavior, SSD TRIM, and write pattern deniability, among other factors, are poorly understood and significantly impact the ability of a deniable storage system to provide sufficient security guarantees. 


This work has been published in the Freedom and Open Communication on the Internet (FOCI '19) workshop and the Conference on Mass Storage Systems and Technologies (MSST '20). We are in the process of preparing more results for publication.


Last modified 25 Jan 2024