Post Syndicated from original https://lwn.net/Articles/884085/rss

Andrew ‘bunnie’ Huang introduces PDDB, a
database meant to allow users to (plausibly) deny the existence of specific
data within it.

Precursor
is a device we designed to keep secrets, such as passwords,
wallets, authentication tokens, contacts and text messages. We also
want it to offer plausible deniability in the face of an attacker
that has unlimited access to a physical device, including its root
keys, and a set of “broadly known to exist” passwords, such as the
screen unlock password and the update signing password. We further
assume that an attacker can take a full, low-level snapshot of the
entire contents of the FLASH memory, including memory marked as
reserved or erased. Finally, we assume that a device, in the worst
case, may be subject to repeated, intrusive inspections of this
nature.

We created the PDDB (Plausibly Deniable DataBase) to address this
threat scenario.