An application-layer plausibly deniable encryption system for wearable devices

Published: 01 Jan 2024, Last Modified: 06 Mar 2025Discov. Internet Things 2024EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: Wearable devices especially smartwatches are widely used in our daily life. With their increased use, a large amount of sensitive data are collected, stored, and managed in those devices. To protect sensitive data, encryption is often used but, traditional encryption is vulnerable to a novel coercive attack in which the adversary can capture the device’s user and coerce the user to disclose the decryption key. To defend against the coercive attack, Plausibly Deniable Encryption (PDE) has been designed which can allow the victim user to deny the existence of hidden sensitive data. The PDE systems have been explored broadly for smartphones. However, the PDE systems which are suitable for wearable devices are still missing in the literature. In this work, we have designed MobiWear, the first PDE system specifically designed for wearable devices. By leveraging PDE, image steganography as well as watermarking, MobiWear ensures plausible deniability and can be easily deployed at the application layer. In addition, MobiWear relies on sensors equipped with the wearable devices to enter passwords, accommodating the wearable devices which have small-size screens and are inconvenient for entering plaintext. Security analysis and experimental evaluation using a real-world prototype (ported to an LG G smartwatch) show that MobiWear can ensure the deniability with a small computational overhead as well as a tiny degradation of the perceived quality of the image.
Loading