International Association
for Cryptologic Research

With sensitive data being increasingly stored on mobile devices and

laptops, hard disk encryption is more important than ever. In

particular, being able to plausibly deny that a hard disk contains

certain information is a very useful and interesting research

goal. However, it has been known for some time that existing

``hidden volume\'\' solutions, like TrueCrypt, fail in the face of an

adversary who is able to observe the contents of a disk on multiple,

separate occasions. In this work, we explore more robust

constructions for hidden volumes and present HIVE, which is

resistant to more powerful adversaries with multiple-snapshot

capabilities. In pursuit of this, we propose the first security

definitions for hidden volumes, and prove HIVE secure under these

definitions. At the core of HIVE, we design a new write-only

Oblivious RAM. We show that, when only hiding writes, it is

possible to achieve ORAM with optimal O(1) communication complexity

and only poly-logarithmic user memory. This is a significant

improvement over existing work and an independently interesting

result. We go on to show that our write-only ORAM is specially

equipped to provide hidden volume functionality with low overhead

and significantly increased security. Finally, we implement HIVE as

a Linux kernel block device to show both its practicality and

usefulness on existing platforms.