Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Secure e-mail application with NFC

advertisement 
Secure e-mail application with NFC-based key
exchange for Android smartphones
Adam Herczeg
University of Obuda
Honved street 16, Budapest, 1205, Hungary
Phone: +36-30-444-5762, e-mail: sherc91@gmail.com
This article’s goal is to demonstrate why is important to
write, and execute), so that other applications cannot access.
protect your sensitive data on an Android smartphone and
introduce you a secure e-mail application which provide
that your private or business messages are safe and
unreadable for unauthorized, third-party users. It is use
symmetric encryption and the secret key used for
chippering has to be regenerate and exchange with your
partner at predetermined intervals through personal with
the popular NFC (Near Field Communication) technology
what is built-in smartphones. This method keeps the
security level high.
INTRODUCTION
The proliferation of smartphones personal informations are
Fig I. Android security model
There are three important exceptions:
- if you set the sharedUserId to common, then the
applications can access each other's files and
information.
in danger that we’ve never seen before. Data we are storing on
our device malicious people have easy access, without the
owner knowing.
Since in today's world of e-mail-based communication is
unavoidable, therefore a number of personal and confidential
information transmitted with it, so it is necessary that this
information be protected from unauthorized people.
Smartphone’s built-in mail apps not provide sufficient
security against prying eyes. If someone has access to your
-
if a user is an administrator in the system. Consider
-
the rooting as well.
Linux-based access control does not apply to data
located in external storage (such as an SD card), so
the data can be found there every application can
reach. If you do not want this, you need to encrypt
the data.
device, he can watch your messages without prior
authentication because the built-in email application doesn’t
ask for password when someone opens it, primarily for reasons
of convenience.
Those smart phone users who want better and safer
solution, they have to look for third party applications.
SecureMail™ satisfies these demands.
ANDROID FILE SYSTEM [1]
For every application the Android make an applicationspecific folder. This folder is configured the app’s UID is the
owner and only the owner permissions are assigned (read,
Fig II. Android file system access
THE BASICS OF ENCRYPTION
In terms of the basic concept two kinds of encryption
methods exist and
within these
number of practical
implementations have been developed. The first and most
popular is symmetric one. The case in symmetric key
For SecureMail™ is important to how widespread NFC
technology because more people have NFC enabled
smartphones, the more people will be able to use the
application. Below, you can see the past, the current and
expected sales figures.
encryption the algorithm is generally puplic , however, the key
must be kept secret, otherwise anyone can decrypt the
encrypted message. The key length determines the encryption
strength. The longer, the stronger the protection, so it is more
difficult to crack the attackers. Today's computers and smart
phones can both encrypt and decrypt quickly. The biggest
downside is that somehow the key to be sent to the recipient,
even before messaging.
NEAR FIELD COMMUNICATION (NFC) [2]
The NFC (Near Field Communication) based on radio
frequency identification (RFID) technology, which provides a
range of devices to communicate without physical contact.
Main features:
- Short-range radio frequency technology (typically 5-10
-
cm)
13.56 MHz transmission frequency
-
minimum data transfer speed of 424 kbps
-
NFC tags with a storage capacity of 64 B - 1 KB
NFC-enabled phones can be used perfectly as contactless
payment, e-ticketing as well as a substitute or complement
the earlier mobile payment solutions. The technology is
often used in services and applications where personal data,
photos and other files between users can exchange each
other.
Modes of operation:
-
P2P mode: data exchange between two devices. Twoway connection between two NFC enabled phone. Eg:
Business card exchange, transfer of traffic tickets.
SecureMail™ uses this mode.
-
-
Fig III. NFC enabled smartphones ships
KEY DERIVATION
SecuerMail™ uses PKCS#5 (Public Key Cryptography
Standard) for key derivation. The standard is based on two
main ideas: using a salt to protect from table-assisted (precomputed) dictionary attacks and using a large iteration count
to make the key derivation computationally expensive.
By using a random ‘salt’, multiple keys can be constructed
based on the same password, and thus an attacker needs to
generate a new key table for each salt value, making precomputed table attacks much harder.
The other approach applied in PKCS#5 is repeating the key
derivation operation multiple times to produce the final key.
This has little effect on legitimate use, where only one try is
needed to derive the key from the correct password, but
considerably slows down brute force attacks which try out
multiple passwords in a row.
PKCS#5 defines two
key
derivation
functions,
named PBKDF1 and PBKDF2. To generate each block,
a pseudorandom function is repeatedly applied to the
concatenation of the password, salt and block index. Unlike
Read/Write mode: Reading and Writing NFC and RFID
tags. One-way link between an NFC enabled device and
PBKDF1, PBKDF2 doesn't specify how to derive an IV, so a
randomly generated one is used.
a tag. Eg: In general, management of RFID and NFC
tags. Handling traffic tickets.
Let’s see SecureMail™ implementation at Fig. IV. It
generates a random salt, 256 bit key length and uses 10000
Card emulation mode: NFC and RFID tags emulation.
One-way link between the reader and the NFC enabled
iterations to initialize a “SecretKeyFactory” which generates
our key. It doesn't use the “SecretKey” object produced by the
device. Not distinguishable for the reader that it reads an
NFC device or an RFID tag. Eg: mobile wallet, bank
factory as is, but use its encoded value to create a new
card use.
“SecretKeySpec” object. That is done because the output of
generateSecret() is actually a “PBEKey” instance.
Fig IV. SecureMail™ key derivation
KEY MANAGMENT
As I mentioned the secure key has to be change at
predetermined intervals to keep the security level high. This
requires the two partners personal meeting, and then their
phone’s secure NFC channel is used to generate and
synchronize a new key.
The initiating party must type his partner e-mail address
and a password, which he wants to use for encrypt the
generated key.
The key is a pseudo-random 32-character string. After it
was generated, we save it to the database then encrypt it with
the requested password. At the same time, the app sends to the
partner’s phone what he can save and encrypts it.
If we already had existing correspondence with our partner,
then the app will notify us that they should be re-encrypted
with the new key. When this process is complete, we can say
the key exchange process has done.
REFERENCES
[1]
Jeff Six: Application Security for the Android
Platform, O’Reilly Media 2011. December
[2]
University of Obuda, course “Elektronikus azonosítás
biztonsági megoldásai” and the projected slides. 2013
Related documents
PPTX - WordPress.com
PPTX - WordPress.com
Global roaming Multitouch display Internet faster than at
Global roaming Multitouch display Internet faster than at
17.1 Case Study Worksheet1
17.1 Case Study Worksheet1
NFC PowerPoint Presentation
NFC PowerPoint Presentation
File
File
Slides - University of Melbourne
Slides - University of Melbourne
SocialMobility-SmartCampus-Multicard
SocialMobility-SmartCampus-Multicard
How Near Field Communication Could Change Our Lives
How Near Field Communication Could Change Our Lives
FIRE PREVENTION INSPECTION CHECKLIST
FIRE PREVENTION INSPECTION CHECKLIST
Additional information on the uses of SecureMail
Additional information on the uses of SecureMail
N-Mark Trademark Usage Guidelines for Devices
N-Mark Trademark Usage Guidelines for Devices
NFC Service Roaming
NFC Service Roaming
Download
advertisement