Design of Trusted Messaging Solution for Mobile Terminal

doi:10.3969/j.issn.1671-1122.2015.09.036

Abstract

Abstract:

Research results show that a large number of mobile messaging applications either don’t use any security solutions, or design proprietary protocol with flaws, or inappropriately make use of standard security protocols (i.e. SSL/TLS), causing untrusted problems such as insufficient confidentiality protection and not verifiable message source, and therefore are not suitable for high security requirements of government affairs, business and military, etc. In order to meet the needs of mobile terminal high security message transmission, this paper designed a kind of mobile terminal trusted messaging scheme, which performs access control and only the unauthorized users and mobile terminals can access service securely. The identifications among mobile terminal, smartcard and trusted center server guarantee the legitimation of components which access the messages; public key and symmetric key cryptography encryption guarantees the confidentiality, and MAC guarantees the integrity; subscribers use smartcards to sign message to ensure the message source is verifiable and non-deniable.

Key words: trusted message transmission, smartcard, identity authentication

CLC Number:

TP309

Ying-sheng LIANG, Qiong-xiao WANG, Cun-qing MA, Li-ping WANG. Design of Trusted Messaging Solution for Mobile Terminal[J]. Netinfo Security, 2015, 15(9): 158-162.

Figures/Tables 3

References 11

[1]	International Data Corporation (IDC). As Tablets Slow and PCs Face Ongoing Challenges, Smartphones Grab an Ever-Larger Share of the Smart Connected Device Market Through 2019[EB/OL]. .
[2]	A. Whitten, J. D. Tygar.Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0[C]//Proceedings of the 8th USENIX Security Symposium, Washington, D.C., USA: 1999, 169-184.
[3]	Simson L. Garfinkel, Robert C.Miller. Johnny 2: A User Test of Key Continuity Management with S/MIME and Outlook Express[C]// Symposium On Usable Privacy and Security (SOUPS), Pittsburgh, Penn. USA: 2005, 13-24.
[4]	K. Renaud, M. Volkamer, A. Renkema-Padmos.Why Doesn’t Jane Protect Her Privacy?[C]//Privacy Enhancing Technologies. Springer International Publishing, 2014: 244-262.
[5]	傅坦坦,马启航,陈雅婕,等. 移动终端数据泄露动态监控系统[J]. 信息网络安全,2014,(5):68-72.
[6]	Sebastian Schrittwieser, Peter Fruhwirt, Peter Kieseberg, et al.Guess Who's Texting You? Evaluating the Security of Smartphone Messaging Applications[C]//Proceedings of the Network and Distributed System Security Symposium(NDSS’12), San Diego, California, USA: 2012.
[7]	赵洋,胡龙,熊虎,等. 基于沙盒的Android恶意软件动态分析方案[J]. 信息网络安全,2014,(12):21-26.
[8]	Nik Unger, Sergej Dechand, Joseph Bonneau, et al.SoK: Secure Messaging[C]//IEEE Security & Privacy (Oakland), San Jose, California, USA: 2015.
[9]	黄可臻,李宇翔,林柏钢. 基于Android的隐私数据安全保护系统[J]. 信息网络安全,2014,(9):54-57.
[10]	NFC World+. NFC phones: The definitive list[EB/OL]. .
[11]	张晓,李林,许家乐,等. 基于SMC的Android软件保护研究与实现[J]. 信息网络安全,2014,(11):74-78.

[1]	Xiaofen LIU, Xiaofeng CHEN, Guiren LIAN, Song LIN. Authenticated Multiparty Quantum Secret Sharing Protocol with d-level Single Particle [J]. Netinfo Security, 2020, 20(3): 51-55.
[2]	Fuyou ZHANG, Qiongxiao WANG, Li SONG. Research on Unified Identity Authentication System Based on Biometrics [J]. Netinfo Security, 2019, 19(9): 86-90.
[3]	Shun ZHANG, Zhangkai CHEN, Fengyu LIANG, Runhua SHI. A Quantum Identity Authentication Based on Bell State [J]. Netinfo Security, 2019, 19(11): 43-48.
[4]	Wei HU, Qiuhan WU, Shengli LIU, Wei FU. Design of Secure eID and Identity Authentication Agreement in Mobile Terminal Based on Guomi Algorithm and Blockchain [J]. Netinfo Security, 2018, 18(7): 7-9.
[5]	Lin YOU, Jiahao LIANG. Research on Secure Identity Authentication Based on Homomorphic Encryption and Biometric [J]. Netinfo Security, 2018, 18(4): 1-8.
[6]	Ziwen SUN, Fu LI. Gesture Authentication Method Based on HMM and D-S Evidence Theory [J]. Netinfo Security, 2018, 18(10): 17-23.
[7]	Baoyuan KANG, Jiaqiang WANG, Dongyang SHAO, Chunqing LI. A Secure Authentication and Key Agreement Protocol for Heterogeneous Ad Hoc Wireless Sensor Networks [J]. Netinfo Security, 2018, 18(1): 23-30.
[8]	Kaili ZHAO, Danyi LI, Qiang LI, cunqing MA. Implementation of Identity Authentication Scheme Based on Smart Mobile Cryptographic Module [J]. Netinfo Security, 2017, 17(9): 107-110.
[9]	Man ZHAN, Hequn XIAN, Shuguang ZHANG. Research on Identity Authentication Technology Based on Gravity Sensor [J]. Netinfo Security, 2017, 17(9): 58-62.
[10]	Jian ZHOU, Liyan SUN, Aihua DUAN, Wenjun SHI. Regional Autonomous Identity Authentication Management Scheme for Space Self-organized Networks [J]. Netinfo Security, 2017, 17(8): 45-52.
[11]	LIU Chuanbao, CHEN Mingzhi, LIN Weining, FENG Yingyan. A Method of Identity Authentication Based on Zero Knowledge Proof in HCE Mode [J]. 信息网络安全, 2017, 17(6): 68-74.
[12]	Jiebin GUO, Yunfa LI, Dajun ZHANG. Research on an Authentication Strategy for Data Security in Cloud Computing [J]. Netinfo Security, 2017, 17(3): 72-77.
[13]	Jian ZHAO, Chang ZHANG, Xiangdong WEN. Research and Design of Remote Control System of Host Resources [J]. Netinfo Security, 2016, 16(7): 29-34.
[14]	Jing WANG. Application of the Unified Identity Authentication and User Management Platform in Electric Group Enterprise [J]. Netinfo Security, 2016, 16(12): 81-85.
[15]	Chang LIU, Jingsha HE. A Network Behavior-based Access Control Model [J]. Netinfo Security, 2016, 16(10): 34-39.