Secure instant-messaging method for mobile intelligent terminal

doi:10.11772/j.issn.1001-9081.2017.02.0402

Journal of Computer Applications ›› 2017, Vol. 37 ›› Issue (2): 402-407.DOI: 10.11772/j.issn.1001-9081.2017.02.0402

Previous Articles Next Articles

Secure instant-messaging method for mobile intelligent terminal

ZHANG Fan¹, ZHANG Cong¹, ZHAO Zemao², XU Mingdi³

1. Schoolf of Mathematics & Computer Science, Wuhan Polytechnic University, Wuhan Hubei 430023, China;
2. School of Engineering and Design, Lishui University, Lishui Zhejiang 323000, China;
3. Wuhan Digital and Engineering Institute, Wuhan Hubei 430205, China

Received:2016-08-22 Revised:2016-09-28 Online:2017-02-10 Published:2017-02-11
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61502438, 61502362), Key Projects of Hubei Provincial Natural Science Foundation (2015CFA061), Zhejiang Provincial Natural Science Foundation (LY15F020015), 2015 Hubei Provincial Research Project of Construction Department.

移动智能终端安全即时通信方法

张帆¹, 张聪¹, 赵泽茂², 徐明迪³

1. 武汉轻工大学数学与计算机学院, 武汉 430023;
2. 丽水学院工程与设计学院, 浙江丽水 323000;
3. 武汉数字工程研究所, 武汉 430205

通讯作者: 徐明迪,siemendy@whu.edu.cn
作者简介:张帆(1977-),男,湖北当阳人,副教授,博士,CCF会员,主要研究方向:信息系统安全、软件安全;张聪(1968-),男,上海人,教授,博士,主要研究方向:多媒体通信和安全;赵泽茂(1965-),男,四川蓬溪人,教授,博士,主要研究方向:隐私保护、软件安全;徐明迪(1980-),男,湖北武汉人,副研究员,博士,主要研究方向:信息系统安全、可信计算。
基金资助:
国家自然科学基金资助项目（61502438，61502362）；湖北省自然科学基金重点项目（2015CFA061）；浙江省自然科学基金资助项目（LY15F020015）；2015年湖北省建设厅科技计划项目。

Abstract

Abstract: Instant messaging is fundamental to various mobile Internet applications; however, it is still an open problem to implement secure instant messaging in untrusted Internet environment. An approach for secure instant messaging of mobile intelligent terminal was presented, and a protocol for Trusted Session Key Agreement (TSKA) was designed and implemented. Theoretical analysis shows that the proposed TSKA can ensure the authenticity, freshness and confidentiality of the negotiated session key, even in the condition that both of the instant messaging server and the communication channel are not trusted. After TSKA, instant audio/video messages can be sent to the other side in a confidential and complete way. Experimental results in real Internet environment show that the proposed approach is efficient and secure, the session key can be negotiated within 1-2 seconds, and attackers cannot obtain any plaintext of instant messages.

Key words: mobile intelligent terminal security, instant messaging, trusted key agreement, protocol security

摘要： 针对移动智能终端即时通信安全问题，提出了一种不可信互联网条件下移动智能终端安全通信方法。该方法设计并实现了一种在服务器和通信信道均不可信情况下的可信密钥协商协议。理论分析表明，所提出的密钥协商协议可以确保通信双方所协商会话密钥的真实性、新鲜性和机密性等诸多安全特性。密钥协商完成之后，基于透明加解密技术即可以确保即时通信双方语音/视频通信信息的机密性和完整性。真实移动互联网环境下的测试也表明该方法是高效和安全的，密钥协商可以在1~2 s完成，攻击者无法获取即时通信的明文信息。

关键词: 移动智能终端安全, 即时通信, 可信密钥协商, 协议安全

CLC Number:

TP309

ZHANG Fan, ZHANG Cong, ZHAO Zemao, XU Mingdi. Secure instant-messaging method for mobile intelligent terminal[J]. Journal of Computer Applications, 2017, 37(2): 402-407.

张帆, 张聪, 赵泽茂, 徐明迪. 移动智能终端安全即时通信方法[J]. 计算机应用, 2017, 37(2): 402-407.

References

[1] 孟蕊.即时通信用户规模增长第一, 手机端发展超整体水平[EB/OL].[2016-05-01]. http://www.cnnic.cn/hlwfzyj/fxszl/fxswz/201307/t20130718_40676.htm. (MENG R. Instant messaging user scalge grows the fastest, and the development of mobile phones go beyond the overall levels[EB/OL].[2016-05-01]. http://www.cnnic.cn/hlwfzyj/fxszl/fxswz/201307/t20130718_40676.htm.).
[2] 沈珅.即时通信行业稳步发展, 移动即时通信成为厂商争夺重点[EB/OL].[2016-05-01]. http://www.cnnic.cn/hlwfzyj/fxszl/fxswz/201107/t20110719_33459.htm. (SHEN K. Instant messaging is developing steadily, and mobile instant messaging has become the hot area of competitions for manufactures[EB/OL].[2016-05-01]. http://www.cnnic.cn/hlwfzyj/fxszl/fxswz/201107/t20110719_33459.htm.).
[3] 瞿晓海,薛质.微信加密通信原理分析[J].信息安全与技术, 2014, 5(1):13-16. (QU X H, XUE Z. The analysis and research of micro letter encryption on the mobile client and reverse break mode[J]. Information Security and Technology, 2014, 5(1):13-16.).
[4] 段冰,谷大武.Skype与QQ软件的安全通信技术研究[J]. 信息安全与通信保密,2007(11):58-60. (DUAN B, GU D W. Study on the secure communication technology of Skype and QQ[J]. Information Security and Communications Privacy, 2007(11):58-60.).
[5] 宁国强.一种安全即时通信系统的研究与设计[D].长沙:湖南大学,2010:35-42. (NING G Q. Design and implementation of a secure instant messaging system[D]. Changsha:Hunan University, 2010:35-42.).
[6] 张立坤.即时通信安全机制研究[D].济南:山东大学,2009:42-77. (ZHANG L K. Research of instant messaging[D]. Jinan:Shandong University, 2009:42-77.).
[7] PINTO R L. Secure instant messaging[D]. Frankfurt:Frankfurt University, 2014:55-62.
[8] PATIL S, KOBSA A. Enhancing privacy management support in instant messaging[J]. Interacting with Computers, 2010, 22(3):206-217.
[9] XIE M, WU Z, WANG H. Secure instant messaging enterprise-like networks[J]. Computer Network:The International Journal of Computer and Telecommunications Networking, 2012, 56(1):448-461.
[10] DOUGLAS R S.密码学原理与实践[M]. 冯登国,译.3版.北京:电子工业出版社,2009:123-15. (DOUGLAS R S. Cryptography Theory and Practice[M]. FENG D G, translated. 3rd ed. Beijing:Publishing House of Electronics Industry, 2009:123-125.).
[11] 王圣宝,曹珍富,董晓蕾.标准模型下可证安全的身份基认证密钥协商协议[J].计算机学报,2007,30(10):1842-1852. (WANG S B, CAO Z F, DONG X L. Provably secure identity-based authenticated key agreement protocols in the standard model[J]. Chinese Journal of Computers, 2007, 30(10):1842-1852.).
[12] 汪小芬,陈原,肖国镇.基于身份的认证密钥协商协议的安全分析与改进[J].通信学报,2008,29(12):16-21. (WANG X F, CHEN Y, XIAO G Z. Analysis and improvement of an ID-based authenticated key agreement protocol[J]. Journal on Communications, 2008, 29(12):16-21.).
[13] 赵建杰,谷大武.eCK模型下可证明安全的双方认证密钥协商协议[J].计算机学报,2011,34(1):47-54. (ZHAO J J, GU D W. Provably secure two-party authenticated key exchange protocol in eCK model[J]. Chinese Journal of Computers, 2011, 34(1):47-54.).
[14] 张福泰,孙银霞,张磊,等.无证书公钥密码体制研究[J].软件学报,2011,22(6):1316-1332. (ZHANG F T, SUN Y X, ZHANG L, et al. Research on certificateless public key cryptography[J]. Journal of Software, 2011, 22(6):1316-1332.).
[15] 高海英.可证明安全的基于身份的认证密钥协商协议[J].计算机研究与发展,2012,49(8):1685-1689. (GAO H Y. Provable secure ID-based authenticated key agreement protocol[J]. Journal of Computer Research and Development, 2012, 49(8):1685-1689.).
[16] 赵波,张焕国,李晶,等.可信PDA计算平台系统结构与安全机制[J].计算机学报,2010,33(1):82-92. (ZHAO B, ZHANG H G, LI J, et al. The system architecture and security structure of trusted PDA[J]. Chinese Journal of Computers, 2010, 33(1):82-92.).
[17] DAM M, GUANCIALE R, KHAKPOUR N, et al. Formal verification of information flow security for a simple ARM-based separation kernel[C]//CCS'13:Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM, 2013:223-234.
[18] DAVI L, DMITRIENKO A, EGELE M, et al. MoCFI:a framework to mitigate control-flow attacks on smartphones[C]//NDSS 2012:Proceedings of the 19th Annual Network and Distributed System Security Symposium. Washington, DC:Internet Society, 2012:222-237.
[19] YANG Z, YANG M, ZHANG Y, et al. AppIntent:analyzing sensitive data transmission in Android privacy leakage detection[C]//CCS'13:Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM, 2013:1043-1054.
[20] ZHOU X, DEMETRIOU S, HE D, et al. Identity, location, disease and more:inferring your secrets from Android public resources[C]//CCS'13:Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security. New York:ACM, 2013:1017-1028.
[21] EGELE M, KRUEGEL C, KIRDA E, et al. PiOS:detecting privacy leaks in iOS applications[C]//NDSS 2011:Proceedings ofthe 18th Annual Network and Distributed System Security Symposium. Washington, DC:Internet Society, 2011:189-206.
[22] LANGE M, LIEBEGELD S, LACKORZYNSKI A, et al. L4Android:a generic operating system framework for secure smartphones[C]//SPSM'11:Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. New York:ACM, 2011:39-50.
[23] 卫剑钒,陈钟,段云所,等. 一种认证协议防御拒绝服务攻击的设计方法[J].电子学报,2005,33(2):288-293. (WEI J F, CHEN Z, DUAN Y S, et al. A new countermeasure for protecting authentication protocols against denial of service attack[J]. Acta Electronica Sinica, 2005, 33(2):288-293.).
[24] CAO Z, GUAN Z, CHEN Z, et al. Towards risk evaluation of denial-of-service vulnerabilities in security protocols[J]. Journal of Computer Science and Technology, 2010, 25(2):375-387.

Secure instant-messaging method for mobile intelligent terminal

移动智能终端安全即时通信方法

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 6

Recommended Articles

Metrics

[1]	MA Qingjie, LI Binglong, WEI Lina. File recovery based on SQlite content carving [J]. Journal of Computer Applications, 2017, 37(2): 392-396.
[2]	. Solution of IPSec NAT-traversal in virtual private network [J]. Journal of Computer Applications, 2010, 30(07): 1757-1759.
[3]	Ya-ping DENG Hong FU Xian-zhong XIE Yu-cheng ZHANG Jing-lin SHI. 3GPP authentication and key agreement protocol based on public key cryptosystem [J]. Journal of Computer Applications, 2009, 29(11): 2936-2938.
[4]	. Design and implementation of enterprise instant messaging system of cross-protocol [J]. Journal of Computer Applications, 2009, 29(10): 2655-2658.
[5]	LIN Hao-Ran Yao-Wen YAO. Multi-protocols instant messaging system based on SOA [J]. Journal of Computer Applications, 2008, 28(12): 3261-3263.
[6]	. Three-tier K-ary tree: A new group topology architecture in instant messaging [J]. Journal of Computer Applications, 2006, 26(11): 2558-2560.