Security Issues in Mobile Computing
Security Issues in Mobile Computing
Security Issues in Mobile Computing
Computing
INTRODUCTION
• Today, all the computers of the world are interconnected through internet.
• Confidentiality: Information is kept secret (through encryption) so that unauthorized persons cannot get at the information.
Components of Information Security
• Integrity: Keeping the information intact(to maintain the information in such a way it doesn’t get damaged).
• Non-repudiation: It is the property by which the identity of both sender and receiver of the message can be
• Authorization: It is the property by which the user’s properties can be associated to the information access.
• Symmetric key encryption: the key used for decryption is the same as the key for
encryption. Sometimes the algorithm used for encryption and decryption is the
same.
• Public Key Algorithms: The key used for decryption is different from the key used
for encryption.
Stream Ciphering & Block Ciphering
• Stream Cipher : A bit or a byte is taken at a time and encrypted.
encrypts them one bit (or byte) at a time as the stream progresses.
The length of the plaintext and the key size will be same.
• Block Cipher: One block of plaintext is taken as a whole and used to produce a ciphertext
block of equal length.
• In this type of encryption, the key is secret and known only to the encrypting &
decrypting. Therefore it is also known as a secret key algorithm.
• Unauthorized recipients of the cipher who know the algorithm but do not have
correct key cannot derive the original data algorithmically.
• In a symmetric key cryptography , there are four components:
1) DES( Data Encryption Standard) – consists of 64bits of which 56 bits are randomly generated and
used directly by the algorithm. The other 8 bits are used for error detection and not for encryption.
2)3DES – DES is used 3 times in succession with different keys. This increases the key size resulting in
higher security.
4)Skipjack/FORTEZZA : This is a token-based symmetric algorithm used by defense personnel in the US.
PUBLIC KEY CRYPTOGRAPHY
• Two different keys - one for encryption and a different key for decryption.
• The encryption key and the decryption key together form a key pair.
• One of these keys from the key pair is made public and the other one kept
private or secret. That is why this algorithm is called public key cryptosystem.
• This process is repeated for as many rounds as are required to hash the entire message. Schematic of
hashing algorithm is depicted in the following illustration −
Since, the hash value of first message block becomes an input to the second hash operation, output of which
alters the result of the third operation, and so on. This effect, known as an avalanche effect of hashing.
Popular Hash Functions
• MD5 was most popular and widely used hash function for quite some years.
• The MD family comprises of hash functions MD2, MD4, MD5 and MD6. It was adopted as Internet
Standard RFC 1321. It is a 128-bit hash function.
• MD5 digests have been widely used in the software world to provide assurance about integrity of
transferred file. For example, file servers often provide a pre-computed MD5 checksum for the
files, so that a user can compare the checksum of the downloaded file to it.
Secure Hash Function (SHA)
• Family of SHA comprise of four SHA algorithms; SHA-0, SHA-1, SHA-2, and SHA-3. Though from same family, there are structurally different.
• The original version is SHA-0, a 160-bit hash function, was published by the National Institute of Standards and Technology (NIST) in 1993. It
had few weaknesses and did not become very popular. Later in 1995, SHA-1 was designed to correct alleged weaknesses of SHA-0.
• SHA-1 is the most widely used of the existing SHA hash functions. It is employed in several widely used applications and protocols including
• In 2005, a method was found for uncovering collisions for SHA-1 within practical time frame making long-term employability of SHA-1.
• SHA-2 family has four further SHA variants, SHA-224, SHA-256, SHA-384, and SHA-512 depending up on number of bits in their hash value.
• Though SHA-2 is a strong hash function. Though significantly different, its basic design is still follows design of SHA-1. Hence, NIST called for
• In October 2012, the NIST chose the Keccak algorithm as the new SHA-3 standard. Keccak offers many benefits, such as efficient
• Confidentiality
• Message Integrity
• In the SSL Record Protocol application data is divided into fragments. The fragment is compressed and then encrypted
MAC (Message Authentication Code) generated by algorithms like SHA (Secure Hash Protocol) and MD5 (Message Digest)
is appended. After that encryption of the data is done and in last SSL header is appended to the data.
Handshake Protocol:
• Handshake Protocol is used to establish sessions. This protocol allows the client and server to authenticate each other by
sending a series of messages to each other. Handshake protocol uses four phases to complete its cycle.
• Phase-1: In Phase-1 both Client and Server send hello-packets to each other. In this IP session, cipher suite and protocol
• Phase-2: Server sends his certificate and Server-key-exchange. The server end phase-2 by sending the Server-hello-end
packet.
• Phase-3: In this phase, Client replies to the server by sending his certificate and Client-exchange-key.
• Phase-4: In Phase-4 Change-cipher suite occurred and after this Handshake Protocol ends.
Change-cipher Protocol:
• This protocol uses the SSL record protocol. Unless Handshake Protocol
is completed, the SSL record Output will be in a pending state. After
the handshake protocol, the Pending state is converted into the
current state.
• Change-cipher protocol consists of a single message which is 1 byte in
length and can have only one value. This protocol’s purpose is to
cause the pending state to be copied into the current state.
Alert Protocol:
• This protocol is used to convey SSL-related alerts to the peer entity. Each message in this protocol contains 2
bytes.
• This Alert breaks the connection between sender and receiver. The connection will be stopped,
cannot be resumed but can be restarted. Some of them are :
• Handshake failure: When the sender is unable to negotiate an acceptable set of security parameters
given the options available.
• Decompression failure: When the decompression function receives improper input.
• Illegal parameters: When a field is out of range or inconsistent with other fields.
• Bad record MAC: When an incorrect MAC was received.
• Unexpected message: When an inappropriate message is received.
• During the TLS handshake, the user's device and the web server:
• Specify which version of TLS (TLS 1.0, 1.2, 1.3, etc.) they will use
• Decide on which cipher suites (see below) they will use
• Authenticate the identity of the server using the server's TLS certificate
• Generate session keys for encrypting messages between them after the handshake
is complete.
How does TLS work?
• The TLS handshake establishes a cipher suite for each communication
session. The cipher suite is a set of algorithms that specifies details
such as which shared encryption keys, or session keys, will be used for
that particular session. TLS is able to set the matching session keys
over an unencrypted channel thanks to a technology known as public
key cryptography.
• The handshake also handles authentication, which usually consists of
the server proving its identity to the client. This is done using public
keys. Public keys are encryption keys that use one-way encryption,
meaning that anyone with the public key can unscramble the data
encrypted with the server's private key to ensure its authenticity, but
only the original sender can encrypt data with the private key. The
server's public key is part of its TLS certificate.
How does TLS work?
• Once data is encrypted and authenticated, it is then signed with a
message authentication code (MAC). The recipient can then verify the
MAC to ensure the integrity of the data. This is kind of like the
tamper-proof foil found on a bottle of aspirin; the consumer knows no
one has tampered with their medicine because the foil is intact when
they purchase it.
PUBLIC KEY INFRASTRUCTURE
• Public key infrastructure or PKI is the governing body behind issuing
digital certificates. It helps to protect confidential data and gives
unique identities to users and systems. Thus, it ensures security in
communications.
• The public key infrastructure uses a pair of keys: the public key and
the private key to achieve security. The public keys are prone to
attacks and thus an intact infrastructure is needed to maintain them.
PUBLIC KEY INFRASTRUCTURE
• Managing Keys in the Cryptosystem:
• The security of a cryptosystem relies on its keys. Thus, it is important
that we have a solid key management system in place. The 3 main
areas of key management are as follows:
• PKI owes its popularity to the various problems its solves. Some use
cases of PKI are:
• Auto Manufacturers: Cars these days have features like GPS, call for
services, assistants, etc. These require communication paths where a lot
of data is passed. Making these connections secure is very important to
avoid malicious parties hacking into the cars. This is where PKI comes in.
• Medical device Manufacturers: Devices like surgical robots require high
security. Also, FDA mandates that any next-generation medical device
must be updatable so that bugs can be removed and security issues can
be dealt with. PKI is used to issues certificates to such devices.
Disadvantages of PKI:
• Speed: Since PKI uses super complex algorithms to create a secure key
pair. So it eventually slows down the process and data transfer.
•
• Private Key Compromise: Even though PKI can’t be hacked very easily
but a private key can be hacked by a professional hacker, since PKI
uses Public and Private key to encrypt and decrypt data so with user’s
private key in hand and public key which is easily available the
information can be decrypted easily.
Network Security Model
• A Network Security Model exhibits how the security service has
been designed over the network to prevent the opponent from causing
a threat to the confidentiality or authenticity of the information that is
being transmitted through the network.
• In this section, we will be discussing the general ‘network security
model’ where we will study how messages are shared between the
sender and receiver securely over the network. And we will also
discuss the ‘network access security model’ which is designed to
secure your system from unwanted access through the network
• For a message to be sent or receive there must be a sender and a
receiver. Both the sender and receiver must also be mutually agreeing
to the sharing of the message. Now, the transmission of a message
from sender to receiver needs a medium i.e. Information channel
which is an Internet service.
• A logical route is defined through the network (Internet), from sender
to the receiver and using the communication protocols both the
sender and the receiver established communication.
• Well, we are concerned about the security of the message over the network
when the message has some confidential or authentic information which has a
threat from an opponent present at the information channel. Any security
service would have the three components discussed below:
• But sender cannot send the message on the information cannel in the
readable form as it will have a threat of being attacked by the
opponent. So, before sending the message through the information
channel, it should be transformed into an unreadable format.
DESIGNING A SECURITY MODEL
• Secret information is used while transforming the message which will
also be required when the message will be retransformed at the
recipient side. That’s why a trusted third party is required which
would take the responsibility of distributing this secret information to
both the parties involved in communication.
• b. Service threat: This kind of threat disables the user from accessing
data on the system.
• These kinds of threats can be introduced by launching worms and viruses and
may more like this on your system. Attack with worms and viruses are the
software attack that can be introduced to your system through the internet.
• The network security model to secure your system is shown in the figure below:
• There are two ways to secure your system from attacker of which the first is to introduce the
gatekeeper function. Introducing gatekeeper function means introducing login-id and passwords
which would keep away the unwanted access.
• In case the unwanted user gets access to the system the second way to secure your system is
introducing internal control which would detect the unwanted user trying to access the system by
analyzing system activities. This second method we call as antivirus which we install on our
system to prevent the unwanted user from accessing your computer system through the internet.
• So, this is all about the network security model. We have discussed two network security model. One, securing your information over the
network during information transmission. Second, securing your information system which can be accessed by the hacker through the
network or internet.
What is the Mobile Security Framework?
*>A mobile security framework fits within the larger security framework to specifically protect mobile
users within the larger technology ecosystem. Maintaining a strong mobile security framework is
crucial for business as the proliferation of mobile use continues to skyrocket. According to Statista,
there were 178.1 billion mobile apps downloaded in 2017 and that number is only projected to grow.
*>Hackers are seeing the giant growth in mobile use and are tailoring their thievery to take advantage
of such growth. Individual users and more importantly, businesses, need to understand the
risks of apps and mobile sites so they may properly protect themselves with web and app security. That
is where the mobile security framework comes in.