Storing Encrypted Plain Text Files Using Google Android
|
|
- Marcus Casey
- 8 years ago
- Views:
Transcription
1 Storing Encrypted Plain Text Files Using Google Android Abstract Jared Hatfield University of Louisville Google Android is an open source operating system that is available on a wide variety of smart phones from a variety of manufactures. While the core operating system uses encryption for phone calls, web browsing, and , the local storage available on the phone is primarily unencrypted. Encryption can be deployed at the application level to protect data stored on the phone. On a typical device, the data for an application is stored on the onboard micro SD card which can easily be mounted on a computer. The files stored on the card can then be copied to another device for analysis. If an unauthorized party were to gain physical access to a phone, it would be possible to quickly create a copy of the onboard data, potentially without the phone s owner even noticing. A simple notepad application that uses an encryption algorithm and user provided password can be used to read and write plain text securely to a file on the SD card. The security of the information stored using this approach will be analyzed and the method deployed will be documented. 1. Security and the Android Platform Based on the Linux kernel, the Android Open Source operating system is a mobile phone operating system that has rapidly gained popularity following the success of Apple s iphone. With the first public release in late 2008, Android has undergone rapid development and has gained wide spread adoption by major phone manufactures and wireless carriers. Unlike other major mobile operating systems, Android is an open source operating system meaning every bit of the operating system s code is freely and publically available for inspection, modification, and reuse. The main goal, when it comes to security and the Android platform, is outlined on the developers web site, An application's process runs in a security sandbox. The sandbox is designed to prevent applications from disrupting each other, except by explicitly declaring the permissions they need for additional capabilities not provided by the basic sandbox. (Google, 2010) The threat model addressed focuses on preventing malicious applications from the market place or code downloaded from the internet from compromising the phone. For the purposes of describing the threat model addressed, we will assume that Alice has a phone running Android and Oscar is actively attempting to gain access to the content stored on Alice s phone. The specific threat addressed is securing information should Oscar obtain physical access to Alice s Android based phone, even if only for a short period of time. It would be possible to copy files off of the phone s storage using a standard computer, a task which can take only a few moments. While the online accounts that are likely authenticated on the phone could be targeted, they are not the focus of this study. 1
2 2. Storing Information Securely The typical Android based phone includes internal flash memory and a removable microsd card that provides additional storage on top of the built in storage. The information stored on the phone, in general, is unencrypted. Even if a password or unlock pattern is used, it is possible to remove the microsd card from the phone and mount the partition on a computer and gain access to the information stored on the card. However, Android provides a simple mechanism for mounting the microsd card using the phone s interface making the task even easier. Applications developed for the Android platform are written in Java and target the Dalvik virtual machine. This allows the applications to be independent of the underlying system architecture. Every application on the platform is sandboxed to prevent unauthorized cross application leakage. When an application is installed the permissions that the application requires to run are presented to the user and must be authorized before the installation will continue. The microsd card serves as a common storage location that is accessible from any application authorized to access the extended persistent memory. 3. Storage of Encrypted Text Files A simple Android application, OpenNoteSecure has been developed to illustrate a method for storing encrypted text files on the phone s microsd card. Android provides access to many of the standard Java libraries including javax.crypto which includes AES and DES symmetric encryption ciphers. 3.1 Encryption Implementation Figure 1 The method employed for encryption and decryption is a two stage process as outlined in Figure 1. The text field that is provided to the user is editable in a String representation. This plain text string is encrypted using the specified cipher and password before being encoded as a Base64 2
3 string and written to a file. For decryption the process is reversed and the file is read and converted into the raw cipher text from the Base64 encoding and then decrypted using the specified cipher and password before being displayed to the user. The Base64 encoding is not required from a technical standpoint, but allows the encrypted text to be viewed in its encoding form using the same editor that was used to encrypt the text. An example of an encrypted string is shown in Table 1. Plain Text String Password Encrypted AES String Encrypted DES String The encrypted text. mypassword k8xp+cnbq1xglwz9a0x5f2cw6hzxlev5zs7obil6pak= 7VEYR6414dZET24jh8Gx2VoCZqXdmHJe Table Android Application GUI Figure 2 Figure 3 Figure 4 The graphical elements for the interface are simple and provide the necessary functionality to encrypt simple notes. Figure 2 depicts the initial interface that allows for the creation of new files and displays all *.txt files that currently exist in the root directory. When a file is selected the next interface as seen in Figure 3 is displayed. This allows the user to select the encryption algorithm and input the password for the file. For new files, the encryption algorithm and password will be used when the formerly empty file is saved. The last interface, as seen in Figure 4, provides the means to view, edit, and save the text back to the file. 3
4 4. Analysis of Security Software that uses encryption to store information must be carefully constructed so that it minimizes its surface for attack. Since it is necessary to decrypt the file on the device, it is unavoidable to have the decrypted text to be stored in RAM so the plain text can be viewed and manipulated. 4.1 Encryption Ciphers The Android platform s primary language for creating applications is Java. While the language for writing applications follows the Java syntax, the language itself does not strictly follow the standard Java implementation and not all of the standard libraries are available. However, the javax.crypto.cipher library is available and can be used to perform AES and DES encryption. The following code sample shows the constructor and encryption routines that are used to perform the AES encryption. The AESEncryptionProvider class provides a constructor that takes a string passphrase and then provides two methods encryptasbase64 and decryptasbase64 which are part of the IStringEncryptor abstract class that allows for the encryption algorithm to be interchangeable. /** * Constructor for AESEncryptionProvider for a specific passphrase passphrase The phassphrase to protect the data with. EncryptionException public AESEncryptionProvider(String passphrase) throws EncryptionException { // Set up the cipher this.cipher_transformation = "AES/CBC/PKCS5Padding"; this.cipher_algorithm = "AES"; this.messagedigest_algorithm = "MD5"; // Create the password byte array byte[] passwordkey = encodedigest(passphrase); // Set up the algorithm try { cipher = Cipher.getInstance(CIPHER_TRANSFORMATION); catch (NoSuchAlgorithmException e) { Log.e(OpenNoteSecure.TAG, "No such algorithm " + CIPHER_ALGORITHM, e); catch (NoSuchPaddingException e) { Log.e(OpenNoteSecure.TAG, "No such padding PKCS5", e); // Finish setting up the encryption by making the secret key and iv parameters secretkey = new SecretKeySpec(passwordKey, CIPHER_ALGORITHM); ivparameterspec = new IvParameterSpec(rawSecretKey); The AESEncryptionProvider constructor takes a pass phrase and converts it to a secret key that can be used to encrypt or decrypt text using the appropriate methods. The primary responsibility of the constructor is to simply create the key; once the key is created, the encryption provide is able to function. 4
5 /** * Performs the encryption on a string of data data The plain text to encrypt. The encrypted text encoded as a Base64 string. public String encryptasbase64(string data) throws EncryptionException{ byte[] encrypteddata = encrypt(data.getbytes()); return Base64.encodeBytes(encryptedData); The public encryption method used to encrypt a string provides a simple mechanism that returns the encrypted cipher text as a string. To accomplish this the underlying encryption algorithm performs the manipulation on a byte array computed from the original plain text string. To convert this byte array back to a string after it is encrypted, it is encoded as a Base64 string using a freely available encryption library provided by /** * Performs the AES encryption on a byte array. cleardata The unencrypted byte array. The encrypted byte array. EncryptionException private byte[] encrypt(byte[] cleardata) throws EncryptionException { try { cipher.init(cipher.encrypt_mode, secretkey, ivparameterspec); catch (InvalidKeyException e) { Log.e(OpenNoteSecure.TAG, "Invalid key", e); catch (InvalidAlgorithmParameterException e) { Log.e(OpenNoteSecure.TAG, "Invalid algorithm " + CIPHER_ALGORITHM, e); byte[] encrypteddata; try { encrypteddata = cipher.dofinal(cleardata); catch (IllegalBlockSizeException e) { Log.e(OpenNoteSecure.TAG, "Illegal block size", e); catch (BadPaddingException e) { Log.e(OpenNoteSecure.TAG, "Bad padding", e); return encrypteddata; The majority of the code surrounding the encryption and decryption routines is a try/catch block. The crypto routines are capable of throwing various exceptions in the case where the encryption or decryption fails. These routines catch these exceptions and then throw a new exception called EncryptionException. The EncryptionException is a new type of exception that simply indicates that the encryption or decryption routine was not able to be executed successfully. The main reason for throwing this exception is the instance where the wrong algorithms or password is used to attempt to decrypt a file. In this case the file is not decrypted and an error message is 5
6 displayed. The actual execution of the encryption is very simple to invoke and the complexity is masked by the underlying libraries. 4.2 Password and Key Distribution The simplest approach to securing the encrypted files is to not store the password on the device itself. Were the password to be stored on the device it would be possible to decrypt the file if the device would fall into Oscar s hands. The limitation to this approach is that the password must be memorized by Alice. Additionally, the password must be entered using a mobile on screen or physical keyboard which has limitations on the methods of data entry. These limitations may frustrate users. Assuming Alice uses a strong password to encrypt her information the encrypted information will be secure. When the file is being edited it is stored in memory as plain text along with the password that was used to for decryption. The Dalvik virtual machine relies on a garbage collector to free the allocated memory. Additionally, Android allows for multitasking so the application may still be running in the background after the user navigates away from it. This results in a period where the plain text is stored in the phones memory, even if the application is not in the foreground. However, steps can be taken to minimize these risks. 4.3 Limiting Exploitation Window The sensitive information that is stored in memory can be limited to the password and cipher text. The other information including the selected file and algorithm are not as sensitive. To limit these risks, the information needs to be removed from RAM as soon as it is no longer needed. Using the virtual machine s garbage collector, this can be, at least partially, accomplished with little effort. By removing all references to sensitive strings and then invoking the garbage collector the sensitive information in RAM would quickly be lost. However, there is no guarantee that the garbage collector will actually be invoked and that the contents of the RAM would be overwritten with new information. /** * Remove references to sensitive information and suggest the * garbage collector runs before finishing the activity. private void PerformCleanupAndClose(){ // Remove all of the references to the sensitive variables this.content.settext(""); this.password = ""; // Tell the system we want to run the garbage collector System.gc(); // Close this activity this.finish(); 5. Future Work The initial release of OpenNoteSecure is capable of performing symmetric encryption. The ability to perform asymmetric encryption would be very useful for securely encrypting 6
7 information that would be transmitted from user to user. The difficulty in implementing a system for performing asymmetric encryption arises from the vulnerability of the key store. The private keys that would need to be stored on the mobile device would need to be protected, which could be accomplished with a symmetric cipher and a pass phrase. 6. Conclusion The built in mechanisms for securing application data on the Android platform are currently limited, but the ability to secure information on an application by application basis has existing potential. The information stored on a mobile device depends on the security of the passphrase that is used to secure the information. The main issue is the compromise between security and convenience. In practice the convenience of easily accessible information wins over the ability to securely store this information. As a result, the main concern is using strong encryption keys that do not require memorization and manual entry from the user. OpenNoteSecure demonstrates that data security can be achieved, but still depends on memorization of keys by the user. Resources The source code for OpenNoteSecure is released under a General Public License Version 3. OpenNoteSecure is available to download for free from the Android Market. com.jaredhatfield.opennotesecure Works Cited Google. (2010, June 23). Security and Permissions. Retrieved from Android Developers: 7
Analysis of advanced issues in mobile security in android operating system
Available online atwww.scholarsresearchlibrary.com Archives of Applied Science Research, 2015, 7 (2):34-38 (http://scholarsresearchlibrary.com/archive.html) ISSN 0975-508X CODEN (USA) AASRC9 Analysis of
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationMichael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow
Michael Seltzer COMP 116: Security Final Paper Client Side Encryption in the Web Browser Mentor: Ming Chow 1 Abstract Web service providers generally look to encryption as a means of ensuring data privacy
More information1 Step 1: Select... Files to Encrypt 2 Step 2: Confirm... Name of Archive 3 Step 3: Define... Pass Phrase
Contents I Table of Contents Foreword 0 Part I Introduction 2 1 What is?... 2 Part II Encrypting Files 1,2,3 2 1 Step 1: Select... Files to Encrypt 2 2 Step 2: Confirm... Name of Archive 3 3 Step 3: Define...
More informationThe Danger of Data Exfiltration over Social Media Sites
The Danger of Data Exfiltration over Social Media Sites Dan Gunter, University of Louisville; Solomon Sonya, Western International University Abstract The pervasive utilization of social media sites within
More informationResearch Information Security Guideline
Research Information Security Guideline Introduction This document provides general information security guidelines when working with research data. The items in this guideline are divided into two different
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationIntroduction to BitLocker FVE
Introduction to BitLocker FVE (Understanding the Steps Required to enable BitLocker) Exploration of Windows 7 Advanced Forensic Topics Day 3 What is BitLocker? BitLocker Drive Encryption is a full disk
More informationAnalyzing the Security Schemes of Various Cloud Storage Services
Analyzing the Security Schemes of Various Cloud Storage Services ECE 646 Project Presentation Fall 2014 12/09/2014 Team Members Ankita Pandey Gagandeep Singh Bamrah Pros and Cons of Cloud Storage Services
More informationOOo Digital Signatures. Malte Timmermann Technical Architect Sun Microsystems GmbH
OOo Digital Signatures Malte Timmermann Technical Architect Sun Microsystems GmbH About the Speaker Technical Architect in OpenOffice.org/StarOffice development OOo/StarOffice developer since 1991/94 Main
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationComodo Disk Encryption
Comodo Disk Encryption Version 2.0 User Guide Version 2.0.122010 Versi Comodo Security Solutions 525 Washington Blvd. Jersey City, NJ 07310 Table of Contents 1.Comodo Disk Encryption Introduction... 3
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More informationThick Client Application Security
Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two
More informationBlackBerry Enterprise Solution Security Release 4.1.2 Technical Overview www.vodafone.com.mt
BlackBerry Enterprise Solution Security Release 4.1.2 Technical Overview www.vodafone.com.mt Life is now BlackBerry Enterprise Solution Security 1 Contents 5 Wireless security 5 BlackBerry Enterprise Solution
More informationManual for Android 1.5
Manual for Android 1.5 1 Table of Content 1. Scope of Service... 3 1.1 About Boxcryptor Classic... 3 1.2 About this manual... 3 2. Installation... 4 3. Basic functionality... 5 3.1. Setting up Boxcryptor
More informationBlackBerry Enterprise Solution
BlackBerry Enterprise Solution Security Technical Overview for BlackBerry Enterprise Server Version 4.1 Service Pack 5 and BlackBerry Device Software Version 4.5 2008 Research In Motion Limited. All rights
More informationDisk encryption... (not only) in Linux. Milan Brož mbroz@redhat.com
Disk encryption... (not only) in Linux Milan Brož mbroz@redhat.com FDE - Full Disk Encryption FDE (Full Disk Encryption) whole disk FVE (Full Volume Encryption) just some volumes (dis)advantages? + for
More informationUSB Portable Storage Device: Security Problem Definition Summary
USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides
More informationAES Crypt User Guide
AES Crypt User Guide Publication Date: 2013-12-26 Original Author: Gary C. Kessler (gck@garykessler.net) Revision History Date Contributor Changes 2012-01-17 Gary C. Kessler First version 2013-03-03 Doug
More informationFinal Year Project Interim Report
2013 Final Year Project Interim Report FYP12016 AirCrypt The Secure File Sharing Platform for Everyone Supervisors: Dr. L.C.K. Hui Dr. H.Y. Chung Students: Fong Chun Sing (2010170994) Leung Sui Lun (2010580058)
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction
More informationSoftware Tool for Implementing RSA Algorithm
Software Tool for Implementing RSA Algorithm Adriana Borodzhieva, Plamen Manoilov Rousse University Angel Kanchev, Rousse, Bulgaria Abstract: RSA is one of the most-common used algorithms for public-key
More informationbest practices for encryption in android
best practices for encryption in android SUBHEADER VALUE PROPOSTION STATEMENT GOES HERE developer.motorola.com/enterprise WHITE PAPER BEST PRACTICES FOR ENCRYPTION IN ANDROID 2 introduction Android has
More informationFile System Encryption with Integrated User Management
File System Encryption with Integrated User Management Stefan Ludwig Corporate Technology Siemens AG, Munich fsfs@stefan-ludwig.de Prof. Dr. Winfried Kalfa Operating Systems Group Chemnitz University of
More informationMitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security
Mitigating Server Breaches with Secure Computation Yehuda Lindell Bar-Ilan University and Dyadic Security The Problem Network and server breaches have become ubiquitous Financially-motivated and state-sponsored
More informationSeChat: An AES Encrypted Chat
Name: Luis Miguel Cortés Peña GTID: 901 67 6476 GTG: gtg683t SeChat: An AES Encrypted Chat Abstract With the advancement in computer technology, it is now possible to break DES 56 bit key in a meaningful
More informationGeneral Security Best Practices
General Security Best Practices 1. One of the strongest physical security measures for a computer or server is a locked door. 2. Whenever you step away from your workstation, get into the habit of locking
More informationUnderstanding digital certificates
Understanding digital certificates Mick O Brien and George R S Weir Department of Computer and Information Sciences, University of Strathclyde Glasgow G1 1XH mickobrien137@hotmail.co.uk, george.weir@cis.strath.ac.uk
More informationEfficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms
Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms Radhika G #1, K.V.V. Satyanarayana *2, Tejaswi A #3 1,2,3 Dept of CSE, K L University, Vaddeswaram-522502,
More informationAlaa Alhamami, Avan Sabah Hamdi Amman Arab University Amman, Jordan
World of Computer Science and Information Technology Journal (WCSIT) ISSN: 2221-0741 Vol. 5, No. 5, 87-91, 2015 Mobile Secure Transmission Method Based on Audio Steganography Alaa Alhamami, Avan Sabah
More informationUSB Portable Storage Device: Security Problem Definition Summary
USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides
More informationFirmware security features in HP Compaq business notebooks
HP ProtectTools Firmware security features in HP Compaq business notebooks Embedded security overview... 2 Basics of protection... 2 Protecting against unauthorized access user authentication... 3 Pre-boot
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationDeciphering the Safe Harbor on Breach Notification: The Data Encryption Story
Deciphering the Safe Harbor on Breach Notification: The Data Encryption Story Healthcare organizations planning to protect themselves from breach notification should implement data encryption in their
More informationVMware Horizon Workspace Security Features WHITE PAPER
VMware Horizon Workspace WHITE PAPER Table of Contents... Introduction.... 4 Horizon Workspace vapp Security.... 5 Virtual Machine Security Hardening.... 5 Authentication.... 6 Activation.... 6 Horizon
More informationSENSE Security overview 2014
SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2
More informationII. DISCUSSION ON ENCRYPTION PROGRAMS
Overview of Dropbox Encryption in Cloud Computing S.Raju 1 K.Santhi 2 S.Latha 3 1Professor and HOD, Department of IT, Mahendra Engineering College, Namakkal, India. 2 &3 Assistant Professor, Department
More informationTELE 301 Network Management. Lecture 16: Remote Terminal Services
TELE 301 Network Management Lecture 16: Remote Terminal Services Haibo Zhang Computer Science, University of Otago TELE301 Lecture 16: Remote Terminal Services 1 Today s Focus Remote Terminal Services
More informationSnow Agent System Pilot Deployment version
Pilot Deployment version Security policy Revision: 1.0 Authors: Per Atle Bakkevoll, Johan Gustav Bellika, Lars, Taridzo Chomutare Page 1 of 8 Date of issue 03.07.2009 Revision history: Issue Details Who
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationDashlane Security Whitepaper
Dashlane Security Whitepaper November 2014 Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password Never stored locally nor remotely.
More informationUsable Crypto: Introducing minilock. Nadim Kobeissi HOPE X, NYC, 2014
Usable Crypto: Introducing minilock Nadim Kobeissi HOPE X, NYC, 2014 2012 Browsers are an environment that is hostile to cryptography Malleability of the JavaScript runtime. The lack of low-level (system-level)
More informationSecure Storage. Lost Laptops
Secure Storage 1 Lost Laptops Lost and stolen laptops are a common occurrence Estimated occurrences in US airports every week: 12,000 Average cost of a lost laptop for a corporation is $50K Costs include
More informationCHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS
70 CHAPTER 4 DEPLOYMENT OF ESGC-PKC IN NON-COMMERCIAL E-COMMERCE APPLICATIONS 4.1 INTRODUCTION In this research work, a new enhanced SGC-PKC has been proposed for improving the electronic commerce and
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationSecurity Maintenance Practices. IT 4823 Information Security Administration. Patches, Fixes, and Revisions. Hardening Operating Systems
IT 4823 Information Security Administration Securing Operating Systems June 18 Security Maintenance Practices Basic proactive security can prevent many problems Maintenance involves creating a strategy
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationInstalling Ubuntu 12.04.1 LTS with full disk encryption
Installing Ubuntu 12.04.1 LTS with full disk encryption Intro: This is a simple step by step tutorial showing you how to install Ubuntu 12.04.1 LTS with enabled full disk encryption. If you don't know
More informationCommon Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/
Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationThe Misuse of RC4 in Microsoft Word and Excel
The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft
More informationFile System Encryption in C#
INTEGRATED FILE-LEVEL CRYPTOGRAPHICAL ACCESS CONTROL Abstract Ryan Seifert ryanseifert@earthlink.net T. Andrew Yang Yang@UHCL.edu Division of Computing and Mathematics University of Houston - Clear Lake,
More information1. a. Define the properties of a one-way hash function. (6 marks)
1. a. Define the properties of a one-way hash function. (6 marks) A hash function h maps arbitrary length value x to fixed length value y such that: Hard to reverse. Given value y not feasible to find
More informationAPPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK
APPLICATION SECURITY: FROM WEB TO MOBILE. DIFFERENT VECTORS AND NEW ATTACK John T Lounsbury Vice President Professional Services, Asia Pacific INTEGRALIS Session ID: MBS-W01 Session Classification: Advanced
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationProperties of Secure Network Communication
Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able to understand the contents of the transmitted message. Because eavesdroppers may intercept the message,
More informationUsing the Push Notifications Extension Part 1: Certificates and Setup
// tutorial Using the Push Notifications Extension Part 1: Certificates and Setup Version 1.0 This tutorial is the second part of our tutorials covering setting up and running the Push Notifications Native
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationSecure USB Flash Drive. Biometric & Professional Drives
Secure USB Flash Drive Biometric & Professional Drives I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE FLASH DRIVE... 3 DESCRIPTION... 3 IV. MODULES OF SECURE
More informationGostCrypt User Guide. Laboratoire de Cryptologie et de Virologie Opérationnelles - France
GostCrypt User Guide Laboratoire de Cryptologie et de Virologie Opérationnelles - France Copyright c 2014 Laboratoire de Cryptologie et de Virologie Opératoinnelles - France GOSTCRYPT.ORG Contents 1 Introduction.................................................
More informationBlaze Vault Online Backup. Whitepaper Data Security
Blaze Vault Online Backup Version 5.x Jun 2006 Table of Content 1 Introduction... 3 2 Blaze Vault Offsite Backup Server Secure, Robust and Reliable... 4 2.1 Secure 256-bit SSL communication... 4 2.2 Backup
More informationClient Side Filter Enhancement using Web Proxy
Client Side Filter Enhancement using Web Proxy Santosh Kumar Singh 1, Rahul Shrivastava 2 1 M Tech Scholar, Computer Technology (CSE) RCET, Bhilai (CG) India, 2 Assistant Professor, CSE Department, RCET
More informationSmartphone Apps Are Not That Smart: Insecure Development Practices
Smartphone Apps Are Not That Smart: Insecure Development Practices Simón Roses Femerling VULNEX Research Paper Version 2.0 www.vulnex.com 07/03/12 ABSTRACT Mobile Apps are a growing business with thousands
More informationPentesting Mobile Applications
WEB 应 用 安 全 和 数 据 库 安 全 的 领 航 者! 安 恒 信 息 技 术 有 限 公 司 Pentesting Mobile Applications www.dbappsecurity.com.cn Who am I l Frank Fan: CTO of DBAPPSecurity Graduated from California State University as a Computer
More informationHow To Encrypt A Traveltrax Report On Gpg On A Pc Or Mac Or Mac (For A Free Download) On A Thumbdrive Or Ipad Or Ipa (For Free) On Pc Or Ipo (For An Ipo)
EMAIL ENCRYPTION Guide June 3, 2013 TABLE OF CONTENTS Steps to Create Encryption Public Key... 3 Installing GPG... 3 Key Generation Process... 4 Update User Settings... 6 Decrypting an encrypted file...
More informationInternational Journal for Research in Computer Science
TOPIC: MOBILE COMPUTING AND SECURITY ISSUES. ABSTRACT Owodele Odukale The past decade has seen a growth in the use of mobile computing. Its use can be found in areas such as social media, information exchange,
More informationTutorial on Smartphone Security
Tutorial on Smartphone Security Wenliang (Kevin) Du Professor wedu@syr.edu Smartphone Usage Smartphone Applications Overview» Built-in Protections (ios and Android)» Jailbreaking and Rooting» Security
More informationiphone in Business Security Overview
iphone in Business Security Overview iphone can securely access corporate services and protect data on the device. It provides strong encryption for data in transmission, proven authentication methods
More informationBYOD Guidance: BlackBerry Secure Work Space
GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.
More informationLecture 1 Introduction to Android
These slides are by Dr. Jaerock Kwon at. The original URL is http://kettering.jrkwon.com/sites/default/files/2011-2/ce-491/lecture/alecture-01.pdf so please use that instead of pointing to this local copy
More informationMobile Operating Systems. Week I
Mobile Operating Systems Week I Overview Introduction Mobile Operating System Structure Mobile Operating System Platforms Java ME Platform Palm OS Symbian OS Linux OS Windows Mobile OS BlackBerry OS iphone
More informationEnergyAxis System: Security for the Smart Grid
Security for the Smart Grid 2010 by Elster All rights reserved. No part of this document may be reproduced, transmitted, processed or recorded by any means or form, electronic, mechanical, photographic
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More informationEncrypt-FS: A Versatile Cryptographic File System for Linux
Encrypt-FS: A Versatile Cryptographic File System for Linux Abstract Recently, personal sensitive information faces the possibility of unauthorized access or loss of storage devices. Cryptographic technique
More informationMaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described
More informationEnova X-Wall LX Frequently Asked Questions
Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)
More informationHow to Send Stealth Text From Your Cell Phone
anonymous secure decentralized SMS stealthtext transactions WHITEPAPER STATE OF THE ART 2/8 WHAT IS STEALTHTEXT? stealthtext is a way to send stealthcoin privately and securely using SMS texting. stealthtext
More informationSkyRecon Cryptographic Module (SCM)
SkyRecon Cryptographic Module (SCM) FIPS 140-2 Documentation: Security Policy Abstract This document specifies the security policy for the SkyRecon Cryptographic Module (SCM) as described in FIPS PUB 140-2.
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationCountering the Threat to the Digital Lifestyle
Encryption and USB Drives: Whitepaper Countering the Threat to the Digital Lifestyle Encryption and USB Drives 8GB of Data 2,000 songs - or your company marketing strategies 2,500 vacation pictures - or
More informationKey & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
More informationData Center Real User Monitoring
Data Center Real User Monitoring Migration from CryptoSwift Migration Guide Release 12.0.2 Please direct questions about Data Center Real User Monitoring or comments on this document to: APM Customer Support
More informationApplication-Specific Biometric Templates
Application-Specific Biometric s Michael Braithwaite, Ulf Cahn von Seelen, James Cambier, John Daugman, Randy Glass, Russ Moore, Ian Scott, Iridian Technologies Inc. Introduction Biometric technologies
More informationMobile Security Framework; Advances in Mobile Governance in Korea. TaeKyung Kim tkkim@stu.ac.kr
Mobile Security Framework; Advances in Mobile Governance in Korea TaeKyung Kim tkkim@stu.ac.kr I. e-banking in Korea 1. e-banking? BIS (Bank for International Settlements) - e-finance(electronic banking)
More informationA PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS)
A PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS) Ashraf Odeh 1, Shadi R.Masadeh 2, Ahmad Azzazi 3 1 Computer Information Systems Department, Isra University,
More informationSecurity in Android apps
Security in Android apps Falco Peijnenburg (3749002) August 16, 2013 Abstract Apps can be released on the Google Play store through the Google Developer Console. The Google Play store only allows apps
More informationTechniques of Asymmetric File Encryption. Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab
Techniques of Asymmetric File Encryption Alvin Li Thomas Jefferson High School For Science and Technology Computer Systems Lab Abstract As more and more people are linking to the Internet, threats to the
More informationVs Encryption Suites
Vs Encryption Suites Introduction Data at Rest The phrase "Data at Rest" refers to any type of data, stored in the form of electronic documents (spreadsheets, text documents, etc.) and located on laptops,
More informationExample of Standard API
16 Example of Standard API System Call Implementation Typically, a number associated with each system call System call interface maintains a table indexed according to these numbers The system call interface
More informationSafeNet MSSQL EKM Provider User Guide
SafeNet MSSQL EKM Provider User Guide Version 4.8.5 Documentation Version: 20080705 Copyright Information 2009 SafeNet, Inc. All rights reserved All intellectual property is protected by copyright. All
More informationCreating and Using Databases for Android Applications
Creating and Using Databases for Android Applications Sunguk Lee * 1 Research Institute of Industrial Science and Technology Pohang, Korea sunguk@rist.re.kr *Correspondent Author: Sunguk Lee* (sunguk@rist.re.kr)
More informationCleaning Encrypted Traffic
Optenet Documentation Cleaning Encrypted Traffic Troubleshooting Guide iii Version History Doc Version Product Date Summary of Changes V6 OST-6.4.300 01/02/2015 English editing Optenet Documentation
More informationChapter 10. Cloud Security Mechanisms
Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based
More informationIntroduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...
Hush Encryption Engine White Paper Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...4 Passphrase Requirements...4 Data Requirements...4
More informationInternational Engineering Journal For Research & Development
Evolution Of Operating System And Open Source Android Application Nilesh T.Gole 1, Amit Manikrao 2, Niraj Kanot 3,Mohan Pande 4 1,M.tech(CSE)JNTU, 2 M.tech(CSE)SGBAU, 3 M.tech(CSE),JNTU, Hyderabad 1 sheyanilu@gmail.com,
More informationSync Security and Privacy Brief
Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical
More informationForensic Decryption of FAT BitLocker Volumes
Forensic Decryption of FAT BitLocker Volumes P. Shabana Subair, C. Balan (&), S. Dija, and K.L. Thomas Centre for Development of Advanced Computing, PO Box 6520, Vellayambalam, Thiruvananthapuram 695033,
More informationWorking Together Managing and Securing Enterprise Mobility WHITE PAPER. Larry Klimczyk Digital Defence P: 222.333.4444
Working Together Managing and Securing Enterprise Mobility WHITE PAPER Larry Klimczyk Digital Defence P: 222.333.4444 Contents Executive Summary... 3 Introduction... 4 Security Requirements... 5 Authentication...
More informationLast modified: November 22, 2013 This manual was updated for the TeamDrive Android client version 3.0.216
Last modified: November 22, 2013 This manual was updated for the TeamDrive Android client version 3.0.216 2013 TeamDrive Systems GmbH Page 1 Table of Contents 1 Starting TeamDrive for Android for the First
More information