A SECURE MOBILE MESSAGING APPLICATION USING IDENTITY-BASED ENCRYPTIONMaster’s Thesis Presentationby

Ryan Holt

Metropolitan State UniversityApril 24, 2015

04/15/2023

2

OUTLINE

Introduction

Background Concepts (IBE, ECC, and the PBC library)

Project Design and Implementation

User Experience and Application Performance

Conclusion

04/15/2023

3

INTRODUCTION

04/15/2023

4

INTRODUCTION

04/15/2023

5

INTRODUCTION (CONT.)

National Security Agency (NSA) Collect-it-all policy on electronic communications

Legal interpretation of the Patriot Act

Use information collected without a warrant

Bulk collection of domestic call records

Internet communication

Retain data for up to five years

Discretion on surveillance lies directly with its own analysts

Power to compel telecoms to turn over communications on any individual identified by the NSA

04/15/2023

6

INTRODUCTION (CONT.)

Google Automated systems analyze your data

Email, device and location information, local storage

Customized search results and targeted advertising

Share aggregated, non-personally identifiable information publicly and with publishers, advertisers and other websites

Give up your personal information upon governmental request, leaving you vulnerable to law enforcement requests or civil subpoenas

May not immediately delete residual data from servers

May not ever remove information from their backup systems

04/15/2023

7

INTRODUCTION (CONT.)

Social apps and cloud technologies provide unprecedented levels of collaboration, information sharing and data analytics.

Problem: Personal data collected can be exploited by corporations, government, and hackers

Major Culprit: Popular yet insecure messaging applications

Solution: Advanced encryption techniques with simple implementations

04/15/2023

8

SECURITY ISSUES IN MOBILE NETWORKS

Eavesdropping

Denial-of-Service (DoS)

Flow disruption

Signaling attacks

Resource exhaustion

NORSE |map.ipviking.com

04/15/2023

9

STATE OF THE ART

Security vs Usability

Most popular instant messaging apps are easy to use but communication is generally sent over insecure channels

Complexities with installation and configuration of secure applications, and setting up accounts. Difficulty verifying users’ authenticity, or using the applications correctly

$600 billion est. value of mobile payments in

2015Electronic Frontier Foundation | eff.org/secure-messaging-scorecard

04/15/2023

10

PROJECT GOALS

This project has three main goals:

1. Show, via a proof-of-concept, that Elliptic Curve Cryptography (ECC) is a viable security mechanism on modern mobile devices

2. Implement this security mechanism in a way that is user friendly Intuitive application user interface

Transparent security

3. Design a system that is modular and extensible Easy to create, extend, and maintain

Can be added as a security layer atop an existing system

04/15/2023

11

BACKGROUND CONCEPTS(IBE, ECC, AND THE PBC LIBRARY)

04/15/2023

12

HISTORY OF IBE

Identity-Based Encryption (IBE) was first proposed by Adi Shamir in 1984 Simplify public key and certificate management in a Public Key Infrastructure (PKI)

Boneh and Franklin introduced the first functional Identity-Based Encryption scheme in 2001

Using groups with efficiently computable bilinear maps

Secure in the random oracle model

Became Stanford Pairing Based Cryptography (PBC) library

Boldyreva, Goyal, and Kumar came up with an efficient revocation scheme for IBE in 2008

Brent Waters came up with the first Hierarchical IBE (HIBE) scheme and an IBE system with short parameters in 2009

De Caro, Iovino, Persiano realized the first Anonymous HIBE protocol in 2010

04/15/2023

13

ELLIPTIC CURVES

Elliptic Curve: Formed by an equation of the form y2 = x3 + ax + b over a finite field of prime order q (x, y ∈ q)

Elliptic Curve Cryptography (ECC) is dependent on the Bilinear Diffie-Hellman (BDH) problem being hard to solve

Hard to sove = mathematical operations are fast to compute, but hard to reverse

For the BDH problem, this means finding gxy given g and the values of gx and gy

As of 2006, the most efficient solutions involve solving the discrete logarithm problem (DLP)

Find x given g and gx

04/15/2023

14

ELLIPTIC CURVES (CONT.)

Maps are also central to ECC One-way functions, meaning it is easy to

calculate their result given a pair of operands but hard to calculate the inverse

Bilinearity, non-degeneracy, and computability

Bilinear pairing Weil (pronounced vay) or Tate pairings.

Of these two, Tate pairing is typically faster

Pair(a ∙ X, b ∙ Y) = Pair(b ∙ X, a ∙ Y) Calculating a ∙ X is easy, and finding a given X

and a ∙ X, is hard

04/15/2023

15

IDENTITY-BASED ENCRYPTION

In an Identity-Based Encryption (IBE) scheme, the public key of a user may be an arbitrary string like an email address or other identifier

Messages are encrypted using a combination of the system master key and the id of the recipient

Users must go to a trusted party, Key Generation Server (KGS), and prove their identity in order to obtain a private key which will allow them to decrypt messages

04/15/2023

16

REVIEW OF ALGORITHMS AND THEIR CLASSIFICATIONS

The security strength of an IBE system is determined by the underlying algorithm, which, in turn, is determined by the bit-length of the parameters

Depending on system requirements, different curves and initialization parameters might be chosen.

Type Base Field Size (bits)

k Dlog security (bits) a 512 2 1024 dn n 6 6n e 1024 1 1024 f 160 12 1920 gn n 10 10n a1 1024 2 2048

Curves available in the PBC library

04/15/2023

17

REVIEW OF ALGORITHMS AND THEIR CLASSIFICATIONS (CONT.)

Supersingular curves Of the form y2 = x3 + x

As of 2007 there are no known weaknesses for (carefully selected) supersingular curves

Identity-Based Encryption is referenced in several Internet Engineering Task Force (IETF) draft standards

RFC 5091 - Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems

RFC 5408 - Identity-Based Encryption Architecture and Supporting Data Structures

Among others

04/15/2023

18

OTHER INTERESTING THINGS ABOUT IBE

Secure machine to machine (M2M) scheme in an Internet-of-Things (IoT)

Proxy Re-Encryption (PRE) Email forwarding

Distributed file systems

Digital Rights Management (DRM)

Attribute-Based Encryption (ABE) is a generalization of Fuzzy IBE

04/15/2023

19

NOTABLE IMPLEMENTATIONS

Stanford Pairing Based Cryptography (PBC) Library

MIRACL

HP Healthcare

Voltage security Secure plugins for MS Office

“HP acquires Voltage Security in Big Data encryption push” siliconangle.com February 2015

HP Security Voltage

04/15/2023

20

PROS AND CONS

Pros• Certificate-less

• No complex key management infrastructure

• Light-weight• Small cryptographic

parameters• Efficient

Cons• Key Escrow

• Key Generating Server has access to all private keys

• Key Revocation• efficient revocation

difficult

04/15/2023

21

WHY WAS IBE CHOSEN?

Few known mobile ECC

impls.No known IBE-based

instant messaging application

Leakage-resilient

ModularLight-weight

Small crypto params

Efficient

04/15/2023

22

WHY WAS JPBC CHOSEN?

The Java Pairing-Based Cryptography (JPBC) library was chosen as the IBE library because it is a Java implementation of the popular and reputable Stanford PBC library

04/15/2023

23

WHY WAS ANDROID CHOSEN?

Android ranked the top mobile platform on the market in 2014 76.6% of smartphones sold globally

#1 target for malicious hackers

Threats common to all mobile platforms

Free

Open-source

Java-based

Many quality development tools and frameworks available

04/15/2023

24

PROJECT DESIGN AND IMPLEMENTATION

04/15/2023

25

PROJECT OVERVIEW

A secure mobile messaging app that is exceptionally secure yet simple and intuitive to use

Provides: Encryption

Authentication

Deniability

Forward secrecy

Information protected in transit as well as at rest

Useful to anyone who would like to share their personal, financial, business, and health information with the assurance that it is secure

04/15/2023

26

PROJECT ARCHITECTURE

Amazon Web Services Elastic Compute Cloud (EC2)

Route 53

Servers: Ubuntu Server 14

Apache Tomcat Application Server

Apache Web Server

Prosody (XMPP)

Mobile Clients: Android

04/15/2023

27

DESIGN

High-Level

Design

04/15/2023

28

DESIGN(CONT.)

{     "key":291933989,   "ibeParams":{        "paramsString":"type a\nq 3027378209922339717047636864523197030585489211533016262964916585439053694462154817206416003461993685371839546061336658289802856950735628675952248692458219\nr 730751167114595186142829002853739519958614802431\nh 4142830482058732431415919191924235082116610057338942961450320218799606055344492881034903447809458196921620\nexp1 138\nexp2 159\nsign0 -1\nsign1 1\n",      

https://auth.sageburner.com/service/getIBEParams?key=291933989

 "pByteString":"Nth04o664fvLZK+jxLVE5atrhWMJTMx9l8Lq1xPBCS3LdK0rpbspAZxKQg9/yQMgy/68hA9dTnwkH1HQdYYn8zMXySawO+PzY2cPtpLVlcyHOUg1cgHue7xkQZfmhkrHl2O8Nh1344enuUckQx2YW5ICHq7UN+Psqny235ZR3rw=",      "sByteString":"J6MDMS1QOOwkw+jPtqVIZEkwHQM="   }}

04/15/2023

29

DESIGN(CONT.)

Messaging Flow

04/15/2023

30

IMPLEMENTATIONDETAILS

IBE Class Diagram

04/15/2023

31

IMPLEMENTATIONDETAILS (CONT.)

JPBC ‘Type a’ pairing

y2 = x3 + x over the finite field 𝔽q for some prime q = 3 mod 4

r = 160, q = 512, and k = 2

𝐸: elliptic curve over finite field over prime 𝔽q

q: field size of base-point ∈ (𝔽q)𝑃 𝐸 r: prime order of base-point ∈ (𝔽q) – r does not divide q𝑃 𝐸 k: embedding degree (multiplicative order of q mod r)

Security Level (in bits)

80 112 128

r 160 224 256q 512 1024 1536

RSA Key Size 1024 2048 3072

04/15/2023

32

IMPLEMENTATIONDETAILS (CONT.)

Message Encryption

04/15/2023

33

04/15/2023

34

USER EXPERIENCE AND APPLICATION PERFORMANCE

04/15/2023

35

USER EXPERIENCE androidbootstrap.com

04/15/2023

36

USER EXPERIENCE (CONT.)Login Friends

ListConversation

04/15/2023

37

APPLICATION PERFORMANCE

04/15/2023

38

APPLICATION PERFORMANCE

04/15/2023

39

CONCLUSION

04/15/2023

40

CONCLUSION

A mobile user’s privacy is under constant threat of attack from numerous sources at any given time. Protecting personal and professional information in such a hostile environment is a continuous task and one of utmost importance. Taking on such a challenge requires having the right tools and empowering users to use them. Along with projects like Off-the-Record, TextSecure, and Crypto-Book, the secure messaging application developed here is one of those tools.

04/15/2023

41

FUTURE WORK

User interface improvements

Scalability

Group messaging

Picture/video messaging

Conversation history

Secure file transfer Business documents

Financial records

Medical records