Ryan Holt presents a master's thesis on developing a secure mobile messaging application using identity-based encryption. The presentation includes an introduction outlining privacy and security concerns with existing messaging apps and cloud services. It then covers the background concepts of identity-based encryption, elliptic curve cryptography, and the PBC library. Finally, it details the design, implementation, and user experience of the proof-of-concept mobile messaging app created for the thesis project.

1. A SECURE MOBILE
MESSAGING APPLICATION
USING IDENTITY-BASED
ENCRYPTION
Master’s Thesis Presentation
by
Ryan Holt
Metropolitan State University
April 24, 2015

2. OUTLINE
 Introduction
 Background Concepts (IBE, ECC, and the PBC library)
 Project Design and Implementation
 User Experience and Application Performance
 Conclusion
4/27/2015
2

3. INTRODUCTION
4/27/2015
3

4. INTRODUCTION
4/27/2015
4

5. INTRODUCTION (CONT.)
National Security Agency (NSA)
 Collect-it-all policy on electronic communications
 Legal interpretation of the Patriot Act
 Use information collected without a warrant
 Bulk collection of domestic call records
 Internet communication
 Retain data for up to five years
 Discretion on surveillance lies directly with its own analysts
 Power to compel telecoms to turn over communications on any individual identified by the
NSA
4/27/2015
5

6. INTRODUCTION (CONT.)
Google
 Automated systems analyze your data
 Email, device and location information, local storage
 Customized search results and targeted advertising
 Share aggregated, non-personally identifiable information publicly and with publishers,
advertisers and other websites
 Give up your personal information upon governmental request, leaving you vulnerable to law
enforcement requests or civil subpoenas
 May not immediately delete residual data from servers
 May not ever remove information from their backup systems
4/27/2015
6

7. INTRODUCTION (CONT.)
Social apps and cloud technologies
provide unprecedented levels of
collaboration, information sharing and
data analytics.
 Problem: Personal data collected can
be exploited by corporations,
government, and hackers
 Major Culprit: Popular yet insecure
messaging applications
 Solution: Advanced encryption
techniques with simple
implementations
4/27/2015
7

8. SECURITY ISSUES IN MOBILE NETWORKS
 Eavesdropping
 Denial-of-Service (DoS)
 Flow disruption
 Signaling attacks
 Resource exhaustion
NORSE |map.ipviking.com
4/27/2015
8

9. STATE OF THE ART
Security vs Usability
 Most popular instant messaging apps
are easy to use but communication is
generally sent over insecure channels
 Complexities with installation and
configuration of secure applications,
and setting up accounts. Difficulty
verifying users’ authenticity, or using
the applications correctly
 $600 billion
 est. value of mobile payments in 2015
Electronic Frontier Foundation |
eff.org/secure-messaging-scorecard
4/27/2015
9

10. PROJECT GOALS
This project has three main goals:
1. Show, via a proof-of-concept, that Elliptic Curve Cryptography
(ECC) is a viable security mechanism on modern mobile devices
2. Implement this security mechanism in a way that is user friendly
 Intuitive application user interface
 Transparent security
3. Design a system that is modular and extensible
 Easy to create, extend, and maintain
 Can be added as a security layer atop an existing system
4/27/2015
10

11. BACKGROUND CONCEPTS
(IBE, ECC, AND THE PBC
LIBRARY)
4/27/2015
11

12. HISTORY OF IBE
 Identity-Based Encryption (IBE) was first proposed by Adi Shamir in 1984
 Simplify public key and certificate management in a Public Key Infrastructure (PKI)
 Boneh and Franklin introduced the first functional Identity-Based Encryption
scheme in 2001
 Using groups with efficiently computable bilinear maps
 Secure in the random oracle model
 Became Stanford Pairing Based Cryptography (PBC) library
 Boldyreva, Goyal, and Kumar came up with an efficient revocation scheme
for IBE in 2008
 Brent Waters came up with the first Hierarchical IBE (HIBE) scheme and an IBE
system with short parameters in 2009
 De Caro, Iovino, Persiano realized the first Anonymous HIBE protocol in 2010
4/27/2015
12

13. ELLIPTIC CURVES
 Elliptic Curve: Formed by an equation of the form
y2 = x3 + ax + b over a finite field of prime order q
(x, y ∈ q)
 Elliptic Curve Cryptography (ECC) is dependent
on the Bilinear Diffie-Hellman (BDH) problem being
hard to solve
 Hard to sove = mathematical operations are fast to
compute, but hard to reverse
 For the BDH problem, this means finding gxy given g
and the values of gx and gy
 As of 2006, the most efficient solutions involve
solving the discrete logarithm problem (DLP)
 Find x given g and gx
4/27/2015
13

14. ELLIPTIC CURVES (CONT.)
 Maps are also central to ECC
 One-way functions, meaning it is easy to
calculate their result given a pair of operands
but hard to calculate the inverse
 Bilinearity, non-degeneracy, and computability
 Bilinear pairing
 Weil (pronounced vay) or Tate pairings.
 Of these two, Tate pairing is typically faster
 Pair(a ∙ X, b ∙ Y) = Pair(b ∙ X, a ∙ Y)
 Calculating a ∙ X is easy, and finding a given X
and a ∙ X, is hard
4/27/2015
14

15. IDENTITY-BASED ENCRYPTION
 In an Identity-Based Encryption (IBE)
scheme, the public key of a user may
be an arbitrary string like an email
address or other identifier
 Messages are encrypted using a
combination of the system master key
and the id of the recipient
 Users must go to a trusted party, Key
Generation Server (KGS), and prove their
identity in order to obtain a private key
which will allow them to decrypt messages
4/27/2015
15

16. REVIEW OF ALGORITHMS AND THEIR
CLASSIFICATIONS
 The security strength of an IBE system is determined by the underlying
algorithm, which, in turn, is determined by the bit-length of the
parameters
 Depending on system requirements, different curves and initialization
parameters might be chosen.
Type Base Field Size
(bits)
k Dlog security
(bits)
a 512 2 1024
dn n 6 6n
e 1024 1 1024
f 160 12 1920
gn n 10 10n
a1 1024 2 2048
Curves available in the PBC library
4/27/2015
16

17. REVIEW OF ALGORITHMS AND THEIR
CLASSIFICATIONS (CONT.)
 Supersingular curves
 Of the form y2 = x3 + x
 As of 2007 there are no known weaknesses for (carefully selected)
supersingular curves
 Identity-Based Encryption is referenced in several Internet
Engineering Task Force (IETF) draft standards
 RFC 5091 - Identity-Based Cryptography Standard (IBCS) #1:
Supersingular Curve Implementations of the BF and BB1 Cryptosystems
 RFC 5408 - Identity-Based Encryption Architecture and Supporting Data
Structures
 Among others
4/27/2015
17

18. OTHER INTERESTING THINGS ABOUT IBE
 Secure machine to machine (M2M) scheme in
an Internet-of-Things (IoT)
 Proxy Re-Encryption (PRE)
 Email forwarding
 Distributed file systems
 Digital Rights Management (DRM)
 Attribute-Based Encryption (ABE) is a
generalization of Fuzzy IBE
4/27/2015
18

19. NOTABLE IMPLEMENTATIONS
 Stanford Pairing Based Cryptography (PBC) Library
 MIRACL
 HP Healthcare
 Voltage security
 Secure plugins for MS Office
 “HP acquires Voltage Security in Big Data encryption push”
siliconangle.com February 2015
 HP Security Voltage
4/27/2015
19

20. PROS AND CONS
Pros
• Certificate-less
•No complex key
management
infrastructure
• Light-weight
•Small cryptographic
parameters
• Efficient
Cons
• Key Escrow
•Key Generating Server
has access to all private
keys
• Key Revocation
•efficient revocation
difficult
4/27/2015
20

21. WHY WAS IBE CHOSEN?
Few known
mobile ECC
impls.
No known
IBE-based
instant
messaging
application
Leakage-
resilient
ModularLight-weight
Small crypto
params
Efficient
4/27/2015
21

22. WHY WAS JPBC CHOSEN?
The Java Pairing-Based Cryptography (JPBC) library was chosen as
the IBE library because it is a Java implementation of the popular
and reputable Stanford PBC library
4/27/2015
22

23. WHY WAS ANDROID CHOSEN?
 Android ranked the top mobile platform on the market in 2014
 76.6% of smartphones sold globally
 #1 target for malicious hackers
 Threats common to all mobile platforms
 Free
 Open-source
 Java-based
 Many quality development tools and frameworks available
4/27/2015
23

24. PROJECT DESIGN AND
IMPLEMENTATION
4/27/2015
24

25. PROJECT OVERVIEW
 A secure mobile messaging app that is exceptionally secure yet
simple and intuitive to use
 Provides:
 Encryption
 Authentication
 Deniability
 Forward secrecy
 Information protected in transit as well as at rest
 Useful to anyone who would like to share their personal,
financial, business, and health information with the assurance
that it is secure
4/27/2015
25

26. PROJECT
ARCHITECTURE
 Amazon Web Services
 Elastic Compute Cloud (EC2)
 Route 53
 Servers:
 Ubuntu Server 14
 Apache Tomcat Application
Server
 Apache Web Server
 Prosody (XMPP)
 Mobile Clients:
 Android
4/27/2015
26

27. DESIGN
High-Level
Design
4/27/2015
27

28. DESIGN
(CONT.)
{
"key":291933989,
"ibeParams":{
"paramsString":"type anq 3027378209922339717
047636864523197030585489211533016262964916585
439053694462154817206416003461993685371839546
061336658289802856950735628675952248692458219
nr 730751167114595186142829002853739519958614
802431nh 41428304820587324314159191919242350
821166100573389429614503202187996060553444928
81034903447809458196921620nexp1 138nexp2 15
9nsign0 -1nsign1 1n",
https://auth.sageburner.com/service/getIBEParams?key=291933989
"pByteString":"Nth04o664fvLZK+jxLVE5atrhWMJTMx9l
8Lq1xPBCS3LdK0rpbspAZxKQg9/yQMgy/68hA9dTnw
kH1HQdYYn8zMXySawO+PzY2cPtpLVlcyHOUg1cgH
ue7xkQZfmhkrHl2O8Nh1344enuUckQx2YW5ICHq7U
N+Psqny235ZR3rw=",
"sByteString":"J6MDMS1QOOwkw+jPtqVIZEkwHQ
M="
}
}
4/27/2015
28

29. DESIGN
(CONT.)
Messaging Flow
4/27/2015
29

30. IMPLEMENTATION
DETAILS
IBE Class Diagram
4/27/2015
30

31. IMPLEMENTATION
DETAILS (CONT.)
 JPBC ‘Type a’ pairing
 y2 = x3 + x over the finite field 𝔽q for some prime q = 3 mod 4
 r = 160, q = 512, and k = 2
 𝐸: elliptic curve over finite field over prime 𝔽q
 q: field size of base-point 𝑃 ∈ 𝐸(𝔽q)
 r: prime order of base-point 𝑃 ∈ 𝐸(𝔽q) – r does not divide q
 k: embedding degree (multiplicative order of q mod r)
Security Level (in bits) 80 112 128
r 160 224 256
q 512 1024 1536
RSA Key Size 1024 2048 3072
4/27/2015
31

32. IMPLEMENTATION
DETAILS (CONT.)
Message Encryption
4/27/2015
32

33. 4/27/2015
33

34. USER EXPERIENCE AND
APPLICATION PERFORMANCE
4/27/2015
34

35. USER EXPERIENCE androidbootstrap.com
4/27/2015
35

36. USER EXPERIENCE (CONT.)
Login Friends List Conversation
4/27/2015
36

37. APPLICATION PERFORMANCE
4/27/2015
37

38. APPLICATION PERFORMANCE
4/27/2015
38

39. CONCLUSION
4/27/2015
39

40. CONCLUSION
A mobile user’s privacy is under constant threat of attack from
numerous sources at any given time. Protecting personal and
professional information in such a hostile environment is a
continuous task and one of utmost importance. Taking on such a
challenge requires having the right tools and empowering users to
use them. Along with projects like Off-the-Record, TextSecure, and
Crypto-Book, the secure messaging application developed here is
one of those tools.
4/27/2015
40

41. FUTURE WORK
 User interface improvements
 Scalability
 Group messaging
 Picture/video messaging
 Conversation history
 Secure file transfer
 Business documents
 Financial records
 Medical records
4/27/2015
41