Increasing SMS privacy using AES encryption algorithm in Android application Blerim Rexha, Lavdërim Shala and Ehat Qerimi Faculty of Electrical and Computer Engineering, University of Prishtina, Kodra e Diellit p.n. Prishtina, Kosovo
[email protected],
[email protected],
[email protected]
Abstract - Short Message Service (SMS) is the oldest application for exchanging messages between communicating parties in cellular network used by mobile phones. These messages are encrypted over-the-air with A5/1 algorithm and stored as clear text at network operator. Recent developments have shown that this algorithm is not secure any more. Compromising an access to network operator registers gains access to SMS also. For assuring privacy the SMS application must provide end-to-end encryption. In this paper we present an efficient solution for encrypting SMS between communicating parties using Advanced Encryption Standard (AES) algorithm in Android environment. Furthermore we compare the proposed solution we existing ones in market listing strengthens and limitations. Keywords: Encryption, Privacy, SMS, AES, and Android.
1 Introduction Communication has always been a crucial factor in development of human's everyday life. Since prehistoric times human society developed different forms of communication which made possible exchanging meaningful information between individuals, and, as a result, they put in function the society itself. At those times fire, smoke signals, horns etc. were used as communication tools and techniques. Moreover, the appearance of speech made a revolution in human communication. In addition, symbols and writing further revolutionized communication. They led to new communication techniques like mail, pigeon post etc. The technology innovations further improved and made communication more powerful. First the telegraph then the telephone made communication quite simple even in long distances. Furthermore, the internet extremely boosted the communication and made it easier than ever before. Telephone is considered to be one of the most important invention that revolutionized communication. First telephone was introduced with the landline version where all telephone were connected by wires but, later it evolved to the wireless version. One important service offered by this version is also the Short Message Service (SMS) which allows users to send text messages to each other via mobile telephony network. SMS is established in many enterprises as standard communication service and message privacy is becoming an imperative [1].
1.1 Exchanging messages via SMS Short Message Service (SMS) is a traditional service of Global System Mobile (GSM) networks. It allows GSM users to send and receive text messages. The "short" path on its name stands for limitation in the length of message to 1120 bits or 160 seven bit characters.
Fig. 1 - Sample SMS scenario.
As presented in Fig. 1, the sender sends the message to GSM provider that is responsible to forward it to the receiver. Usually modern GMS providers use the "Store and Forward" technique. What they do is they store the text message as plain text in their database and try to send it to the receiver. If sending fails GSM provider tries to send it again later. This increases the probability for the message to be delivered, however in general SMS is considered not to guarantee the delivery of message. Moreover, during the transportation time the message is encrypted with A5/1 encryption algorithm; but it is stored as plain text in both communication parties and GSM provider [2]. 1.2 Current encryptions algorithms SMS messages are encrypted over-the-air with A5/1 encryption algorithm. It was meant to provide message privacy, and it was kept secret by its authors. However, once it became public by reverse engineering a lot of flaws were found on it, and, as a result, it is not considered to be a secure algorithm anymore [3]. Attacks against it prove that it can be broken in just one second [4]. Therefore, it is possible to break it just-in-time during transportation, as presented in Table 1. Table 1 - Attacks against A5/1[3] [4]
Name Biased Birthday attack Random Subgraph attack Biham & Dunkelman attack
Amount of Data 2 Minutes 2 Seconds 2.36 Minutes
Time 1 Second Several Minutes n/a
In summary, one can conclude that native SMS messaging does not provide message privacy; therefore, further mechanisms should be implemented on it in order to achieve this objective [5].
2 Using AES algorithm for encryption Modern cryptography offers encryption algorithms which are practically almost impossible to break with brute force attacks. These algorithms are based on both mathematical theory and computer science practice. Even though, one can always say that each modern encryption algorithm is theoretically breakable by trying all key combinations or conducting what is called brute force attack. On the other hand, this in practice is impossible because using current computer power in order to try all key combinations is required quite a big amount of time which is satisfactory to conclude that these algorithms are unable to be broken. Moreover, due to continuous improvement of science and computer power also these algorithms need to be improved [6]. In general there are two types of modern cryptography algorithms: (i) symmetric encryption algorithms, and (ii) asymmetric encryption algorithms. The first ones use the same key for encryption and decryption whereas the second ones for each communication pair issue a pair of keys the public and the private key. The public one is given to everybody, i.e. public, and is used for encryption whereas the second one is kept private by owner and is used for decryption. One problem here is authenticity of keys, and this problem is solved with introducing certification authorities and digital certificates. The strength of these algorithms stays on the factorization of long prime integers. The key space is from 1024 to 4096 bit [7]. Therefore, making bruteforce attacks against it almost impossible. 2.1 Symmetric algorithms Symmetric algorithms use the same key to encrypt and decrypt the message as presented in Fig. 2. This key should be a shared secret between communication parties, and, therefore, this is considered to be the major disadvantage of these algorithms. In addition, when there are many communication parties in a conversation each of them must have a secret key with all others, and, as a result, it makes a lot of keys, n*(n-1)/2 keys for “n” user group, therefore this is considered another disadvantage of these algorithms. Beside their disadvantages symmetric algorithms have their advantages prior to asymmetric algorithms as well. One major advantage is that they operate in smaller amount of bits therefore they are quite faster than asymmetric algorithms. In addition, another advantage prior to asymmetric algorithms is that they do not require complex mechanisms like certificates and certification authorities in order to be implemented [8].
Fig. 2 - Symmetric encryption scenario.
One of the most widely known symmetric encryption algorithm is the data encryption standard (DES) which was designed by IBM for National Bureau of Standards (NBS) of United States 9. It was the first algorithm to have the strength on the encryption key not the algorithm itself. Its original version uses different mathematical operations which ensure confusion and diffusion. These two require that nor plain text neither encryption key can be retrieved from cipher text. For the 64 bit plain text input using 64 bit key result with a 64 bit cipher text output. Other versions of it require a 128 or 192 bit key but in principle the just do repeated encryption and decryption of original DES. The problem with this algorithm is that cryptanalysts have proved that it is not a secure algorithm. They were able to brute-force break it first in a few days with a cracker called Electronic Frontier Foundation (EFF) [10] and later in less than one day with another cracker called Copacabana [11] . In addition, some other cryptanalysis attacks like linear and differential cryptanalysis in some specific conditions could break it faster than brute-force attack [12][13]. As a result, when we implement symmetric encryption algorithms we should look for algorithms other than DES. Another symmetric algorithm is the Rijndael cipher which is a family of block ciphers with different key lengths and different block lengths. Some versions of it are adopted to DES successor called AES. 2.2 AES algorithm Advanced Encryption Algorithm (AES) is a member of Rijndael cipher family. AES uses the versions with 128 bit block and 128, 192, or 256 bit key from the Rijndael family. It was designed by two Belgian cryptographers and approved by National Institute of Standards and Technology of United States (NIST). In addition, it is the first public algorithm which was approved by National Security Agency of United States (NSA) to protect even top secret information. In summary, this algorithm is the standard algorithm to be used when symmetric encryption is implemented [8]. The encryption function of AES performs mathematical operations to the 128 bit input. These operations are repeated in several round differing from the key length.
Therefore, for 128 bit key there are 10 rounds, for 192 bit key there are 12 rounds and for 256 bit keys there are 14 rounds. Each round has four separate operations. These operations are byte substitution, permutation, arithmetic operations over a finite field and XOR with a key. And for each round the key is generated with Rijndael's key schedule [14]. AES algorithm is implemented in most common programming languages such as: C, C++, C#, java, php and python and its source code is publicly available in Internet. Table 2 - AES operations in each round [14].
First Round AddRound Key - Block is XOR-ed with key.
Other Rounds SubBytes - Each byte is replaced with another based on a table. ShiftRows - Last three rows are shifted based on a table. MixColumns - Combine the last four bits in each comlum. AddRoundKey.
Last Round SubBytes ShiftRows AddRoundKey
2.3 AES parameters AES algorithm depending from the encryption mode whether it is Electronic Codebook (ECB) or Cipher-Block Chaining (CBC) takes two or three parameters. When encryption mode is ECB it takes two parameters a 128 bit plain text and 128, 192 or 256 bit key. On the other hand, as presented in Fig. 3, when encryption mode is CBC another extra parameter is needed it is a 128 bit initial vector. The output is always a 128 bit [14].
Fig. 3 – AES encryption in ECB and CBC mode.
2.4 Security AES is considered to be the most secure symmetric algorithm. There are only a few attacks that can break it and they are applicable only on special conditions. To break it with brute-force attack it is almost impossible because there are too many combinations and it will take billions of years. Other attacks work only on special conditions with modified AES. But with the original one each of these attacks requires a lot of time and therefore it is not useful. In summary, AES is considered by NSA to be enough secure to protect even top secret information. This information explains the best it's security level [15][16]. In addition, we have conducted brute force attacks against cipher texts encrypted with AES of different key lengths. To perform these attacks a computer with core i73612QM processor, and the software CrypTool1 1.4.31 were used. The results of these attacks are presented in Table 3. Table 3 - Time needed to break AES in CBC mode via brute force attack.
Key Length 128 192 256
Time needed to Break 1.2 * 1025 Years 2.4 * 1044 Years 5.1 * 1063 Years
3 Developing FECE SMS App As a part of this paper we have developed an android app which enables end to end encryption of SMS messages using AES algorithm, as presented in Fig. 4. Therefore, it is meant to provide message privacy as long as the attacker does not know the secret key used for encryption and decryption.
Fig. 4 - FECE SMS communication scenario.
In Fig. 4 is depicted the common scenario of sending an SMS message with FECE SMS App. It overrides phone's native SMS app, before sending the SMS message to 1
CrypTool 1.4.31 - Free downloadable at: www.cryptool.org
network this app encrypts the message with AES256 in mode CBC using a key given by user. Next due to the fact that SMS supports only characters encoded in American Standard Code for Information Interchange (ASCII) [2], this cipher text is encoded into BASE64 encoding. Due to Base64 encoding, AES padding, and GSM limitations the maximal message length is limited to 111 characters. Therefore, the message travels through the network encrypted as Base64 encoded cipher, as presented in Fig. 5.
Fig. 5 - Message length after each conducted action in FECE SMS.
On the other hand, the receiver once it gets the message identifies if the message is encrypted or not by checking the first three letters of it. If it is encrypted with FECE SMS they should be "FSE". Once an encrypted SMS is received it is stored on the database as Cipher Text, and the app tries to decrypt it using the same algorithm with a key given by user. If decryption is successful the decrypted message is shown on the screen. Otherwise an error message is shown on the screen. 3.1 Developing Android app with Eclipse and Java FECE SMS is an app designed for mobile phones running Android operating system (OS). This OS is developed by Google, it is an open-source, linux based, and designed for mobile phones and tablets with touch screen. Android is considered to be the most used operating system designed for smart phones. Based on IDC statistics for second quarter of year 2014 nearly 85% of new smart phones had android OS 17. FECE SMS like all other android apps has been developed in JAVA programming language which is considered to be one of the most powerful object oriented programming languages. Also as development environment we have used Eclipse with Android Developer Tools (ADT) plug-in. Eclipse is an Integrated Development Environment (IDE) which perfectly fits the ADT customization, and offers developer a comfortable environment to develop powerful apps [18].
4 FECE vs. other SMS Apps There are many other android applications that try achieve the same objectives like FECE SMS. In Table 4 are presented comparison of FECE SMS app with some market available apps: TextSecure, Crypt Haze and Nisys Crypt.. Table 4 - TextSecure, Crypt Haze, and Nisys Crypt compared to FECE SMS.
TextSecure Advantages Disadvantages Supports Diffie Hellman Can be attacked through ManMerkle. in-the-middle(MIM) attacks. Supports message status. Stores messages in database as plain text. Supports authentication. Supports Group Messaging. High cost of initial communication via GSM. Unlimited Length. Send Messages via Internet. Crypt Haze Advantages Disadvantages Access to cipher text. Not automated sending process Send message via email. Unlimited length Unable to organize messages. Receives SMS only when app is active. No key management. Nisys Crypt Advantages Disadvantages Send message via internet. Not automated sending process Unable to organize messages. Manual decryption only. No key management.
5 Conclusions In conclusion, FECE SMS can be considered as secure app for exchanging SMS messages. By encrypting messages with AES256 algorithm it provides message privacy which is considered to be a weakness of current GSM networks. In addition, FECE SMS has major advantaged compared to existing android apps which try to achieve the same objectives like FECE SMS. Some of these advantages are: (i) Automated send/receive of encrypted SMS, (ii) unique design of app interface which makes app usage very easy, (iii) Support to easily send unencrypted SMS when needed, (iv) localization in three languages: English, German, Albanian, (v) Store of messages as cipher text in message database etc. However, limited message length to 111 characters, and strength in encryption key can be considered as FECE SMS major disadvantages.
References 1. Lacohée, H., Wakeford, N., & Pearson, I. (n.d.). A social history of the mobile telephone. 2. Schiller, J. Mobile Communications. 3. Biryukov, A., Shamir, A., & Wagner, D. (n.d.). Real Time Cryptanalysis of A5/1 on a PC. 4. Biham, E., & Dunkelman, O. (n.d.). Cryptanalysis of the A5/1 GSM Stream Cipher. 5. IETF. (n.d.). RFC 5724. 6. Mao, W. Modern Cryptography. 7. IETF. (n.d.). RFC 5280. 8. Stallings, W. Cryptography and Network Security. 9. NIST. (n.d.). FIPS PUB 46-3. 10. (EFF), E. F. Cracking DES. O'Reilly. 11. Kumar, S., Paar, C., Pelzl, J., Pfeiffer, G., & Schimmler, M. (n.d.). Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel Code Breaker. 12. Matsui, M. (n.d.). Linear Cryptanalysis Method for DES Cipher. 13. Biham, E., & Shamir, A. (n.d.). Differential Cryptanalysis of the Full 16-Round DES. 14. NIST. (n.d.). FIPS PUB 197. 15. Biryukov, A., & Khovratovich, D. (n.d.). Related-key Cryptanalysis of the Full AES-192. 16. Kumar, N. (n.d.). Investigations in Brute Force Attack on Cellular Security Based. 17. Gargenta, M., & Nakamura, M. Learning Android. 18. Gosling, J., Joy, B., Steele, G., Bracha, G., & Buckley, A. (n.d.). The Java Language Specification.
