Skip to main content
SpringerLink
Log in

Hybrid app security protocol for high speed mobile communication

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

In this paper, security vulnerabilities that can be found in hybrid apps, by which important data are downloaded from a web server, were analyzed and HIGHT algorithm based on OTP delimiter modification and bit slicing was proposed to enhance security of hybrid apps. The hybrid app, to which the proposed method was applied before analysis, is a medical app for research and monitors biometric data of patients in the healthcare field. This app is monitoring patient’s biometric data continuously. Thus, this app generates considerable mobile traffic and transmission delay. After installing the app in a mobile device, reverse engineering was used to check the address from which the app requests important data, and a web server analysis tool was used to obtain important data that enables security attacks including the sitemap, type and version of application, and open source. To solve these problems, the security protocol proposed in this paper was applied, as a result important data were protected without transmission delay and it shows that proposed protocol can adopt high speed mobile communications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20

Similar content being viewed by others

References

  1. Kim YJ, Kim KJ, Yu YJ, Park SH (2011) Implementation of XML-based open API for Smartphone Middleware. J Korea Inst Inf Commun Eng 15(1):869–876. doi:10.6109/jkiice.2011.15.4.869

    Article  Google Scholar 

  2. Do KM, Kim YH, Kim DI, Kim CB (2013) Application design using hybrid app in mobile environment. In: Korean Institute of Information Technology summer conference, pp 35–38

  3. Jung WJ, Oh JH, Yoon DW (2012) Design and implementation of hybrid app framework. J Korea Inst Inf Commun Eng 16(9):1990–1996

    Article  Google Scholar 

  4. Cho YH, Kim SW, Jeong PS (2013) A study on the implementation of mobile healthcare system using hybrid app. J Korea Inst Inf Commun Eng 17(2):503–514. doi:10.6109/jkiice.2013.17.2.503

    Article  Google Scholar 

  5. Carlos R, Afonso J, Tomé P (2011) Mobile application webservice performance analysis: restful services with JSON and XML. In: ENTERprise information systems, pp 162–169. doi:10.1007/978-3-642-24355-4_17

  6. Nurseitov N, Paulson M, Reynolds R, Izurieta C (2009) Comparison of JSON and XML data interchange formats: a case study. In: Proceedings of the ISCA 22nd international conference on computer applications in industry and engineering, pp 157–162

  7. Berena AJ, Chunwijitra S, Okada H, Ueno H (2013) Shared virtual presentation board for e-Meeting in higher education on the WebELS platform. Hum Centric Comput Inf Sci 3(3). doi:10.1186/2192-1962-3-6

  8. Kim GY, Cho SJ (2010) Security vulnerability trends in smartphones. Korean Inst Inf Sci Eng Conf 37(2B):90–94

    Google Scholar 

  9. Kun P (2013) A secure network for mobile wireless service. J Inf Process Syst 9(2):247–258. doi:10.3745/JIPS.2013.9.2.247

    Article  MathSciNet  Google Scholar 

  10. Tsai C-L, Chen C-J, Zhuang D-J (2012) Trusted M-banking verification scheme based on a combination of OTP and biometrics. J Converg 3(3):23–30

    Google Scholar 

  11. Agarwal S, Lau CT (2010) Remote health monitoring using mobile phones and Web services. Telemed e-Health 16(2):603–607. doi:10.1089/tmj.2009.0165

    Article  Google Scholar 

  12. Kim YH, Lim IK, Lee JK (2014) A study on algorithm to identify the abnormal status of a patient using acceleration algorithm. Personal Ubiquitous Comput 18(3):1337–1350. doi:10.1007/s00779-013-0736-1

    Article  Google Scholar 

  13. Melendi D, Pañeda XG, García R, García VG (2009) Sistema para la realización y evaluación de prácticas de protocolos de nivel de aplicación. IEEE-RITA 4(2):109–116

    Google Scholar 

  14. Kelly MR (2012) An extensible framework for creating personal archives of web resources requiring authentication. PhD Thesis, Old Dominion University

  15. Charland A, Leroux B (2011) Mobile application development: web vs. native. Commun ACM 54(2):49–53. doi:10.1145/1941487.1941504

    Article  Google Scholar 

  16. Samet H, Adelfio MD, Fruin BC, Lieberman MD, Teitler BE (2011) Porting a web-based mapping application to a smartphone app. In: Proceedings of the 19th ACM SIGSPATIAL international conference on advances in geographic information systems, pp 525–528. doi:10.1145/2093973.2094065

  17. Godwin-Jones R (2011) Emerging technologies: mobile apps for language learning. Lang Learn Technol 15(2):2–11

    Google Scholar 

  18. Kim JB (2012) Study on construction method of hybrid web-based smart learning systems. J Inst Electron Inf Eng 49(9):370–378. doi:10.5573/ieek.2012.49.9.370

    Google Scholar 

  19. Na Daniel Y (2011) The what, why, and how of mobile applications. Sigma 11(1):20–26

    Google Scholar 

  20. Gavalas D, Economou D (2011) Development platforms for mobile applications: status and trends. Softw IEEE 38(1):77–86. doi:10.1109/MS.2010.155

    Article  Google Scholar 

  21. Lu J (2007) Cryptanalysis of reduced versions of the HIGHT block cipher from CHES 2006. In: Information security and cryptology-ICISC 2007, pp 11–26. doi:10.1007/978-3-540-76788-6_2

  22. Koo BW, Hong DJ, Kwon DS (2011) Related-key attack on the full HIGHT. Information security and cryptology-ICISC 2010, pp 49–67. doi:10.1007/978-3-642-24209-0_4

  23. Biswas K, Muthukkumarasamy V, Sithirasenan E, Singh K (2014) A simple lightweight encryption scheme for wireless sensor networks. In: Distributed computing and networking, pp 499–504. doi:10.1007/978-3-642-45249-9_33

  24. Ozen O, Varici K, Tezcan C, Kocair C (2009) Lightweight block ciphers revisited: cryptanalysis of reduced round PRESENT and HIGHT. In: Information security and privacy, pp 90–107. doi:10.1007/978-3-642-02620-1_7

  25. AlDabbagh SSM, Al Shaikhli IFT (2012) Lightweight block ciphers: a comparative study. J Adv Comput Sci Technol Res 2(1):159–165

    Google Scholar 

  26. Zhang P, Sun B, Li C (2009) Saturation attack on the block cipher HIGHT. In: Cryptology and network security, pp 76–86. doi:10.1007/978-3-642-10433-6_6

  27. TTA, TTAS.KO-12.0040/R1: 64-bit block cipher HIGHT

  28. ISO/IEC 18033-3:2010, Information technology—security techniques—encryption algorithms-Part 3: Block ciphers

  29. Karuppiah AB, Rajaram S (2012) Energy efficient encryption algorithm for wireless sensor network. Int J Eng Res Technol 1(3):1–7

    Google Scholar 

  30. Hong DJ, Koo BW, Kwon DS (2012) Biclique attack on the full HIGHT. Information security and cryptology-ICISC 2011, pp 365–374. doi:10.1007/978-3-642-31912-9_24

  31. Hong DJ, Sung JC, Hong SH, Lim JI, Lee SJ, Koo BS, Lee CH, Chang DH, Lee JS, Jeong KT, Kim H, Kim JS, Chee ST (2006) HIGHT: a new block cipher suitable for low-resource device. In: Cryptographic hardware and embedded systems-CHES 2006, pp 46–59. doi:10.1007/11894063_4

  32. Biham E (1997) A fast new DES implementation in software. In: Fast software encryption, pp 260–272. doi:10.1007/BFb0052352

  33. Baek ET, Lee MK (2012) Speed-optimized implementation of HIGHT block cipher algorithm. J Korea Inst Inf Secur Cryptol 22(3):495–504

    Google Scholar 

  34. Lee DG (2011) Kim HW (2011) FPGA implementation of HIGHT block cipher. Inst Electron Eng Korea Summer Conf 34(1):1603–1606

    Google Scholar 

  35. Oppliger R, Hauser R, Basin D (2006) SSL/TLS session-aware user authentication-or how to effectively thwart the man-in-the-middle. Comput Commun 29(12):2238–2246. doi:10.1016/j.comcom.2006.03.004

    Article  Google Scholar 

  36. Me G, Pirro D, Sarrecchia R (2006) A mobile based approach to strong authentication on web. In: ICCGI ’06 proceedings of the international multi-conference on computing in the global information technology, p 67. doi:10.1109/ICCGI.2006.8

  37. Oppliger R, Hauser R, Basin D (2008) SSL/TLS session-aware user authentication revisited. Comput Secur 27(3):64–70. doi:10.1016/j.cose.2008.04.005

  38. Dulidall JL, Godfrey MS, Harrison KA, Munro WJ, Rarity JG (2006) Low cost and compact quantum key distribution. New J Phys 8(10):1–16. doi:10.1088/1367-2630/8/10/249

    Google Scholar 

  39. Eldefrawy MH, Khan MK, Alghathbar K, Kim TH, Elkamchouchi H (2012) Mobile one-time passwords: two-factor authentication using mobile phones. Secur Commun Netw 5(2):508–516. doi:10.1002/sec.340

    Article  Google Scholar 

  40. Gurav TH, Dhage M (2012) Remote client authentication using mobile phone generated OTP. Int J Sci Res Publ 2(2):1–4

    Google Scholar 

  41. Lee JP, Kim YH, Lee JK (2013) The traffic performance evaluation between remote server and mobile for applying to encryption protocol in the Wellness environment. J Digit Converg 11(11):415–420. doi:10.14400/JDPM.2013.11.11.415

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Engineering, Hannam University, Daejeon, Republic of Korea

    Seoung-Hyeon Lee, Young-Hyuk Kim & Jae-Kwang Lee

  2. Department of Information Security, Seowon University, #377-3, Musimseo-ro, Seowon-gu, Chungju-si, Choungbok, Republic of Korea

    Deok Gyu Lee

Authors
  1. Seoung-Hyeon Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Young-Hyuk Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jae-Kwang Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Deok Gyu Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Deok Gyu Lee.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lee, SH., Kim, YH., Lee, JK. et al. Hybrid app security protocol for high speed mobile communication. J Supercomput 72, 1715–1739 (2016). https://doi.org/10.1007/s11227-014-1318-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-014-1318-3

Keywords

Search

Navigation