Abstract
An approach is proposed to protect user’s personal data stored on mobile devices running the Android OS, which combines multifactor authentication, secret sharing, visual cryptography, and steganography; and it also uses the built-in security features of the operating system. It ensures the confidentiality of personal data even if both the mobile device and the related remote storage (server) are compromised.
This is a preview of subscription content, log in via an institution to check access.
REFERENCES
Shenets, N., Multi-factor one-way authentication and key retrieval based on ideal threshold secret sharing, Nonlinear Phenom. Complex Syst., 2020, vol. 23, no. 1, pp. 54–65. https://doi.org/10.33581/1561-4085-2020-23-1-54-65
Asmuth, C. and Bloom, J., A modular approach to key safeguarding, IEEE Trans. Inf. Theory, 1983, vol. 29, no. 2, pp. 208–210. https://doi.org/10.1109/tit.1983.1056651
Blakley, G.R., Safeguarding cryptographic keys, 1979 Int. Workshop on Managing Requirements Knowledge (MARK), New York, 1979, IEEE, 1979, pp. 313–318. https://doi.org/10.1109/mark.1979.8817296
Chen, L., Laing, T.M., and Martin, K.M., Efficient, XOR-based, Ideal (t,n)-threshold schemes, Cryptology and Network Security, Foresti, S. and Persiano, G., Eds., Lecture Notes in Computer Science, vol. 10052, Cham: Springer, 2016, pp. 467–483. https://doi.org/10.1007/978-3-319-48965-0_28
Karnin, E., Greene, J., and Hellman, M., On secret sharing systems, IEEE Trans. Inf. Theory, 1983, vol. 29, no. 1, pp. 35–41. https://doi.org/10.1109/tit.1983.1056621
Shamir, A., How to share a secret, Commun. ACM, 1979, vol. 22, no. 11, pp. 612–613. https://doi.org/10.1145/359168.359176
Shenets, N.N., On information level of modular circuits of sharing a secret, Dokl. Nats. Akad. Nauk Belarusi, 2010, vol. 54, no. 6, pp. 9–12.
Pedersen, T.P., A threshold cryptosystem without a trusted party, Advances in Cryptology—EUROCRYPT ’91, Davies, D.W., Ed., Lecture Notes in Computer Science, vol. 547, Berlin: Springer, 1991, pp. 522–526. https://doi.org/10.1007/3-540-46416-6_47
Naor, M. and Shamir, A., Visual cryptography, Advances in Cryptology—EUROCRYPT’94, De Santis, A., Ed., Lecture Notes in Computer Science, vol. 950, Berlin: Springer, 1995, pp. 1–12. https://doi.org/10.1007/bfb0053419
Nimmy, K. and Sethumadhavan, M., Novel mutual authentication protocol for cloud computing using secret sharing and steganography, The Fifth Int. Conf. on the Applications of Digital Information and Web Technologies (ICADIWT 2014), Chennai, India, 2014, IEEE, 2014, pp. 101–106. https://doi.org/10.1109/icadiwt.2014.6814685
Mavlonov, O.N., Yusupov, R.Z., and Turdibekov, B.B., Steganography: Methods for hiding data, Int. J. Contemp. Sci. Tech. Res., 2022, vol. 1, no. 2, pp. 56–58. doi https://zenodo.org/doi/10.5281/zenodo.7304213
Kozachok, A., Spirin, A., Kozachok, V., and Lavrova, D., Information leakage prevention based on the separation of encrypted and compressed data, 2021 Ivannikov Ispras Open Conf. (ISPRAS), Moscow, 2021, IEEE, 2021, pp. 88–97. https://doi.org/10.1109/ispras53967.2021.00009
Nosrati, M., Karimi, R., and Hariri, M., An introduction to steganography methods, World Appl. Program., 2011, vol. 1, no. 3, pp. 191–195.
Kadhum, R.N. and Ali, N.H.M., Data hiding and its applications: Digital watermarking and steganography, Int. J. Nonlinear Anal., 2022, vol. 13, no. 1, pp. 4001–4011. https://doi.org/10.3390/books978-3-0365-2937-0
Aleksandrova, E.B., Shtyrkina, A.A., and Yarmak, A.V., Post-quantum group-oriented authentication in IoT, Nonlinear Phenom. Complex Syst., 2020, vol. 23, no. 4, pp. 405–413. https://doi.org/10.33581/1561-4085-2020-23-4-405-413
Altuwaijri, H. and Ghouzali, S., Android data storage security: A review, J. King Saud Univ. Comput. Inf. Sci., 2020, vol. 32, no. 5, pp. 543–552. https://doi.org/10.1016/j.jksuci.2018.07.004
Zegzhda, P., Zegzhda, D., Pavlenko, E., and Ignatev, G., Applying deep learning techniques for Android malware detection, Proc. 11th Int. Conf. on Security of Information and Networks, Cardiff, Wales, 2018, New York: Association for Computing Machinery, 2018, p. 7. https://doi.org/10.1145/3264437.3264476
Trusty TEE | Android Open Source Project. https://source.android.com/docs/security/features/trusty. Cited January 10, 2023.
KeyStore | Android Developers. https://developer.android.com/reference/java/security/KeyStore. Cited January 10, 2023.
Biometrics | Android Open Source Project. https://source.android.com/docs/security/features/biometric. Cited January 10, 2023.
Usov, E.S., Nikol’skii, A.V., Pavlenko, E.Yu., and Zegzhda, D.P., Architecture of the protected cloud data storage using Intel SGX technology, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1144–1149. https://doi.org/10.3103/s0146411618080394
Funding
This work was supported by ongoing institutional funding. No additional grants to carry out or direct this particular research were obtained.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
The author of this work declares that he has no conflicts of interest.
Additional information
Publisher’s Note.
Allerton Press remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Shenets, N.N. Approach for Protecting Mobile Device User’s Data Based on Multifactor Authentication, Visual Cryptography, and Steganography. Aut. Control Comp. Sci. 57, 886–893 (2023). https://doi.org/10.3103/S0146411623080291
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411623080291