Skip to main content
SpringerLink
Log in

Evaluation of Cryptographic Capabilities for the Android Platform

  • Conference paper
  • First Online:
Book cover Future Network Systems and Security (FNSS 2015)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 523))

Included in the following conference series:

Abstract

Future networks will be formed by millions of devices, many of them mobile, sharing information and running applications. Android is currently the most widely used operating system in smartphones, and it is becoming more and more popular in other devices. Providing security to these mobile devices and applications is a must for the proper deployment of future networks. For this reason, this paper studies the cryptographic structure and built-in tools in Android, and shows that the operating system has been specially designed for plugging-in external cryptographic modules. We conclude that the best option for providing cryptographic capabilities is using these external modules. We show the existent options and compare some features, like licensing, source code availability and price. We define some requirements, evaluate each module, and provide guidelines for developers who want to use properly security primitives.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Android Git repositories. https://android.googlesource.com/

  2. Bouncy Castle repository. Android Git repositories. https://android.googlesource.com/platform/external/bouncycastle/

  3. Abusharekh, A.: Comparative Analysis of Multi-Precision Arithmetic Libraries for Public Key Cryptography. Ph.D. thesis, George Mason University, Washington, DC (2004)

    Google Scholar 

  4. Bingmann, T.: Speedtest and comparsion of open-source cryptography libraries and compiler flags. https://panthema.net/2008/0714-cryptography-speedtest-comparison/

  5. Campione, M., Walrath, K., Huml, A.: The Java Tutorial: A Short Course on the Basics, 3rd edn. Addison-Wesley Longman Publishing Co., Inc., Boston (2000)

    Google Scholar 

  6. Carroll, A., Heiser, G.: An analysis of power consumption in a smartphone. In: Proceedings of the 2010 USENIX Conference on USENIX Annual Technical Conference, USENIXATC 2010, pp. 21–21. USENIX Association, Berkeley (2010)

    Google Scholar 

  7. eMarketer Inc.: 2 billion consumers worldwide to get smartphones by 2016 (2014). http://www.emarketer.com/Article/2-Billion-Consumers-Worldwide-Smartphones-by-2016/1011694

  8. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, pp. 21–21. USENIX Association, Berkeley (2011)

    Google Scholar 

  9. Enck, W., Ongtang, M., McDaniel, P.: Understanding android security. IEEE Secur. Priv. 7(1), 50–57 (2009)

    Article  Google Scholar 

  10. Institute for Applied Information Processing and Communication. Gratz University of Technology. Core Crypto Toolkits. https://jce.iaik.tugraz.at/sic/Products/Core-Crypto-Toolkits

  11. Free Software Foundation. The GNU Crypto project. http://www.gnu.org/software/gnu-crypto/

  12. Goasduff, L., Rivera, J.: Gartner says smartphone sales surpassed one billion units in 2014 (2015). http://www.gartner.com/newsroom/id/2623415

  13. Jones, C.: Google Play catching up to Apple’s App Store (2013). http://www.forbes.com/sites/chuckjones/2013/12/19/google-play-catching-up-to-apples-app-store/

  14. Laverty, J.P., Wood, D.F., Kohun, F.G., Turchek, J.: Comparative analysis of mobile application development and security models. Issues Inf. Syst. 12(1), 301–312 (2011)

    Google Scholar 

  15. Nightingale, J.S.: Comparative analysis of Java cryptographic libraries for public key cryptography (2006). http://teal.gmu.edu/courses/ECE746/project/reports_2006/JAVA_MULTIPRECISION_report.pdf

  16. The Legion of Bouncy Castle. Boncy Castle. http://www.bouncycastle.org/java.html

  17. Research Group of Prof. Dr. Johannes Buchmann. FlexiProvider. http://www.flexiprovider.de/

  18. Android Open Source Project. BigInteger class, Android API. http://developer.android.com/reference/java/math/BigInteger.html

  19. Android Open Source Project. Crypto Provider, Android platform ‘libcore’ repository. Android Git repositories. https://android.googlesource.com/platform/libcore/+/master/luni/src/main/java/org/apache/harmony/security/provider/crypto/CryptoProvider.java

  20. Android Open Source Project. javax.net.ssl package, Android API. http://developer.android.com/reference/javax/net/ssl/package-summary.html

  21. Android Open Source Project. JSSE Provider, Android platform ‘conscrypt’ repository. Android Git repositories. https://android.googlesource.com/platform/external/conscrypt/+/master/src/main/java/org/conscrypt/JSSEProvider.java

  22. Android Open Source Project. OpenSSL Provider, Android platform ‘conscrypt’ repository. Android Git repositories. https://android.googlesource.com/platform/external/conscrypt/+/master/src/main/java/org/conscrypt/OpenSSLProvider.java

  23. Android Open Source Project. OpenSSL repository. Android Git repositories. https://android.googlesource.com/platform/external/openssl/+/master

  24. Android Open Source Project. Platform versions. http://developer.android.com/about/dashboards/index.html?utm_source=ausdroid.net#Platform

  25. Android Open Source Project. Processes and threads. http://developer.android.com/guide/components/processes-and-threads.html

  26. Android Open Source Project. Android Developers (2014). http://developer.android.com/index.html

  27. The Cryptix Project. Cryptix. http://www.cryptix.org/

  28. Ragnarsson, L.: The logi.crypto Java package. http://www.logi.org/logi.crypto/devel/

  29. Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: a comprehensive security assessment. IEEE Secur. Priv. 8(2), 35–44 (2010)

    Article  Google Scholar 

  30. National Institute Standards and Technology. Cryptographic Toolkit. http://csrc.nist.gov/groups/ST/toolkit/index.html

  31. Roberto Tyley. SpongyCastle. http://rtyley.github.io/spongycastle/

  32. Viega, J., Chandra, P., Messier, M.: Network Security with Openssl, 1st edn. O’Reilly & Associates Inc., Sebastopol (2002)

    Google Scholar 

  33. Walker, M.A.: Standard method of evaluating cryptographic capabilities and efficiency for devices with the Android platform (2010). https://www.truststc.org/education/reu/10/Papers/WalkerM_paper.pdf

Download references

Acknowledgments

This work was supported partially by the Spanish Research Council with Project SERVET TEC2011-26452, and by Generalitat de Catalunya with Grant 2014-SGR-1504 and 2014-SGR-375 to consolidated research groups.

Author information

Authors and Affiliations

  1. Network Engineering Department, Universitat Politècnica de Catalunya, Jordi Girona 1-3, Campus Nord UPC, 08034, Barcelona, Spain

    David González, Oscar Esparza, Jose L. Muñoz, Juanjo Alins & Jorge Mata

Authors
  1. David González
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Oscar Esparza
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jose L. Muñoz
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Juanjo Alins
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jorge Mata
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Oscar Esparza .

Editor information

Editors and Affiliations

  1. Deakin University, Burwood, Victoria, Australia

    Robin Doss

  2. Department of Information Systems and Operations Management, University of Florida, Gainesville, Florida, USA

    Selwyn Piramuthu

  3. ESCP Europe, Paris, France

    Wei ZHOU

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

González, D., Esparza, O., Muñoz, J.L., Alins, J., Mata, J. (2015). Evaluation of Cryptographic Capabilities for the Android Platform. In: Doss, R., Piramuthu, S., ZHOU, W. (eds) Future Network Systems and Security. FNSS 2015. Communications in Computer and Information Science, vol 523. Springer, Cham. https://doi.org/10.1007/978-3-319-19210-9_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-19210-9_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-19209-3

  • Online ISBN: 978-3-319-19210-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation