Portability Evaluation of Cryptographic Libraries on Android Smartphones

  • Alexandre M. Braga
  • Erick N. Nascimento
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7672)

Abstract

This paper shows the results of an investigation of cryptographic services for mobile devices running Android. The objective of the investigation was to assess the feasibility of sophisticated cryptographic services on modern smartphones running Android. First of all, the portability of cryptographic libraries was evaluated according to its feasibility. Second, performance measurements were taken for some of the libraries successfully ported.

Keywords

Android security cryptography evaluation mobile security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Cryptlib, The cryptlib Security Software Development Toolkit”. Digital Data Security Limited (2012), http://www.cryptlib.com/
  2. Crypto++, Crypto++: a free C++ class library of cryptographic schemes. Wei Dai (2012), http://www.cryptopp.com/
  3. Cyassl, Yassl: Embedded SSL Library for Applications, Devices, and the Cloud”. Sawtooth Consulting Limited (2012), http://www.yassl.com/yaSSL/Home.html
  4. De Caro, A., Iovino, V.: jPBC: Java pairing based cryptography. In: Proceedings of the 2011 IEEE Symposium on Computers and Communications (ISCC 2011). IEEE Computer Society (2011)Google Scholar
  5. ECCLib, ECCLib: Elliptic Curve Library, CPqD – Centro de Pesquisa e Desenvolvimento em Telecomunicações (2012)Google Scholar
  6. Enck, W., Octeau, D., McDaniel, P., Chaudhuri, S.: A study of android application security. In: Proceedings of the 20th USENIX Conference on Security (SEC 2011), p. 21. USENIX Association, Berkeley (2011)Google Scholar
  7. FlexiProvider, FlexiProvider: a powerful toolkit for the Java Cryptography Architecture (JCA/JCE), Technische Universitat Darmstadt, Germany (2012), http://www.flexiprovider.de/
  8. GnuTLS, The GNU Transport Layer Security Library”, Free Software Foundation (2012), http://www.gnu.org/software/gnutls/
  9. Grosschadl, J., Page, D.: Efficient Java Implementation of Elliptic Curve Cryptography for J2ME-Enabled Mobile Devices, Cryptology ePrint Archive, Report Nr. 2011/712 (2011)Google Scholar
  10. IAIK, IAIK Cryptographic Toolkit. Graz University of Technology, Austria (2012), http://jce.iaik.tugraz.at/
  11. jPBC, jPBC - Java Pairing-Based Cryptography Library, GAS Laboratory, University Degli Studi di Salerno, Italy (2012), http://gas.dia.unisa.it/projects/jpbc/
  12. Libgcrypt, GNU’s basic cryptographic library, Free Software Foundation (2012), http://www.gnupg.org/related_software/libraries.en.html#lib-libgcrypt
  13. MatrixSSL, MatrixSSL: Opensource Embedded SSL, AuthenTec (2012), http://www.matrixssl.org/
  14. MIRACL, MIRACL Crypto SDK, Certivox (2012), http://certivox.com/
  15. NaCL, NaCl: Networking and Cryptography library, CACE Project (2012), http://nacl.cr.yp.to/
  16. NSA, Enterprise Mobility Architecture for Secure Voice over Internet Protocol. Mobility Capability Package - Secure VoIP, V 1.2 (2012)Google Scholar
  17. NSS, Network Security Services, Mozilla Foundation (2012), http://www.mozilla.org/projects/security/pki/nss/
  18. OpenSSL, OpenSSL: The Open Source toolkit for SSL/TLS, The OpenSSL Project (2012), http://www.openssl.org/
  19. PBC, The Pairing-Based Cryptography Library, Stanford University (2012), http://crypto.stanford.edu/pbc/
  20. PolarSSL, PolarSSL: Cryptography and SSL made easy, Offspark (2012), http://polarssl.org/
  21. Read, D., Martina, J.: SAMES - Short Anonymous Message Encryption Scheme. In: X Simpósio Brasileiro em Segurança da Informação e de Sistemas computacionais SBSeg, Fortaleza, Ceará, Brasil (2010)Google Scholar
  22. Aranha, D.F., Gouvêa, C.P.L.: RELIC, RELIC is an Efficient LIbrary for Cryptography (2012), http://code.google.com/p/relic-toolkit/
  23. Singh, K., Zhong, J., Mirchandani, V., Batten, L., Bertok, P.: Securing Data Privacy on Mobile Devices in Emergency Health Situations. In: Schmidt, A.U., Russello, G., Krontiris, I., Lian, S. (eds.) MobiSec 2012. LNICST, vol. 107, pp. 119–130. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  24. Smith, M., Schridde, C., Agel, B., Freisleben, B.: Secure mobile communication via identity-based cryptography and server-aided computations. J. Supercomput. 55(2), 284–306 (2011)CrossRefGoogle Scholar
  25. SpongyCastle, Spongy Castle: Repackage of Bouncy Castle for Android, Bouncy Castle Project (2012), http://rtyley.github.com/spongycastle/
  26. Voyiatzis, A., Stefanidis, K.G., Serpanos, D.N.: Increasing lifetime of cryptographic keys on smartphone platforms with the controlled randomness protocol. In: Proceeding WESS 2011 Proceedings of the Workshop on Embedded Systems Security, New York, NY, USA (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Alexandre M. Braga
    • 1
  • Erick N. Nascimento
    • 1
  1. 1.Centro de Pesquisa e Desenvolvimento em Telecomunicações, (Fundação CPqD)CampinasBrazil

Personalised recommendations