|
The development of microprocessor technologies has resulted in development of mobile devices of a storage and transfer of the information. The functions, assigned on computers, now are no time pass to their predecessors: Pocket PC, smartphone and cellular telephones. Thus the development of technology in the field of virtual machines has allowed to create the applications for set forth above devices for expansion of opportunities. Due to development of mobile devices of communication (cellular telephones), they as became the keepers of the information.
By the basic information, which is necessary for protecting on cellular telephones is numbers of the persons with which we have the business or personal attitudes, information on them, stored in the telephone.
The protection available in modern cellular telephones for a long time is obsolete and does not meet the requirements safety, in particular:
- The data are stored(kept) in an open kind on file system of the telephone;
- The password authentication (PIN) has small length;
- The password authentication consists only of a set of figures.
Such protection allows to protect from direct manual finger, but at use of software with the help of the personal computer it is possible to break open protection of the telephone for few seconds.
In the given job the variant of the protected control system of the confidential information for mobile devices is offered on the basis of language Java focused on the virtual machine Java (JVM).
The protection of the data can not be considered of a reliable fur-tree is used only authentication, at plunder of the device probably simply to copy the information from the carrier. Therefore is necessary in addition and enciphering of the data. But thus as it is necessary to take into account opportunities of the device for which the given system is developed.
To system the following requirements are showed:
- It is necessary to use enciphering of the data;
- The system should have high speed;
- Enciphering the data should be reliable;
- The password authentication should have large length;
- The alphabet of the password authentication should not be limited only to set of figures;
- The system should have the friendly interface to the clear simple user and not require the special skills for its use.
In view of the given requirements the control system of the confidential information for mobile devices was created.
At designing were used next algorithms of cryptography : MD5, CRC32 and Blowfish.
The algorithm of enciphering Blowfish is reliable, high-speed and the minimum of memory requires at its use. In system two passwords are used: the password authentication and password of enciphering. The system of enciphering has the following structure:
- The data are stored on file system of the mobile device in the ciphered kind with the help of algorithm Blowfish and have the following kind for each record:
a) Name
b) Surname
c) Company
d) Stationary telephone
e) Mobile telephone
f) E-mail
g) Additional data on the person
- Information cipher on a key of enciphering;
- The key of enciphering is stored in the ciphered kind on file system of the mobile device, there to be stored its control sum for the control of integrity.
- The key of enciphering is ciphered on a key authentication and at access to system there is an attempt decipher on him of a key of enciphering.
Such circuit allows to organize reliable protection of the data at high speed. At change of the password authentication irrespective of quantity of records in system the time of change of the password remains constant. To exclude uses of the short passwords in system the restriction on minimal length of the password is entered, besides is used hash of the password with the help of algorithm MD5.
Besides the opportunity of use neuron of methods of definition keyboard serif is examined at passage authentication.
Algorithm of authentication:
Pin
P=MD5(Pin)
m=DP(MasterKey); CRCm
CRC1=CRC32(M)
CRC1==CRCm : (True,False)
In the telephone book pass the following processes:
read: Dm(S)
write: Em(S)
Change of the password authentication:
Pin, Pin1
P=MD5(Pin)
m=DP(MasterKey); CRCm
CRC1=CRC32(m)
CRC1==CRCm : P1=MD5(Pin1),EP1(m),CRCm
Change of the password of enciphering:
Pin, MasterKey1
P=MD5(Pin)
m=DP(MasterKey); CRCm
CRC1=CRC32(m)
CRC1==CRCm : Ep(MasterKey1),CRC32(MasterKey1),Em1(Dm(S))
At the description of algorithms the following designations were used:
Pin - password authentication;
MD5 – algorithm hashing;
CRC - algorithm of calculation of the control sum;
E - enciphering on algorithm Blowfish;
D - deciphering decoding on algorithm Blowfish;
The developed protected control system of the confidential information for mobile devices is organized in style of the telephone book, has the friendly interface and good high-speed parameters.
Note. Abstracts are published in author's edition
Comments
|
![[ICT SBRAS]](/picture/copan/ict-logo.gif){kind=logo}
[Home] [Conference] |
© 1996-2000, Institute of computational Techologies SB RAS, Novosibirsk
© 1996-2000, Siberian Branch of Russian Academy of Science, Novosibirsk