ANQTM

Bo co Mn hc an ninh qun tr mng
Mc lc
I. t vn ............................................................................................................................................. 2
II. Phn tch ............................................................................................................................................... 2
III. Hng pht trin App m ha tin nhn.......................................................................................... 12
IV. Ti liu tham kho........................................................................................................................... 13
1
I. t vn
in thoi l thit b cm tay ang c s dng rng ri hin nay. Mi ngi
thng hay s dng in thoi nhn tin hay gi in trao i thng tin.
Tuy nhin, vn bo mt thng tin ngi dng hin nay c quan tm. Trn
thc t xy nhiu cuc tn cng, nghe ln in thoi ly cp thng tin ngi
dng thc hin mc ch xu gy nh hng kinh t.
Trong khi , cc phng thc m ha m SMS v Phone Call s dng A5
c th b gii m hoc ngi tn cng c th s dng mt trm fake BTS chn
nghe ln cuc gi v tin nhn. V vy, mun nhn tin v gi in an ton hn m
khng lo b nghe ln th cn s dng phn mm m ha vi thut ton m ha
an ton kh b gii m.
II. Phn tch

C rt nhiu phng thc m ha nh l DES, 3-DES, RSA, AES
+ DES (Data Encryption Standard) l mt phng php mt m
ha c FIPS (Tiu chun X l Thng tin Lin bang Hoa K) chn lm chun
chnh thc vo nm 1976. DES l thut ton m ha khi: n x l tng khi
thng tin ca bn r c di xc nh v bin i theo nhng qu trnh phc
tp tr thnh khi thng tin ca bn m c di khng thay i. Trong
trng hp ca DES, di mi khi l 64 bit. DES cng s dng kha c
bit ha qu trnh chuyn i. Nh vy, ch khi bit kha mi c th gii m
c vn bn m. Kha dng trong DES c di ton b l 64 bit. Tuy nhin
ch c 56 bit thc s c s dng; 8 bit cn li ch dng cho vic kim tra. V
th, di thc t ca kha ch l 56 bit. Do , nu s dng Brute force tn
cng phng thc m ha ny th ch trong vng 399s c th ly c kha
dn n c th gii m d dng thng tin c m ha. Do vy, khc phc
yu im ny ngi ta s dng 3-DES.
2
+ 3-DES: thc ra l m ha cng 1 thng tin qua 3 ln m ha DES vi 3 kha

khc nhau. Do , chiu di m kha s ln hn v an ton s cao hn so vi
DES. Tuy nhin nu s dng 3-DES th qu trnh m ha chm.
+ RSA: l mt thut ton mt m ha kha cng khai. y l thut ton u tin
ph hp vi vic to ra ch k in t ng thi vi vic m ha. N nh du
mt s tin b vt bc ca lnh vc mt m hc trong vic s dng kha cng
cng. RSA ang c s dng ph bin trong thng mi in t v c cho
l m bo an ton vi iu kin di kha ln. Thut ton RSA c
hai kha: kha cng khai (hay kha cng cng) v kha b mt (hay kha c
nhn). Mi kha l nhng s c nh s dng trong qu trnh m ha v gii m.
Kha cng khai c cng b rng ri cho mi ngi v c dng m ha.
Nhng thng tin c m ha bng kha cng khai ch c th c gii m bng
kha b mt tng ng. Ni cch khc, mi ngi u c th m ha nhng ch
c ngi bit kha c nhn (b mt) mi c th gii m c. Trn thc t, hin
nay c rt nhiu phng php tn cng phng thc ny: Common modulus
attack; Low exponent attack; Low decryption attack Theo khuyn co cn s
dng key di t nht 1024bit m ha v vn trao i kha s phc tp.
+ AES (vit tt ca t ting Anh: Advanced Encryption Standard, hay Tiu
chun m ha tin tin): AES ch lm vic vi cc khi d liu (u vo v u
ra) 128 bt v kha c di 128, 192 hoc 256 bt. Cc kha con s dng trong
cc chu trnh c to ra bi qu trnh to kha con Rijndael. Mi kha con cng
l mt ct gm 4 byte. Hu ht cc php ton trong thut ton AES u thc
hin trong mt trng hu hn ca cc byte. Mi khi d liu 128 bit u vo
c chia thnh 16 byte (mi byte 8 bit),c th xp thnh 4 ct, mi ct 4 phn
t hay l mt ma trn 4x4 ca cc byte,n c gi l ma trn trng thi, hay
vn tt l trng thi (ting Anh: state, trang thi trong Rijndael c th c thm
ct). Trong qu trnh thc hin thut ton cc ton t tc ng bin i ma
3
trn trng thi ny. Nu s dng Brute Force tn cng th vi siu my tnh
s cn t t nm c th d ra c key s dng trong AES.
V nhng l do , nhm em chn AES lm phng php m ha.
II.1 Xy dng App android m ha SMS
Quy trnh gi 1 tin nhn
Hnh 1: Qu trnh gi tin nhn
+ BTS ( Base transceiver station) l Mt trm thu pht c s (BTS) l mt thit

b to iu kin giao tip khng dy gia thit b ngi dng (UE) v mng. UE
l cc thit b nh in thoi di ng (in thoi di ng), in thoi WLL, my
tnh kt ni internet khng dy, thit b WiFi v WiMAX v cc thit b khc.
+ MSC ( Mobile switching center) L nt phn phi dch v chnh cho GSM /
CDMA, chu trch nhim v nh tuyn cuc gi thoi v tin nhn SMS cng
4
nh cc dch v khc (nh cc cuc gi hi ngh, FAX v d liu chuyn mch).

MSC thit lp v pht hnh kt ni u cui, x l cc yu cu chuyn ng v
yu cu bn giao trong sut cuc gi v chm sc vic tnh ph v theo di ti
khon tr trc theo thi gian thc.
+ SMSC (SMS center): Khi tin nhn SMS c truyn t in thoi di ng, tin
nhn s c nhn bi Trung tm nhn tin SMS ca nh cung cp dch v di
ng (SMSC), tm kim ch, sau gi n cc thit b ch (in thoi di
ng). SMSC l trung tm dch v SMS c ci t trn mng li ca nh cung
cp dch v di ng. Bn cnh vic chuyn tip tin nhn SMS, SMSC cng hot
ng nh mt kho lu tr tm thi cho tin nhn SMS. V vy, nu in thoi di
ng ch khng hot ng, SMS s lu tr tin nhn v sau gi n sau khi
in thoi di ng ch ang hot ng. Thm vo , SMSC cng thng bo
cho ngi gi v vic vic gi SMS c thnh cng hay khng. Tuy nhin, SMSC
khng th lu tr tin nhn SMS mi mi v dung lng lu tr khng gii hn.
Trong qu trnh gi SMS, in thoi di ng ngi gi v SMSC ang tch cc
giao tip. V vy, nu in thoi di ng ch khng hot ng tr nn hot ng,
SMSC trc tip thng bo cho in thoi di ng gi v cho bit rng vic gi
SMS l thnh cng.
Cch nghe ln tin nhn, Phone Call.
BSC (b iu khin trm c s) l b no ca BTS. N l thit b ra quyt

nh v n quyt nh chuyn i gia cc BTS khc nhau. Cng c th chuyn
i cc cuc gi. Giao din gia BSC v BTS c gi l giao din GSM A-
bis.
C th s dng phn mm OpenBTS cu hnh nn tng radio c nh

ngha bng phn mm l thit b v tuyn c bn c th hot ng nh i pht
thanh hoc vi OpenBTS v Linux, c th chuyn i n thnh OpenBTS. S
dng Asterisk Server, gip chuyn i cuc gi v rt d cu hnh nh BSC.
5
BTS n ang kt ni. Bi v thit b cm tay lun chn tn hiu mnh nht,
v vy nu c mt trm BTS mi c tn hiu mnh hn, in thoi di ng s kt
ni vi n lun lun. Trong GSM, BTS quyt nh cho php m ha hay khng
v vy trm OpenBTS mi s khng s dng m ha c th nghe tt c cc
cuc gi v tin nhn. Trnh bt IMSI khng phi ph v mt m GSM; N ch
hot ng nh mt trm c s v ni vi in thoi v hiu ho m ha GSM.
gi mo mt mng, s cn mt s thng tin: m quc gia di ng, m

mng di ng v tn mng. Tt c d liu ny c th d dng tm thy trn
Internet v chng ti c th lp trnh OpenBTS ca chng ti vi cc gi tr ny
v cu hnh IUSACELL hoc bt k mng no. Sau khi cu hnh cc ci t ny
trong BTS, in thoi di ng trong phm vi s bt u kt ni vi OpenBTS.
App m ha
6
Hnh 2: Giao din App m ha tin nhn
7
Hnh 3: kt qu tin nhn nhn c khi cha Decrypt
8
Hnh 4: Kt qu nhn c khi gii m.
Vn ng b kha gia 2 bn gi v nhn
+ S dng Trao i kha DiffieHellman (D-H). N l mt phng php trao

i kha c pht minh sm nht trong mt m hc. Phng php trao i kha Diffie
Hellman cho php hai bn (ngi, thc th giao tip) thit lp mt kha b mt chung
m ha d liu s dng trn knh truyn thng khng an ton m khng cn c s tha
9
thun trc v kha b mt gia hai bn. Kha b mt to ra s c s dng m ha d

liu vi phng php m ha kha i xng.
tng c bn
im ch cht ca tng ny l Alice v Bob trao i mu sn b mt thng qua hn hp

sn.
u tin Alice v Bob trn mu bit chung (mu vng) vi mu b mt ring ca

mi ngi.
Sau , mi ngi chuyn hn hp ca mnh ti ngi kia thng qua mt knh vn
chuyn cng cng.
Khi nhn c hn hp ca ngi kia, mi ngi s trn thm vi mu b mt ca ring
mnh v nhn c hn hp cui cng.
Hn hp sn cui cng l hon ton ging nhau cho c hai ngi v ch c ring hai ngi
bit. Mu cht y l i vi mt ngi ngoi s rt kh (v mt tnh ton) cho h tm
ra c b mt chung ca hai ngi (ngha l hn hp cui cng). Alice v Bob s s dng
b mt chung ny m ha v gii m d liu truyn trn knh cng cng. Lu , mu
sn u tin (mu vng) c th ty la chn, nhng c tha thun trc gia Alice v
Bob. Mu sn ny cng c th c gi s l khng b mt i vi ngi th ba m khng
lm l b mt chung cui cng ca Alice v Bob.
Phng php trao i kha D-H ny rt kh tn cng nu tn cng mt cch b ng.

Tuy nhin, nu tn cng mt cch ch ng th phng php ny rt d b b.
Khc phc im yu bng cch: thng qua mt bn th ba ng tin cy xc nhn

xem c ng l Alice v Bob ang trao i vi nhau hay khng.
II.2 Phn m ha Phone Call
Android System Architecture

Android Telephony
10
Thnh phn Trnh qun l in thoi l mt thnh phn ph thuc vo nn tng, c

ngha l i vi mi nn tng (hoc cc in thoi di ng / my tnh bng khc nhau) ca
n s phi l c iu chnh lm vic vi lp giao din v tuyn ca nh cung cp tim
nng (RIL). Cc tng tc RIL bt u ngay trn baseband, l phn mm c bn dnh
cho nn tng. Tp tin android / hardware / ril / reference-ril / reference-ril.c cha cc chc
nng gn ging nht vi Android c tng tc Vi mng GSM. Tp ny giao tip vi
bng tn c s thc hin cc tc v GSM khc nhau nh quay s, treo cuc gi, chp
nhn cuc gi, v.v. Th vin RIL hiu qu gi li vo tp tin ny. Cc callbacks ny c
dng onReque s t ( i n t r e q u e s t , void * da t a ,
s i z e _ t d a t a l e n , RIL_Token t )
V cc yu cu c cha cc hnh ng ca yu cu, v RIL_Token cho php hot

ng trng thi. u kia, gi Android bao gm cc gi khc nhau ca
com.android.internal.telephony Cc lp i ph vi vic kim sot in thoi. Tng t
nh cc lnh RIL, cc lnh tip xc qua cc i tng ny kim sot trng thi in thoi,
chng hn nh acceptCall (), rejectCall (), clearDisconnected (), vv
Android Media
Cc thnh phn Truyn thng ca Khung ng dng l chu trch nhim h tr a phng
tin ca Android. Phn m thanh ca khun kh ny rt quan tm n cc cuc gi in
thoi. n v c bn ca m thanh Android l lung. Cc lung c th c nhp / xut ra
/ t bt k thit b m thanh v ng dng no. nh tuyn ca cc lung ny sang cc micr
v loa khc nhau c qun l bi AudioFlinger
android/frameworks/base/services/audioflinger. C l tng tnh c lp ca nn tng,
AudioFlinger thc hin t nh tuyn trc tip theo mc nh (mc d n vn gi c kh
nng nh tuyn). Thay vo , n thit lp mt ch nh tuyn ton h thng nh
MODE_IN_CALL, hoc MODE_RINGTONE. Ch nh tuyn ny sau c truyn
xung thnh nh cung cp c th M h tr h thng phng tin thng qua giao din c
nh ngha trong android/hardware/libhardware/
11
include/hardware/audio.h. M nh cung cp sau s c trch nhim xc nh ni m m

thanh t mt lung (nh lung m thanh cuc gi) kt thc.
Encryption Scheme
Hnh 5: Encryption Scheme
III. Hng pht trin App m ha tin nhn
tng: kt hp s dng phng php m ha Casear v AES m ha.

Thc hin:
Xy dng mt bng m b mt ring.
i vi mi vn bn cn m ha, chuyn cc k t trong vn bn sang mt dng khc
bng cch i chiu vi bng m ta thu c vn bn X.
M ha vn bn X v gi i.
Vn ny sinh: cn bo mt code, chng dch ngc t App ra code l bng m.
Khc phc: s dng Proguard, DashO chng dch ngc.
12
IV. Ti liu tham kho

1. End-to-end encryption Phone Call I. Burns, K. Gabert, and J. Zheng
2. https://vi.wikipedia.org/wiki/Trang_Ch%C3%ADnh
13

ANQTM

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

ANQTM

Transféré par

Droits d'auteur :

Formats disponibles

Bo co Mn hc an ninh qun tr mng

II. Phn tch

+ 3-DES: thc ra l m ha cng 1 thng tin qua 3 ln m ha DES vi 3 kha

II.1 Xy dng App android m ha SMS

Quy trnh gi 1 tin nhn

Hnh 1: Qu trnh gi tin nhn

+ BTS ( Base transceiver station) l Mt trm thu pht c s (BTS) l mt thit

nh cc dch v khc (nh cc cuc gi hi ngh, FAX v d liu chuyn mch).

Cch nghe ln tin nhn, Phone Call.

BSC (b iu khin trm c s) l b no ca BTS. N l thit b ra quyt

C th s dng phn mm OpenBTS cu hnh nn tng radio c nh

gi mo mt mng, s cn mt s thng tin: m quc gia di ng, m

Hnh 2: Giao din App m ha tin nhn

Hnh 3: kt qu tin nhn nhn c khi cha Decrypt

Hnh 4: Kt qu nhn c khi gii m.

Vn ng b kha gia 2 bn gi v nhn

+ S dng Trao i kha DiffieHellman (D-H). N l mt phng php trao

thun trc v kha b mt gia hai bn. Kha b mt to ra s c s dng m ha d

im ch cht ca tng ny l Alice v Bob trao i mu sn b mt thng qua hn hp

u tin Alice v Bob trn mu bit chung (mu vng) vi mu b mt ring ca

Phng php trao i kha D-H ny rt kh tn cng nu tn cng mt cch b ng.

Khc phc im yu bng cch: thng qua mt bn th ba ng tin cy xc nhn

II.2 Phn m ha Phone Call

Android System Architecture

Thnh phn Trnh qun l in thoi l mt thnh phn ph thuc vo nn tng, c

V cc yu cu c cha cc hnh ng ca yu cu, v RIL_Token cho php hot

include/hardware/audio.h. M nh cung cp sau s c trch nhim xc nh ni m m

Hnh 5: Encryption Scheme

III. Hng pht trin App m ha tin nhn

tng: kt hp s dng phng php m ha Casear v AES m ha.

IV. Ti liu tham kho

Vous aimerez peut-être aussi