Demo: Zero interaction private messaging with ZIPR

Ali Razeen, Landon P. Cox
{"title":"Demo: Zero interaction private messaging with ZIPR","authors":"Ali Razeen, Landon P. Cox","doi":"10.1145/2594368.2601470","DOIUrl":null,"url":null,"abstract":"Messaging app developers are beginning to take the security and privacy of their users' communication more seriously. Unfortunately, a recent study has shown that the developers of many popular apps incorrectly use cryptography. As a result, they make mistakes that may result in trivially broken encryption schemes. For example, the developers of Snapchat use a constant symmetric encryption key hardcoded into the app and it only takes 12 lines of Ruby to crack the encryption. In this work, we propose ZIPR (Zero-Interaction PRivacy), a system that relieves developers from the task of using cryptography correctly. Designed for text-messaging apps, ZIPR automatically negotiates shared secret keys, and encrypts and decrypts messages as users of these apps chat with each other. No manual intervention is required by users for them to enjoy secure messaging. There are two key ideas behind ZIPR. First, most text-messaging apps follow a basic UI scheme that contains (i) a text box for users to compose their message, (ii) a \"send\" button which they click on to send the message, and (iii) a list view to display sent and received messages. By intercepting events on these UI elements, ZIPR can manipulate the composed message before it is sent and before it is displayed. This allows the system to transparently encrypt and decrypt message data. The second key idea is that ZIPR can reuse the communication channel defined by an app to negotiate a shared secret key between two users. This is done by piggy-backing negotiation data on the messages users send to each other. A major advantage of this approach is that ZIPR can avoid the difficult task of establishing user identities. After all, a user of a text-messaging app is likely to carry out a conversation only with someone she knows, and both of them would have signed up for the chat service using some personal data such as their email addresses or phone numbers. Developers use ZIPR by tagging UI elements; no changes to their source code are required. This is similar to HTTPS where web developers only need to configure their servers with SSL certificates to encrypt data transmission with their users. However, unlike HTTPS, the end-to-end encryption in ZIPR takes place between the two users carrying out a conversation and not between a server and a user. This ensures that even if the app servers are compromised, users' messages would remain secure. ZIPR is implemented in Android 4.3 and works with existing apps with very few modifications. In this demo, we show that our current prototype works with several apps including Whatsapp, Facebook Messenger, and Skype. These apps required only four, five, and three lines of modification to their UI XML definition files, respectively. In Figure 1, we show a screenshot of Whatsapp running under ZIPR. In the first two messages exchanged between the users, a new shared secret key is negotiated. Subsequently, all following messages are securely transmitted, and these encrypted messages are prefixed with a ``*'' by ZIPR. We are currently extending our prototype to use the Android Keystore API and the TrustZone hardware to allow users to identify MitM attacks, and to store the secret keys securely. We are also porting other messaging apps, such as Viber, to ZIPR.","PeriodicalId":131209,"journal":{"name":"Proceedings of the 12th annual international conference on Mobile systems, applications, and services","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-06-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 12th annual international conference on Mobile systems, applications, and services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2594368.2601470","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

Abstract

Messaging app developers are beginning to take the security and privacy of their users' communication more seriously. Unfortunately, a recent study has shown that the developers of many popular apps incorrectly use cryptography. As a result, they make mistakes that may result in trivially broken encryption schemes. For example, the developers of Snapchat use a constant symmetric encryption key hardcoded into the app and it only takes 12 lines of Ruby to crack the encryption. In this work, we propose ZIPR (Zero-Interaction PRivacy), a system that relieves developers from the task of using cryptography correctly. Designed for text-messaging apps, ZIPR automatically negotiates shared secret keys, and encrypts and decrypts messages as users of these apps chat with each other. No manual intervention is required by users for them to enjoy secure messaging. There are two key ideas behind ZIPR. First, most text-messaging apps follow a basic UI scheme that contains (i) a text box for users to compose their message, (ii) a "send" button which they click on to send the message, and (iii) a list view to display sent and received messages. By intercepting events on these UI elements, ZIPR can manipulate the composed message before it is sent and before it is displayed. This allows the system to transparently encrypt and decrypt message data. The second key idea is that ZIPR can reuse the communication channel defined by an app to negotiate a shared secret key between two users. This is done by piggy-backing negotiation data on the messages users send to each other. A major advantage of this approach is that ZIPR can avoid the difficult task of establishing user identities. After all, a user of a text-messaging app is likely to carry out a conversation only with someone she knows, and both of them would have signed up for the chat service using some personal data such as their email addresses or phone numbers. Developers use ZIPR by tagging UI elements; no changes to their source code are required. This is similar to HTTPS where web developers only need to configure their servers with SSL certificates to encrypt data transmission with their users. However, unlike HTTPS, the end-to-end encryption in ZIPR takes place between the two users carrying out a conversation and not between a server and a user. This ensures that even if the app servers are compromised, users' messages would remain secure. ZIPR is implemented in Android 4.3 and works with existing apps with very few modifications. In this demo, we show that our current prototype works with several apps including Whatsapp, Facebook Messenger, and Skype. These apps required only four, five, and three lines of modification to their UI XML definition files, respectively. In Figure 1, we show a screenshot of Whatsapp running under ZIPR. In the first two messages exchanged between the users, a new shared secret key is negotiated. Subsequently, all following messages are securely transmitted, and these encrypted messages are prefixed with a ``*'' by ZIPR. We are currently extending our prototype to use the Android Keystore API and the TrustZone hardware to allow users to identify MitM attacks, and to store the secret keys securely. We are also porting other messaging apps, such as Viber, to ZIPR.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
演示:零交互私有消息与ZIPR
即时通讯应用开发商开始更加重视用户通信的安全和隐私。不幸的是,最近的一项研究表明,许多流行应用程序的开发人员错误地使用了加密技术。因此,他们犯的错误可能会导致加密方案的轻微破坏。例如,Snapchat的开发者使用了一个固定的对称加密密钥硬编码到应用程序中,只需要12行Ruby代码就可以破解加密。在这项工作中,我们提出了ZIPR(零交互隐私),这是一个将开发人员从正确使用加密的任务中解脱出来的系统。ZIPR专为短信应用设计,可以自动协商共享密钥,并在这些应用的用户彼此聊天时对信息进行加密和解密。用户不需要人工干预就可以享受安全的消息传递。ZIPR背后有两个关键思想。首先,大多数短信应用程序都遵循一个基本的UI方案,其中包含(i)用户撰写信息的文本框,(ii)用户点击发送信息的“发送”按钮,以及(iii)显示发送和接收信息的列表视图。通过拦截这些UI元素上的事件,ZIPR可以在组合消息发送和显示之前对其进行操作。这允许系统透明地加密和解密消息数据。第二个关键思想是,ZIPR可以重用应用程序定义的通信通道,以便在两个用户之间协商共享密钥。这是通过在用户相互发送的消息上附带协商数据来实现的。这种方法的一个主要优点是ZIPR可以避免建立用户身份的困难任务。毕竟,短信应用程序的用户可能只会与她认识的人进行对话,而且他们都可能使用一些个人数据(如电子邮件地址或电话号码)注册了聊天服务。开发者通过标记UI元素来使用ZIPR;不需要更改它们的源代码。这类似于HTTPS, web开发人员只需要用SSL证书配置他们的服务器来加密与用户之间的数据传输。然而,与HTTPS不同的是,ZIPR中的端到端加密发生在执行会话的两个用户之间,而不是在服务器和用户之间。这确保了即使应用服务器被入侵,用户的消息也会保持安全。ZIPR在Android 4.3中实现,并与现有的应用程序一起工作,只需很少的修改。在这个演示中,我们展示了我们目前的原型可以与几个应用程序一起工作,包括Whatsapp、Facebook Messenger和Skype。这些应用程序分别只需要对其UI XML定义文件进行四行、五行和三行修改。在图1中,我们显示了在ZIPR下运行的Whatsapp的屏幕截图。在用户之间交换的前两条消息中,协商一个新的共享密钥。随后,以下所有消息都被安全传输,这些加密消息由ZIPR以“*”作为前缀。我们目前正在扩展我们的原型,以使用Android Keystore API和TrustZone硬件来允许用户识别MitM攻击,并安全地存储密钥。我们还将Viber等其他通讯应用程序移植到ZIPR上。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Characterizing resource usage for mobile web browsing Demo: Yalut -- user-centric social networking overlay Demo: Mapping global mobile performance trends with mobilyzer and mobiPerf Poster: DriveBlue: can bluetooth enhance your driving experience? Balancing design and technology to tackle global grand challenges
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1