Gabriele Costa
Alessio Merlo
ABSTRACT
Mobile code distribution relies on digital signatures to guarantee code authenticity. Unfortunately, standard signature schemes are not well suited for use in conjunction with program transformation techniques, such as aspect-oriented programming. With these techniques, code development is performed in sequence by multiple teams of programmers. This is fundamentally different from traditional single-developer/ single-user models, where users can verify end-to-end (i.e., developer-to-user) authenticity of the code using digital signatures. To address this limitation, we introduce FLEX, a flexible code authentication framework for mobile applications. FLEX allows semi-trusted intermediaries to modify mobile code without invalidating the developer's signature, as long as the modification complies with a "contract" issued by the developer. We introduce formal definitions for secure code modification, and show that our instantiation of FLEX is secure under these definitions. Although FLEX can be instantiated using any language, we design AMJ--a novel programming language that supports code annotations--and implement a FLEX prototype based on our new language.
- Apple App Store. http://www.apple.com/itunes/. Accessed: July 2015.Google Scholar
- Alessandro Armando, Gabriele Costa, Alessio Merlo, and Luca Verderame. Enabling BYOD Through Secure Meta-market. In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2014, pages 219--230. Google ScholarDigital Library
- Giuseppe Ateniese, Daniel Chou, Breno de Medeiros, and Gene Tsudik. Sanitizable Signatures. In Proceedings of the European Symposium on Research in Computer Security, volume 3679 of ESORICS 2005, pages 159--177. Springer Berlin Heidelberg. Google ScholarDigital Library
- Gavin Bierman, Matthew Parkinson, and Andrew Pitts. MJ: An Imperative Core Calculus for Java and Java with Effects. Technical Report UCAM-CL-TR-563, University of Cambridge, 2003.Google Scholar
- Kai Bollert. On weaving aspects. In Ana M. D. Moreira and Serge Demeyer, editors, ECOOP Workshops, volume 1743 of Lecture Notes in Computer Science, pages 301--302. Springer, 1999. Google ScholarDigital Library
- The Legion of the Bouncy Castle. https://www.bouncycastle.org/. Accessed: July 2015.Google Scholar
- Christina Brzuska, Marc Fischlin, Tobias Freudenreich, Anja Lehmann, Marcus Page, Jakob Schelbert, Dominique Schroder, and Florian Volk. Security of Sanitizable Signatures Revisited. In Proceedings of the International Conference on Practice and Theory in Public Key Cryptography, volume 5443 of PKC 2009, pages 317--336. Springer Berlin Heidelberg. Google ScholarDigital Library
- Lilian Burdy, Marieke Huisman, and Mariela Pavlova. Preliminary Design of BML: A Behavioral Interface Specification Language for Java Bytecode. In Proceedings of the Fundamental Approaches to Software Engineering, volume 4422 of FASE 2007, pages 215--229. Springer Berlin Heidelberg. Google ScholarDigital Library
- Firefox Marketplace. http://marketplace.firefox.com. Accessed: July 2015.Google Scholar
- FLEX Prototype. http://cl.ly/1L3n2P1i2F2d.Google Scholar
- Gogo Inflight Internet. http://www.gogoair.com.Google Scholar
- Google Play Store. http://play.google.com/. Accessed: July 2015.Google Scholar
- Robert Johnson, David Molnar, Dawn Xiaodong Song, and David Wagner. Homomorphic Signature Schemes. In Proceedings of the Cryptographer's Track at the RSA Conference on Topics in Cryptology, CT-RSA 2002, pages 244--262. Springer-Verlag. Google ScholarDigital Library
- Gregor Kiczales. Aspect-oriented Programming. ACM Computer Survey, 28(4es), December 1996. Google ScholarDigital Library
- Gregor Kiczales, John Lamping, Anurag Mendhekar, Chris Maeda, Cristina Lopes, Jean-Marc Loingtier, and John Irwin. Aspect-oriented programming. In Mehmet Akşit and Satoshi Matsuoka, editors, ECOOP'97 -- Object-Oriented Programming, volume 1241 of Lecture Notes in Computer Science, pages 220--242. Springer Berlin Heidelberg, 1997.Google Scholar
- Gary Leavens, Albert Baker, and Clyde Ruby. JML: a Java Modeling Language. In Proceedings of the Workshop on Formal Underpinnings of Java, OOPSLA 1998.Google Scholar
- Steffen Lortz, Heiko Mantel, Artem Starostin, Timo Bahr, David Schneider, and Alexandra Weber. Cassandra: Towards a Certifying App Store for Android. In Proceedings of the Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2014, pages 93--104. Google ScholarDigital Library
- Bertrand Meyer. Applying "design by contract". Computer, 25(10):40--51, October 1992. Google ScholarDigital Library
- Refik Molva and Françoise Baude. Mobile Code, Internet Security, and E-Commerce. In Proceedings of the European Conference on Object-Oriented Programming, ECOOP 2000, pages 270--281. Google ScholarDigital Library
- George Necula. Proof-carrying Code. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 1997, pages 106--119. Google ScholarDigital Library
- OpenHAB project homepage. http://www.openhab.org/. Accessed: July 2015.Google Scholar
- R. Sekar, C. R. Ramakrishnan, I. V. Ramakrishnan, and S. A. Smolka. Model-Carrying Code (MCC): A New Paradigm for Mobile-code Security. In Proceedings of the Workshop on New Security Paradigms, NSPW 2001, pages 23--30. Google ScholarDigital Library
- Signing Your Applications. http://developer.android.com/tools/publishing/app-signing.html.Google Scholar
- Brian Cantwell Smith. Procedural Reflection in Programming Languages. PhD thesis, Massachusetts Institute of Technology, Laboratory for Computer Science, 1982.Google Scholar
- Starbucks. http://www.starbucks.com. Accessed: July 2015.Google Scholar
- Gregory Sullivan. Aspect-oriented Programming Using Reflection and Metaobject Protocols. Communications of the ACM, 44(10):95--97, October 2001. Google ScholarDigital Library
- Wink Smart Hub. http://www.wink.com. Accessed: July 2015.Google Scholar
- Xsemantics. http://xsemantics.sourceforge.net/. Accessed: July 2015.Google Scholar
- Xtext. A framework for development of programming languages and domain specific languages. https://eclipse.org/Xtext/. Accessed: July 2015.Google Scholar
Index Terms
- FLEX: A Flexible Code Authentication Framework for Delegating Mobile App Customization
Recommendations
Public-Key encryption from ID-Based encryption without one-time signature
OTM'06: Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part IDesign a secure public key encryption scheme and its security proof are one of the main interests in cryptography In 2004, Canetti, Halevi and Katz [8] constructed a public key encryption (PKE) from a selective identity-based encryption scheme with a ...
Identity-based strong designated verifier signature schemes: Attacks and new construction
A strong designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party, and no third party ...
A novel identity-based strong designated verifier signature scheme
Unlike ordinary digital signatures, a designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third ...
Comments