Evaluation of Cryptography Usage in Android Applications

Chatzikonstantinou, Alexia and Ntantogian, Christoforos and Karopoulos, Georgios and Xenakis, Christos (2016) Evaluation of Cryptography Usage in Android Applications. EAI Endorsed Transactions on Security and Safety, 3 (9). e4. ISSN 2032-9393

[img]
Preview
Text
eai.3-12-2015.2262471.pdf
Available under License Creative Commons Attribution No Derivatives.

Download (259kB) | Preview

Abstract

Mobile application developers are using cryptography in their products to protect sensitive data like passwords, short messages, documents etc. In this paper, we study whether cryptography and related techniques are employed in a proper way, in order to protect these private data. To this end, we downloaded 49 Android applications from the Google Play marketplace and performed static and dynamic analysis in an attempt to detect possible cryptographic misuses. The results showed that 87.8% of the applications present some kind of misuse, while for the rest of them no cryptography usage was detected during the analysis. Finally, we suggest countermeasures, mainly intended for developers, to alleviate the issues identified by the analysis.

Item Type: Article
Uncontrolled Keywords: software security, android, cryptography misuse
Subjects: H Social Sciences > H Social Sciences (General)
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
QA75 Electronic computers. Computer science
Depositing User: EAI Editor IV
Date Deposited: 26 Mar 2021 13:51
Last Modified: 26 Mar 2021 13:51
URI: https://eprints.eudl.eu/id/eprint/2059

Actions (login required)

View Item View Item