开源移动操作系统Android,一经问世便因为其开放性以及灵活性,深受用户和厂商的青睐。但由于该系统的自由性,导致恶意软件泛滥。针对这样的情况,文中首先阐述了Android平台的一些设计思路并分析该平台中短信收发存在的包括信息泄露、信息拦截和信息伪造等潜在隐私问题,解析了现有的仅使用对称加密算法的短信加密防护手段的问题并研究了“一次一密”的密码学思想,设计了一个基于非对称加密体系的“一次一密”短信加密防护方法。在Android终端上实现后,测试了该方法与传统的加密方法的性能差异。得出的实验结果表明,在增加有限的时间开销的情况下,使用“一次一密”的短信加密手段能够有效防止密文与密钥的泄露并且能够在一定程度上抵御重放冲击。%Since the open source mobile OS,Android,came out,which has been attracted by customers and manufactures due to its open-ness and flexibility. However,malicious programs have been widely spread. Due to this,describe the design idea of Android system and potential privacy issues such as message leak,message interception and faking,then analyze the existing SMS encryption system and OTP Cryptography and design a new SMS encryption system based on one-time padding and asymmetric encryption,finally implement the new system on Android platform and test the performance difference between this method and traditional encryption method. The experi-mental results show that with a limited time cost,the encryption system based on one-time padding is possible to prevent leakage of the cipher text and the key,and it can reduce the risk of replay attack.
展开▼
