• DocumentCode
    1775053
  • Title

    Security analysis of mobile QQ

  • Author

    Fei Yu ; Xinyu Zhao ; Qingbing Ji ; Lijun Zhang

  • Author_Institution
    Sci. & Technol. on Commun. Security Lab., Chengdu, China
  • fYear
    2014
  • fDate
    23-25 Oct. 2014
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    Mobile QQ is the smartphone version of the most popular IM software QQ in China. This paper studies the encipher system and communication protocol of mobile QQ and analyzes its security flaws. We found some security risks of mobile QQ and some of which are fatal especially in a weak wireless environment: Any attacker who could access the communication channel could easily recover the encrypted message packet during the communication without the knowledge of the user´s password; the user´s password is vulnerable by brute-force attack or rainbow table attack in the protocol; the complicated encryption mode of TEA used in mobile QQ could be bypassed.
  • Keywords
    cryptographic protocols; smart phones; telecommunication security; China; IM software QQ; brute-force attack; communication channel; communication protocol; encipher system; encrypted message packet; mobile QQ; rainbow table attack; security analysis; security risks; smartphone version; user password; weak wireless environment; Encryption; Internet; Mobile communication; Protocols; Servers; information security; mobile QQ; privacy;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Wireless Communications and Signal Processing (WCSP), 2014 Sixth International Conference on
  • Conference_Location
    Hefei
  • Type

    conf

  • DOI
    10.1109/WCSP.2014.6992183
  • Filename
    6992183