Title :
Security analysis of mobile QQ
Author :
Fei Yu ; Xinyu Zhao ; Qingbing Ji ; Lijun Zhang
Author_Institution :
Sci. & Technol. on Commun. Security Lab., Chengdu, China
Abstract :
Mobile QQ is the smartphone version of the most popular IM software QQ in China. This paper studies the encipher system and communication protocol of mobile QQ and analyzes its security flaws. We found some security risks of mobile QQ and some of which are fatal especially in a weak wireless environment: Any attacker who could access the communication channel could easily recover the encrypted message packet during the communication without the knowledge of the user´s password; the user´s password is vulnerable by brute-force attack or rainbow table attack in the protocol; the complicated encryption mode of TEA used in mobile QQ could be bypassed.
Keywords :
cryptographic protocols; smart phones; telecommunication security; China; IM software QQ; brute-force attack; communication channel; communication protocol; encipher system; encrypted message packet; mobile QQ; rainbow table attack; security analysis; security risks; smartphone version; user password; weak wireless environment; Encryption; Internet; Mobile communication; Protocols; Servers; information security; mobile QQ; privacy;
Conference_Titel :
Wireless Communications and Signal Processing (WCSP), 2014 Sixth International Conference on
Conference_Location :
Hefei
DOI :
10.1109/WCSP.2014.6992183
