DocumentCode
1775053
Title
Security analysis of mobile QQ
Author
Fei Yu ; Xinyu Zhao ; Qingbing Ji ; Lijun Zhang
Author_Institution
Sci. & Technol. on Commun. Security Lab., Chengdu, China
fYear
2014
fDate
23-25 Oct. 2014
Firstpage
1
Lastpage
5
Abstract
Mobile QQ is the smartphone version of the most popular IM software QQ in China. This paper studies the encipher system and communication protocol of mobile QQ and analyzes its security flaws. We found some security risks of mobile QQ and some of which are fatal especially in a weak wireless environment: Any attacker who could access the communication channel could easily recover the encrypted message packet during the communication without the knowledge of the user´s password; the user´s password is vulnerable by brute-force attack or rainbow table attack in the protocol; the complicated encryption mode of TEA used in mobile QQ could be bypassed.
Keywords
cryptographic protocols; smart phones; telecommunication security; China; IM software QQ; brute-force attack; communication channel; communication protocol; encipher system; encrypted message packet; mobile QQ; rainbow table attack; security analysis; security risks; smartphone version; user password; weak wireless environment; Encryption; Internet; Mobile communication; Protocols; Servers; information security; mobile QQ; privacy;
fLanguage
English
Publisher
ieee
Conference_Titel
Wireless Communications and Signal Processing (WCSP), 2014 Sixth International Conference on
Conference_Location
Hefei
Type
conf
DOI
10.1109/WCSP.2014.6992183
Filename
6992183
Link To Document