Abstract
The mobile devices became the most spread tools used for everyday communication. The users of mobile applications demand high level of security. All existing encryption protocols require from the users additional knowledge and resources. On the other hand the common user does not have required knowledge and skills about security. In this paper we discuss the problem of public key distribution between interested parties. We propose to use a popular social media as a channel to publish public keys. That way of keys distribution allows the owner of the key to connect easily with the desired person or institution, that is not always easy. Recognizing that the mobile devices are the main tool of communication, we present example of a mobile application that uses the proposed security method.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ruoti, S., Kim, N., Burgon, B., van der Horst, T., Seamons, K.: Confused Johnny: when automatic encryption leads to confusion and mistakes. In: Proceedings of the Ninth Symposium on Usable Privacy and Security, pp. 5:1–5:12 (2013)
Sheng, S., Broderick, L., Koranda, C.A., Hyland, J.J.: Why Johnny still can’t encrypt: evaluating the usability of email encryption software. In: Symposium on Usable Privacy and Security (2006)
Narayanan, A., Thiagarajan, N., Lakhani, M., Hamburg, M., Boneh, D.: Location privacy via private proximity testing. In: NDSS (2011)
Technical Standardization Committee on AV & IT Storage Systems and Equipment: Exchangeable Image File Format for Digital Still Cameras. In: Version 2.2. Japan Electronics and Information Technology Industries Association, JEITA CP-3451 (2002)
ISO 16684-1:2012 Graphic technology – Extensible metadata platform (XMP) specification
IPTC Standard Photo Metadata IPTC Core 1.2. International Press Telecommunications Council (2015)
Anderson, R., Petitcolas, F.: On the limits of steganography. IEEE J. Sel. Areas Commun. 16, 474–481 (1998)
Kessler, G.C., Chet, H.: An overview of steganography. Adv. Comput. 83(1), 51–107 (2011)
BS ISO/IEC 18004:2006. Information technology. Automatic identification and data capture techniques. QR Code 2005 bar code symbology specification
Hłobaż, A., Podlaski, K., Milczarski, P.: Applications of QR codes in secure mobile data exchange. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) CN 2014. CCIS, vol. 431, pp. 277–286. Springer, Heidelberg (2014). doi:10.1007/978-3-319-07941-7_28
Vidas, T., Owusu, E., Wang, S., Zeng, C., Cranor, L.F., Christin, N.: QRishing: the susceptibility of smartphone users to QR code phishing attacks. In: Adams, A.A., Brenner, M., Smith, M. (eds.) FC 2013. LNCS, vol. 7862, pp. 52–69. Springer, Heidelberg (2013). doi:10.1007/978-3-642-41320-9_4
Tamir, C.: AVG (AU/NZ) Cautions: Beware of Malicious QR Codes. PCWorld (2011)
Ferguson, N., Schneier, B., Kohno, T.: Cryptography Engineering: Design Principles and Practical Applications. Wiley, New York (2010)
Gollmann, D.: Computer Security, 2nd edn. Wiley, New York (2006)
Stallings, W.: Cryptography and Network Security: Principles and Practice. Prentice Hall, Upper Saddle River (2010)
Nikiforakis, N., Meert, W., Younan, Y., Johns, M., Joosen, W.: Sessionshield: lightweight protection against session hijacking. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 87–100. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19125-1_7
Adid, B.: Sessionlock: securing web sessions against eavesdropping. In: Proceedings of the 17th International Conference on World Wide Web, pp. 517–524 (2008)
Milczarski, P., Podlaski, K., Hłobaż, A.: Applications of Secure Data Exchange Method Using Social Media to Distribute Public Keys. In: Gaj, P., Kwiecień, A., Stera, P. (eds.) CN 2015. CCIS, vol. 522, pp. 389–399. Springer, Heidelberg (2015). doi:10.1007/978-3-319-19419-6_37
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Podlaski, K., Hłobaż, A., Milczarski, P. (2016). Secure Data Exchange Based on Social Networks Public Key Distribution. In: Mandler, B., et al. Internet of Things. IoT Infrastructures. IoT360 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 169. Springer, Cham. https://doi.org/10.1007/978-3-319-47063-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-47063-4_5
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-47062-7
Online ISBN: 978-3-319-47063-4
eBook Packages: Computer ScienceComputer Science (R0)