Research On APK Authorization Mechanism Based On Sanitizable Signature Algorithm

The rapid development of mobile Internet and smart phones have easy to carry and powerful features,making the popularity of smart phones increased rapidly.Android system is supported by a large number of users,terminal manufacturers and developers with its openness and scalability,but also make it a valuable target in the eyes of hackers,exposing more and more security issues,such as sensitive information disclosure,conversation eavesdropping and hijacking,malicious charges,malicious advertising distribution and so on,the development of mobile Internet and user information security have brought a great threat.The APK authorization problem is the security problem to be solved urgently in the Android security research.The secondary development of the APK file will involve the authorization problem and the security problem.However,the native signature mechanism provided by the Android system can't solve the above problems.Therefore,this paper proposes new APK authorization mechanism APK-SAN and PROAPK-SAN in combination with the unique attributes of the sanitizable signature technology.The main research contents and work are as follows:1.According to practical requirement,design new APK authorization mechanism workflow.Combining with this workflow,a new APK authorization mechanism APK-SAN is proposed by utilizing the unique attributes of the sanitizable signature technology,and then its security analysis is given.APK-SAN not only satisfies the security protection of Android native signature mechanism for APK file integrity and unforgeability,but also allows the original developer of the APK file to authorize the specified modifier to modify the specified part of the APK file,The modifier doesn't need to interact with the original developer to modify the APK file within the authorization scope and generate a validsignature of the new APK file.2.Combined with the new APK authorization mechanism workflow,a new APK authorization mechanism PROAPK-SAN,which can prove the security under the standard model,is proposed by using the unique attributes of the sanitizable signature technology.The mechanism is implemented by a specific algorithm,at the same time,the performance analysis is given and the security proof is given based on the actual security requirements.