Research on Encryption Technology Based on J2ME Socket Network Communication

Wuling REN College of Computer and Information Engineering

Zhejiang Gongshang University Hangzhou, China

rwl@mail.zjgsu.edu.cn

Dafeng YU College of Computer and Information Engineering

Zhejiang Gongshang University Hangzhou, China

632637008@qq.com

Abstract—With the rapid development of wireless communication and Java technique, the wireless applications built on Java is of great promise. So it's important to pay more attention to their security. Based on the introduction of J2ME, this article also analyzes how to secure the new booming wireless application of J2ME, especially on small wireless device.This paper introduces communication technology on wireless networks based on the J2ME platform, deeply analyses the J2ME platform, and analyses the communication theory on programming interfaces of socket network; and then analyzes and compares several common encryption algorithms such as MD5, SHA1 and BASE64, etc. According to the performance and features of mobile phone network, I propose an encryption solution based on J2ME Socket protocol, realize this encryption program and give the source code of this encryption program in this paper.

Keywords-component; J2ME; Socket; Encryption

I. INTRODUCTION

This paper introduces the J2ME platform for wireless networks based on communication technology, network programming interfaces Socket communication theory ; and then analyzes and compares several common encryption algorithms; then proposed an encryption solutions based on J2ME Socket protocol , and gives the realization of the program.

Mobile e-business has received the recognition of consumers, through mobile e-business they can surf online, inquire the information, purchase products at any time anywhere, both convenient and save time. How to ensure the safety of mobile e-commerce trade is a significant problem.

With the rapid development of 3G technology, mobile Internet has become a fashion, people who use the mobile Internet gradually increased, problem of network security about the mobile phone comes, naturally, the security technology of mobile communications has also become the focus of attention.

In recent years, with the release of the 3G licences and mobile hardware technology development, and mobile phone fees adjustment, the mobile phone has developed to a new network platform from the original the product of pure consumption plus entertainment, any good network application existing in PC can also and

should be move to mobile phone. Mobile phone network will be written an important component of the Internet, including streaming media, mobile payment, etc. Various kinds of new business will have rapid development. With the development of informationization and digital society, people continuously realize the importance of information security and confidentiality, and in 1997, the American national standards promulgated by the American data encryption standard (DES), folk strength started full intervention in the research and application of the encryption algorithm, such as SHA, DES, RSA, etc. With demand of the encryption strength continuous improved, recently appeared AES, ECC, etc. This paper introduces the data encryption solution based on the Socket agreement, and gives different solutions under the different usage.

J2ME is a new, smaller Java application environment for consumer embedded products, provide technical framework that are easy to develop, deploy and use . When comes to the applications of wireless Java , a very important problem is to protect the safety of mobile devices. Safety of Mobile equipment has two basically aspects: one is the safety of mobile devices while running the wireless application download, the security is the structure of the J2ME that to protect the system; the other is the safety of data transmission on mobile equipment, it safeguards by the data encryption and digital signatures.

This article we analyses the problems of J2ME wireless security , then analyses the deficiencies of mobile device data transmission safety on J2ME security model , and expounds the application of RC4 symmetrical encryption, RSA based on the asymmetric encryption and digital signature mix of encryption technology in J2ME system, and gives complete solutions based on the end-to-end security on the J2ME mobile e-commerce system.

II. J2ME AND SOCKET TECHNOLOGY

A. introduction of J2ME J2ME (Java 2 Micro Edition) is an integral part of the

Java 2, together with Java SE, Java EE they make up the main three versions of Java technology, and also work out by JCP (Java Community Process). J2ME is a highly optimized Java running environment, mainly aim at consumer electronics devices, such as mobile phones, digital set-tops, car navigation system and so on . J2ME

978-1-61284-722-1/11/$26.00 ©2011 IEEE

2011 International Conference on Mechatronic Science, Electric Engineering and ComputerAugust 19-22, 2011, Jilin, China

1969

technology was officially launched in JavaOne Developer Conference in 1999 , it transplanted platform-independent character of the Java language into a small electronic equipment, allowing the wireless mobile equipment to share between applications.

B. software architecture of J2ME Compared with J2SE Java and J2EE, J2ME are more

diversified in operation environment and target, but each of these kind of the use of the products is actually more of a single, and resource constraints also more strict. In order to achieve standardization and compatibility and at the same time try to meet different demand, structure of J2ME is divided into Configuration Profile and Optional Packages(See in Figure 1). Their combination trade-offs formed specific operation environment.

Configuration is mainly classified according to longitudinal equipment including storage and processing capability, which defines the virtual machine characteristics and basic class library. Standardized configuration includes Connected Limited Device Configuration CLDC and Connected Device Configuration CDC .

Established based on Configuration, Profile together with Configuration formed a complete operating condition. Profile is mainly classified into market segment according to specific field, it mainly includes libraries of specific use and the API. The standardized Profile on CLDC has Mobile Information Device Profile MIDPand Information Module Profile IMP , and the standardized Profile on CDC has Foundation Profile FP

Personal Basis Profile PBP Personal ProfilePP .Optional package which is independent from the front two provided additional, modular and more diversified functions. Currently standardized optional package includes database access, multimedia, bluetooth etc.

Figure 1. Structure of J2ME system

C. The Socket technology based on J2ME Socket is a common data communication mode in

communication network applications, often use the client/server (C/S) system structure. At present, the Socket has been widely accepted, become a very popular network programming interface API. Through the Socket we can send TCP protocol data, data mainly transfer through IP protocol of the layer network protocol, thus Socket is also considered as a network programming interface in TCP/IP protocol. The display of sending and receiving data by Socket is layered shown in Figure 2.

Figure 2. socket communication between server and client

Programming interface in MIDP2.0 provides two interfaces that are ServerSocketConnection and SocketConnection, respectively used to develop the server side of Socket and the client side. Through the two interfaces communicate between server and client, as shown in Figure 3.

Receive data throughInputStream

No

Send data throughOutputStream

Server Side

Monitor a port

Accept a connectionfrom the client

Get the socket connectionfrom the client

Open theInputStream

Open theOutputStream

Yes

Over ?

disconnect

End

Yes

Over ?

disconnect

End

Receive data throughOutputStream

No

Send data throughInputStream

Open theOutputStream

Connect to the serveron certain port

Client Side

Figure 3. socket communication in MIDP2.0

1970

In the chart, the dotted line indicated the data interaction process between client and server , mainly in connected, it mainly occured in three stages that are sending and receiving data and disconnected.

D. The realization of socket communication The server side: String url="socket://:12345"; //The server side of socket protocol is realized by

ServerSocketConnection object ssc=(ServerSocketConnection)Connector.open(url); while(true){ //ssc.acceptAndOpen() return a object of

StreamConnection, Mandatory type conversion sc=(SocketConnection)ssc.acceptAndOpen(); dis=sc.openDataInputStream(); dos=sc.openDataOutputStream(); ...... }The client side: String url="socket://localhost:12345"; SocketConnection sc=null; DataInputStream dis=null; DataOutputStream dos=null; StringBuffer buffer=new StringBuffer(); try{ sc=(SocketConnection)Connector.open(url); dis=sc.openDataInputStream(); dos=sc.openDataOutputStream(); ....... }

III. ENCRYPTION TECHNOLOGY OF J2ME

A. commonly used encryption technology in JAVA language Due to the particularity of the J2ME, When use the

data encryption, J2ME programs must compile it's own encryption algorithm or use external expansion package, not like the J2EE J2SE Java language that can use the API offered by Sun. Comprehensive consideration of the J2ME equipment performance, efficiency of encryption algorithm, safety of encryption algorithm , encryption algorithm reversible, and screened out encryption algorithm that suit to J2ME equipment , such as MD5 SHA1 BASE64 etc.

1) MD5 Message Digest Algorithm MD5 (called the fifth

edition message digest algorithm in Chinese) is a hash function widely used in compute fields, to protection the provide integrity of the message digest. MD5 is most widely used in password authentication and key identification in all kinds of software, popular speaking is serial number that we commonly used. MD5 is a kind of hash function, under the application of computer networks, there are two kind of irreversible encryption algorithm, that one of them is MD5 algorithm invented by the RSA company and the other one is SHA, it is a secure hash algorithm that is suggested by USA Technical Standards Institute.

2) SHA1 Secure Hash Algorithm mainly suitable for Digital

Signature Algorithm(DSA) definited in Digital Signature

Standard (DSS). For digest which it's length less than 2 ^ 64 bit , SHA1 will produce a digest of 160 bits. When receiving the message, this message digest can be used to verify the integrity of the data. In a transmission process, data is likely to be changed, so at this time it will produce different message digests. SHA1 has the following characteristics: can't recover from news the information; two different news won't produce the same message digests.

3) BASE64 The most commonly encoded mode used on network is

Base64 which transmission code of 8Bit bytes . Base64 code can be used to transfer longer identification information in HTTP environment . For example, in Java Hibernate, Persistence system had adopted Base64 to code the longer unique identifiers (general 128 - bit UUID) to a string, used as the parameters for HTTP form and HTTP GET URL. In other applications, we often need to code binary data to a certain format that fit into the URL (including hidden the form fields). At this time, by using Base64 not only be brief, also have no readability, that the encoded data can't be caught sight of directly. BASE64 is the more commonly used reversible encryption algorithm.

B. Realization of J2ME safety 1) brief introduction of J2me security

CLDC standard defines three levels of security mechanism: underlying security mechanism, application level security mechanism and point-to-point security mechanism. There is one point need to emphasize that the verification process to bytecode. JVM provides service that prevent malicious code into enterprise system. In addition, the MIDP2.0 provide concept of permission and protection domain. Application tries to get permission for corresponding privileges proposed by sensitive API. Providing trust domain and the untrust zone, different equipment which provides protection domain may be different, generally MIDlet we developed are stored in the trusted zone. If you want to be trusted MIDlet, you need to request accreditation from a trusted organization.

2) Bouncy Castle Crypto API Bouncy Castle is a lightweight encryption package of

open source that is used for Java platform. It supports a lot of encryption algorithm, and provide the realization of JCE 1.2.1. Because Bouncy Castle was designed as a lightweight, so from J2SE Java 1.4 to J2ME(include MIDP) platform, it can all run. It is the only complete encryption packages that can be able to run on in MIDP. Due to the mobile devicesits' own characteristics, it is stricter for requirement of application size. It is recommended to use Bouncy Castle package only need to introduce the source code to your engineering, compile packaged together. Before running use obfuscation device to confuse scale-up files.

3) Encrypt data with DES algorithm in the socket communication

There are two encryption algorithm we generally adopt in the network applications: symmetrical encryption algorithm and public key encryption algorithm, the decision of adopt which encryption algorithm is to according to the specific environment and system of the application, and not simply to make judgments according to its strength of encryption. Public-key encryption

1971

algorithm has high strength of encryption, but efficiency should be far below the symmetrical encryption algorithm. And in the mobile devices, because power of hardware processing is not particularly good, symmetrical encryption algorithm is more suitable for encryption of source data. Symmetrical encryption algorithm use the same key in data encryption and decryption, suitable for mass data encryption.

The common encryption standard of symmetrical encryption algorithm is DES. When using DES, both sides of communication adopt 64-bit key to encryp and decrypt message. The complex structure in internal DES is the root cause that so far we cannot found the shortcut to decipher it. We use Bouncy Castle library to encrypt and encryption data in transmission, as follows (hereinafter we give some source) :

Encrypt the data of an array of bytes in the client : private byte[ ] encryptData( byte[ ] data) { . . . // Choose DESEngine as encryption engine BufferedBlockCipher cipher = new

PaddedBlockCipher ( new CBCBlockCipher( new DESEngine( ) ) ) ; // Generat the object of password parameters according

to the password(byte[] keybytes) KeyParameter key= new KeyParameter( keybytes) ; // Use the password parameters on initialized cipher

object, true indicate encryption cipher. init ( true, key) ; // Call the method of processBytes () and doFinal () of

the cipher for encryption and // decryption int size= cipher. getOutputSize( data. length) ; byte [ ] result= new byte[ size] ; int len= cipher. processBytes( data, 0, data. length,

result, 0) ; // Write the result of encryption into array cipher. doFinal( result, len) ; return result; . . . }The client using SocketConnection to transmit the

encrypted array to the server, the server receives the encrypted array decrypt it with the same ke, its process is similar to the steps in client:

private byte[ ] decryptata( byte[ ] result) { . . . BufferedBlockCipher cipher = new

PaddedBlockCipher ( new CBCBlockCipher( new DESEngine( ) ) ) ; KeyParameter key= new KeyParameter( keybytes) ; // Initialize cipher, false indicates decryption cipher. init ( false, key) ; int size= cipher. getOutputSize( result. length) ; byte [ ] data= new byte[ size] ; int len= cipher. processBytes( result, 0, result. length,

data, 0) ; cipher. doFinal( data, len) ; return data; . . . }

C. Operation rendering We input my name "YuDafeng" in the client-side of

socket, using DES in BouncyCastle package in the client to encrypt the to-be-sent data. In the socket server, what received is the encrypted data, in the server side of socket, we use BouncyCastle package to decrypt the received data.(See Figure 4 and Figure 5)

Figure 4. The client side

Figure 5. The server side

IV. CONCLUSION

Due to the improving of network bandwidth of the mobile phone , continuous optimization of network performance, and all of these make the application of J2ME network communication have widely prospect, while mobile network application are done by researchers, safety of communication is a necessary and inevitable research subject. Taking Socket connection for example, it demonstrates the research of encryption technology in network communication, and realized the encrypted communications with common encryption algorithm. It is notable that when we use external libraries, . Jar file generated when compiled is bigger, we can use the code obfuscation device (obfuscator) to remove unused classes, and carry on the compression, and confuse the source code, prevent decompilation. Proguard is an open-source Java code obfuscation device that can be integrated into the development environment very conveniently. Using the Bouncy Castle password library, we can easily to encrypt and decrypt the information transmitted, and can use information to generate summary message and use the

1972

digital signature to ensure the integrity and reliability of information, all of these is very important to the network security for the J2ME concerned.

ACKNOWLEDGMENT

This research is supported by Zhejiang Science and technology projects (2009C03016-4) and the Xinmiao Project of Zhejiang Province.

REFERENCES

[1] ISO/IEC 8802-11,ANSI/IEEE Std.802.11, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, 1999.

[2] H. Zheng, Optimizing wireless multimedia transmissions through cross layer design, Proc. IEEE International Conference on Multimedia and Expo, July 2003.

[3] Y. Cheng and G. Church, Biclustering of experssion data,Intelligent Systems for Molecular Biology, 2000, pp. 93-103.

[4] James White, "An Introduction to Java 2 Micro Edition (J2ME); Java in Small Things," icse, pp.0724, 23rd International Conference on Software Engineering (ICSE'01), 2001

[5] Xinhua Zhang, "Design of mobile electronic commerce system based on J2ME," icect, pp.706-709, 2009 International Conference on Electronic Computer Technology, 2009

[6] Jan Krikke, "Samurai Romanesque, J2ME, and the Battle for Mobile Cyberspace," IEEE Computer Graphics and Applications, vol. 23, no. 1, pp. 16-23, Jan./Feb. 2003, doi:10.1109/MCG.2003.1159608

[7] Lars Schneidenbach, Bettina Schnor, Stefan Petri, "Architecture and Implementation of the Socket Interface on Top of GAMMA," lcn, pp.528, 28th Annual IEEE International Conference on Local Computer Networks (LCN'03), 2003

[8] Mahmoud shaker Nasr, Fahtha H. A.salem Azwai, "Friendly home automation system using cell phone and J2ME with feedback instant voice messages," aiccsa, pp.531-538, 2009 IEEE/ACS International Conference on Computer Systems and Applications, 2009

[9] Ahmed AlSum, Ayman Abdel-Hamid, Mostafa Abdel-Aziem, "Application-specific dynamic policy rules (ASDPR) for J2ME," aiccsa, pp.512-516, 2009 IEEE/ACS International Conference on Computer Systems and Applications, 2009

[10] Meng-Lieh Sheu, Tai-Ping Sun, Far-Wen Jih, "Test Socket Chip for Measuring Dark Current in IR FPA," delta, pp.167, The First IEEE International Workshop on Electronic Design, Test and Applications (DELTA '02), 2002

[11] CHERITON, D., AND SKEEN, D. Understanding the Limitations of Causally and Totally Ordered Communication Systems. Proc. 14th ACM Symposium on Operating Systems Principles (Dec 1993), 44 57.

[12] STEVENS, W. R. TCP/IP Illustrated, Volume 1 The Protocols, first ed. Addison-Wesley, Dec. 1994.

[13] S. Lucks, ``On the Security of the 128-bit Block Cipher DEAL,''http://th.informatik.uni-mannheim.de/m/lucks/papers/deal.ps.gz, August 20, 1998.

[14] J.K. Millen, Hai-Ping Ko, "Narrowing terminates for encryption," csfw, pp.39, Ninth IEEE Computer Security Foundations Workshop, 1996

Keye Martin, "Secure Communication without Encryption?," IEEE Security and Privacy, vol. 5, no. 2, pp. 68-71, Mar./Apr. 2007, doi:10.1109/MSP.2007.39

1973