Bảo mật file cho ổ mây ( A file security application for cloud drives )

Application giúp bảo mật thông tin trên ổ cloud, thesis của Cao Khắc Lê Duy và Lê Sử Trường Giang.......................................................................................................

We wish to express our sincere thanks to the faculty of Information Technology at University of Science for providing us with all the necessary facilities not only for the thesis but also for our whole university life with the faculty.

We are profoundly grateful to Dr Thai-Son TRAN for his expert, thoroughly guidance and his continuous encouragement throughout the process of this project to see that the project rights its target since its commencement to its completion Those words may not contain all our gratefulness to his belief in our ability, but by all our heart, we wish he would always have a good health and an infinite passion to continue

to inspire the next and next student generation as well as have more and more great researches to make the world better and better.

This is also an opportunity for us to express heartfelt gratitude to all of the ers and staff of the Advance Program in Computer Science who helped us directly or indirectly during the journey of university as well as during the thesis project Be- sides, we also wants to give our special appreciation to all professors and instructors who have convey to us the precious knowledge which is definitely the most important preparation for us at the entrance of our career in the enormous world of computer science.

Teach-No one has no friend, especially in the time of university, so we want to give our thanks to all friends, all senior students who have gone through the happiness, the sad- ness, and even all kinds of difficult situation together with us We wish them would always find the success in any thing they desire to do.

Last but not least, we simply just want to express the gratefulness from the bottom

of our heart to our parents , who have always been beside us, taken care of us, given

us the very first important lessons about life since the day we saw this world.

LE SU TRUONG GIANG & CAO KHAC LE DUY

TABLE OF CONTENTS

1.1 Objective and Scope 2

1.2 Brief description 4

1.2.1 Device-based Encryption 4

1.2.2 Authorization Mechanism 4

1.2.3 Backup Mechanism 5

1.2.4 Extendability 6

1.2.5 Files management 7

1.3 Related Works 7

2 Background 9 2.1 Server-side Development 9

2.1.1 Representational State Transfer 9

2.1.2 Python and Flask Framework 11

2.2 Client-side Development 14

2.2.1 Android and the basic knowledge 14

2.2.2 Client Cloud Drive APIs 17

2.2.3 Local Area Network (LAN) Server 18

2.2.4 ReactJS in Web Development 19

2.3 Cryptography 21

2.3.1 RSA Algorithm 21

2.3.2 Advanced Encryption Standard Algorithm 24

2.3.3 AES and RSA Combination 26

2.4 Multi-step Authentication 28

3 Methodology 32 3.1 Front-end Development 32

3.1.1 Android Mobile Application 33

3.1.2 Web Application 52

3.2 Device-based Cryptography 56

3.2.1 Unique and Non-unique Identifiers 56

3.2.2 Multiple Device 57

3.3 Authorization 60

4 Results 63

6.1 Platforms 71

6.2 Performance Optimization 71

6.3 Features Addition and Modification 72

6.4 UI/UX Refining 73

6.5 Satellite Application 73

LIST OF FIGURES

1.1 The mobile OS market shares in Quarter 3 of 2016 [1] 2

1.2 Shares of cloud drive service for SMBs.[2] 6

2.1 16-byte matrix of each plain-text block 24

2.2 Bytes Substitution Step of each AES rounds 25

2.3 Row Shifting Step of AES 25

2.4 Columns Mixing Step of AES 26

2.5 Key Addition Step of AES 26

2.6 Combination of AES and RSA 27

2.7 Multi-step Verification General Flow chart [3] 31

3.1 Credential Use Cases 34

3.2 Files Management Use Cases 35

3.3 Other Use Cases 36

3.4 Entrance to the application 38

3.5 OTP Interaction between root client and server 39

3.6 Main screen 40

3.7 Forms of Bottom Sheet used in the Main Screen 43

3.8 Other screens in the application 44

3.9 LAN Server Access Point 46

3.10General Context Relationship Diagram 47

3.11The Application Specific UI Components Structure 48

3.12Behind-the-scene Structure 50

3.13Decrypting and encrypting packets with SConnectInputStream and SCon-nectOutputStream 52

3.14Web Application Use Case 53

3.15Web Application Main Screen 54

3.16Web Application User Screen 55

3.17Device-based Encryption 58

3.18Device-based Decryption 59

4.1 File browser list and grid mode, otp display screen, loading lock screen 64 4.2 Demo navigation menu, profile screen, LAN Transferring IP Screen, Add new file and folder feature 65

4.3 Demo register screen, transferring task watching screen, bottom sheet menu, log-in screen 66

4.4 Web Application Main Screen Demo 67

4.5 Web Application Dashboard User Profile Demo 67

4.6 Web Application Dashboard Devices Demo 68

C.1 Activity Lifecycle and Fragment Lifecycle [4] [5] 79

D.1 React Component Lifecycle [6] 80

in order to store multiple files across employees The regard way of ing cloud storage has posed a problem of securing hierarchically confi-dential files against some extent of jurisdiction Some of cloud servicesmay implement ways to protect a particular files with password created

us-by the administrator of the storage However, these may only be a porary method to provide required security but not absolutely secureit

tem-In this project, the authors attempt to provide a solution for ing security in a common shared cloud storage based on the idea ofdevice-based encryption As regards encryption, files will be encryptedusing an identifier which can uniquely identify the only device that candecrypt or access the confidential information within Moreover, theauthors implemented an application to offer a service with regardingencryption idea and advantageous flow to avoid losing data in such casethat users lost their unique device Furthermore, two-factor authentica-tion will be applied to authorize a new device to decrypt the encryptedfiles for further modification and display Beside that, the applicationalso centralizes the cloud drive services used by an user, files can beaccessed and managed across different cloud drives in just one applica-tion instead of installing multiple applications to utilize the services

provid-After considering the given time for the project and requirementsfrom our own proposal, the authors decided to develop the applica-tions on only two platforms: An android application for authentication,encryption, authorization as the root device and a website for deautho-rizing the root device in case it is lost or disabled permanently, and forediting profile information The client mobile application plays the role

of accessing files and providing a comfortable service for users to age files Encryption process is only performed within the root devicewith the android platform running

man-Keywords: unique identifier, device-based encryption, two-factor thentication, user-name and password authentication

es-of service for providing enough storage with smallest expenditure Notonly reliable data backup solution is served, instant access from every-where and simple file sharing or large file sender which email cannotaccommodate are key factors to create overarching theme for SMBs.The proposed application that we built is implemented initially on onlytwo platforms as its purpose of providing extended method for data se-curity Therefore, two platforms are enough for the application to showits capabilities of device-based security The authors implemented theclient within Android OS platform which has the biggest share in themobile operating system market, where the demo application can havewide test environment [7] In order to process authentication, autho-rization and backup mechanism for essential data key, we built a mid-

1.1 OBJECTIVE AND SCOPE CHAPTER 1 INTRODUCTION

Android : 86.8 Android : 86.8

iOS : 12.5

iOS : 12.5 Windows Phone : 0.3

Windows Phone : 0.3

Others : 0.4 Others : 0.4

Android iOS Windows Phone Others

meta-chart.com

Figure 1.1: The mobile OS market shares in Quarter 3 of 2016 [1]

dle server Python programming language together with Flask work (this concept will be explained more in the section Background) ,which has flexibility and amplification [8]

frame-1.1 Objective and Scope

The main problem lies in the sharing service of Cloud Services whencomprehensive security for confidential data is not available in an ad-vantageous way SMBs mostly purchase one storage only for multipleextent of purposes In regard to hierarchical storing purpose, it’s un-able to protect data against invalid jurisdiction Additional tools forproviding password to a particular folder or data may accommodatetemporarily these requirements but not entirely secure the data due tohuman factors upon password-based protection as losing password orbeing brute forced Another matter is the pricing, cloud drive services

1.1 OBJECTIVE AND SCOPE CHAPTER 1 INTRODUCTION

only provide a limited space to free users, to gain more spaces for ing files, users have to purchase, so an economical solution in usingcloud drive is using services of multiple providers However, in thatcase, users need to have the applications of those providers installed inthe users’ devices, which leads to the decrease of devices’ free spaces aswell as the inconvenience when managing files across the cloud drives.From the observation above, the authors develop an idea of protect-ing data to avoid human factors which serve the regarding requirementfrom SMBs that is to limit the access to the device level On the otherhand, the authors also attempt to implement multiple cloud drive ser-vices into one client application with extendability to more services andflexibility to changes or addition of functionality across services in thefuture In other words, the authors’ purpose is to build an applicationwhich not only puts users’ files into safe mode but also ease the way ofmanaging files and lower the cost of consuming cloud drive spaces

stor-In order to secure data among shared cloud drive space cally, we implemented an application for providing middle service toencrypt confidential data locally before storing these data back to thecloud The application featured the security with different approachesfrom regular authentication and encryption method to attempts to easethe way of using By applying state-of-the-art encryption method incombination with advanced key system and several additional feature,

hierarchi-as well hierarchi-as utilizing the adaptability of third-party services (cloud driveservices), we built a service to raise a more secured and more efficientsolution for using cloud drives in order to meet common needs of SMB.The application and proposed solution are based on some main con-cepts and requirements: device-based encryption, authorization mech-anism, backup mechanism, extendability to more cloud services, filesmanagement ability

1.2 BRIEF DESCRIPTION CHAPTER 1 INTRODUCTION

be spoofed using modification within the hardware There are currentlytwo well-used unique identifier which is generated globally by the man-ufacturers and associated with every single device separately: MACaddress and IMEI number These two keys serve different purposes,device identification for networking within the internet connection anddevice detection for the Global Positioning System (GPS) Therefore,the mentioned unique identifier is publicly known by the network or thesystem, which make them vulnerable to spoofing To remove such vul-nerability, we attempted to combine unique identifier and non-uniqueidentifier to obtain a single unique and private identifier Furthermore,

we designed a special flow of storing encryption key to enhance thesecurity extent which has device-based property and high level of secu-rity

1.2.2 Authorization Mechanism

As device-based service, our application shrank down the ity of users to device level, which create inconvenient circumstancesfor users to access their encrypted data Although it can be considered

accessibil-to be a trade-off when using this device-based security, we attempted

to provide user a more comfortable service Hence, we implemented

a mechanism of authorization for accessing data from another devicerather than the root device without compromising security level and

1.2 BRIEF DESCRIPTION CHAPTER 1 INTRODUCTION

fundamental principle of the application The implemented mechanism

is mainly based on two-factor authentication in a similar fashion to ular authentication system, for instance, Google, Facebook and Steamalready provided such authentication mechanism One-time password(OTP) is a well-known technique used for two-factor authentication,especially time-based one-time password (TOTP), which are explained

pop-in the Background section After processpop-ing authorization, another vice is added to the device list associated with the user account and

de-is able to access data with device-based encryption Our authorizationmechanism is built upon accumulative property, which can authorize

a finite number of devices and reserve device-based security, that is,despite losing email and password or being spoofed with unique iden-tifiers, encrypted data are still secured against invalid access

With a unique encryption key, there is a possibility of losing the keydue to some human errors, therefore, we implemented backup feature

in this project In term of backup, we designed a mechanism for users

to generate and store a backup key associated with one unique device

in order to avoid losing data permanently when users lost their root vices By providing storing this backup key, users maybe able to reau-thorize another root device and restore encrypted data Backup mech-anism is mainly implemented to remove human factors but still secureconfidential data The main key point to the backup mechanism is that

de-it must be implemented as simplest as possible to avoid performanceharming Moreover, the mentioned mechanism need to be complexenough to avoid vulnerable holes, which can be utilized to trespass thesecurity and steal confidential data In order to achieve such property,

we proposed an idea of splitting the key into two partial keys and storethem in different places, for instance, one of the key will be sent to theuser’s email and the other one will be stored within the server In case

1.2 BRIEF DESCRIPTION CHAPTER 1 INTRODUCTION

of losing the device, the first key will be required for restoring the mainencryption key that is associated with the former device Furthermore,the splitted key is not directly used for encrypting data but encryptionkey of the data This approach of encryption will help to improve per-formance of encryption process due to frequent change of backup keybut persistent property of the main encryption key

Figure 1.2: Shares of cloud drive service for SMBs.[2]

Data from 289 small and medium businesses with 11-1,000 employees

It’s undeniable that there are enormous number of cloud drive vices in the application market Although at present, Google Drive

ser-1.3 RELATED WORKS CHAPTER 1 INTRODUCTION

and Dropbox are dominating the market for SMBs in the amount ofusers [2], but other services such as pCloud, Box, OneDrive, Sync,etc are also potential to make the fight more balanced [9] From thatreality, users’ combination of cloud drive services are large, then it re-quires the application to have ability that allows the authors to imple-ment more services with ease to cover more widely users’ cloud drivetrends Based on the common features of a cloud drive services, anadapter with basic behaviors is built to connect all cloud services intoone hub The uniqueness in behaviors of each cloud service is handled

in each end point At present, the authors decided to choose GoogleDrive and Dropbox as the beginning implemented cloud drive servicesdue to their popularity to SMBs which can be seen in Figure 1.2

1.2.5 Files management

To manage files and folders, it is obviously easier for user when using

a file browser This manner appears first in personal computer (PC)application and it has been also applied to mobile application since thefirst smart phone was introduced Therefore, the authors built the clientmobile application with the appearance of a file browser initially withbasic functions to meet the users’ habit in working with files and foldersover years This file browser will be used to explore the files and folders

in the users’ cloud drives as well as the application local drive

1.3 Related Works

The idea of device-based authentication and authorization is not new

to the introduced technology As stated by an article [10], based authentication is used as an alternative layer of authenticationfor authenticating the machine over the user information Moreover,the referenced article [10] brought up about the “Trusted ComputingGroup (TGC)” that involved numerous large companies of technology,

device-1.3 RELATED WORKS CHAPTER 1 INTRODUCTION

whose main goal is to build up such “standard specifications for puter hardware trusting” in order to improve data storage security Inother words, the regarding standard’s purpose is for authenticate in ma-chine level

com-Not just an idea or any standard specifications that involved in based authentication, there is already authentication system that is builtupon this principle to provide a more secure service for the user For in-stance, the casino and sportbooks “5Dimes” [11] has already providedsuch extent of authentication to their users As proposed by “5Dimes”,their device-based authentication is designed to authenticate a machinesbased upon numerous factors [11]: “browser version”, “security cook-ies”, “language characteristics”, “operating system version”, etc which

device-is far more complex than our proposal of device-based authenticationmethod

For better understanding this paper, the authors list out main pointshere The thesis project is put in context of the field of data security.The core content of this thesis is presented in five chapters: Introduc-tion, Background, Methodology, Results and Conclusions

In this chapter, we present general information about used technologiesand techniques in both of the client and the server applications, whichare demonstrated in three sections: Server-side Development, Client-side Development, Cryptography and Multi-step Authentication.

2.1 Server-side Development

2.1.1 Representational State Transfer

The main server was built upon Python-based Flask framework thatprocess most of general authentication, registration and authorizationrequest from the client Our server was built as a Representational StateTransfer (REST) application, which can run as a stand-alone server.This allow us to create a distributed application that can serve multipleclient framework using Hyper Text Transfer Protocol (HTTP) as theunderlying protocol of hypermedia communication As an ApplicationProgram Interface (API) oriented service, RESTful server is recentlyincluded in frameworks of any major development language due to its

2.1 SERVER-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

lightweight, maintainability and scalability [12, p.33] An ing themes of using RESTful to serve authentication and registrationpurposes for cross-device applications has resulted in a substantial de-velopment of RESTful service upon major development languages andtechnologies, for instance, Machine Learning, Deep Learning and Ar-tificial Intelligence can now be integrated with a RESTful server

overarch-RESTful service work upon several essential principles which make

it a powerful service for both website application and mobile tion The following four principles are considered as key principles ofRESTful service [13, p.407]:

applica-• Addressibility: Each building block (resource) within a RESTfulservice must be identified with an identity, which can be done byusing URIs as the identification In such manner, resources can beretrieve or manipulated easily with unique and global URI withoutconfusion toward data or operations Any type of building block isconsidered as a resource that merit identification: abstract resources

as a process, a step, a request, a response or typical resources asdata objects, rows of data, text fields, etc As constituent resourcesare retrieved and manipulated, it provides prosumers the reusability

of partial components or resources

• Statelessness: Statelessness of RESTful service is addressed in themanner of communication but not functionality There is no state

of the communication between client and server reserved in eitherstorage Instead, data or functional state can be reserved and storedwithin client or server storage for process further operations towardreceived or sent resources by a stateless communication This prin-ciple has several direct impacts on the interacting resources, flexi-bility of the model and scalability of RESTful [13, p.407] In term

of scalability, enormous number of interacting users may seriouslyaffect server’s footprint as it is needed to store client state withinthe server Moreover RESTful service “allows easy rearranging the

2.1 SERVER-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

application at run time” [13, p.407] which enhance the flexibility

of the model

• Connectedness: This principle address the link between resourceswithin RESTful service based on hypermedia, considered as “back-bone of RESTful appplications” [13, p.408] Enormous number ofbooks and thesis have mentioned about this principle as its first in-troduced name by Fielding [14]: “Hypermedia As The Engine OfApplication State” or abbreviated as HATEOAS principle It claimsthat the client may enter or terminate at any state of the workflowswith a proper URIs [13, p.408] It such manner, a workflow can

be more lightweight and dynamic as data retrieved only when it isneeded using a linked URI

• Uniformity: This principle enables RESTful application to processrequests from multiple frameworks or operating systems, for in-stance, website applications and mobile applications, by follow-ing standardized method, name and semantics, for instance, POST,GET, PUT and DELETE are very common standard of communi-cation methods that serve different purposes The used standarddoes not address any of data encoding but operations name and se-mantics, which should be defined upon its means of operations andresources [13, p.408]

2.1.2 Python and Flask Framework

Python is a high-level and interpreted programming language, whichhas a low learning curves for both beginners and experienced develop-ers Python is only effective in building an application which does notdeal with direct communication between application and hardware [15]

or involving concurrency handling [16, p.3] After the release of Python2.0 in 2000, there has been an substantial growth in the number of appli-cations built upon Python [17, p.5] and numerous versions of Python

2.1 SERVER-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

has been released [18] Moreover, Python has become an ing fashion due to its enormous number of strong libraries that supportArtificial Intelligence, Computer Vision, Machine Learning and DeepLearning [19], which recently has been being developed, researchedand applied by most of large industries and co-operations for process-ing big data, for instance, Google, Facebook and Apple are well-knownfor applying these technologies in any major

overarch-In addition to desktop application, Python has also been using forbuilding website application [20] and mobile applications [21] In asimilar fashion to most of popular development language, Python has

a diverse library system which can be contributed by individuals or dustries to provide a certain operation underlying many different extentfrom a simple computation to the most complex algorithmic operation

in-As being supported by a huge community of Python developers, its brary system has been surging in the number of useful libraries Thisenables developers to easily use these libraries in combination with coreoperations for creating more complex and practical applications More-over, Python is an object-oriented scripting language that provide thecapacity of defining classes of objects and inheritance trees for reusabil-ity [17, p.19] Python allows developers to dynamically define, allocateand call a declared variable without a proper static declaration upon itsdata type by using a comprehensive set of data types This flexibility

li-in data representation, declaration and usage has create a more fortable manner for developers [17, p.6] These strength of Pythonhave encourage many industries to build commercial website engineand website application One of the marketable engine being used by amassive population of users is the Google Search engine which crawl

com-an immense number of websites com-and process through a huge set of data

to classify them associated with topics, key-words and even images Asrecorded, Google engine is not the only web service that was built upon

2.1 SERVER-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

Python, there are many commercial and non-commercial websites andapplications have been built [17, p.18] From regarding advantages,

we decided to use Flask, a Python framework to implement our serverfor handling authorization, authentication, registration and data backupoperation

Flask is a micro-framework that was built upon Python ming language that support development of web services Flask can

program-be integrated with both relational database and NoSQL database [20,p.xi] which provide a wide range of options for choosing an appropri-ate database system Deriving one of the core advantages from Pythondevelopment language, Flask has enough solid core and a massive num-ber of extended third libraries for building a maintainable and scalableapplication [20, p.3] There is only two main dependencies that Flaskwas built upon [22]:

• Werkzeug [23] provides Flask with “the routing, debugging andWeb Server Gateway Interface (WSGI) subsystem” [20]

• Jinja2 [24] is the main “template engine”[22] for Flask to createbasic layout of the website By using template engine, Flask devel-opers have saved times for building applications involving frequentupdating and maintenance

Basically, a Flask running server have an object to handle all of requestsfrom server which is referred as an application instance [20] In order

to handle requests, the application instance must follow the WSGI tocol mentioned earlier as one of the main dependencies of Flask Inthe application, routes of resources are defined for handling specificrequests associate with an URL This follows the Addressibility prin-ciple of Representational State Transfer service introduced above.From a valid request with preconditions passed, the server handles therequest by calling the function that is associated with the request URL

pro-2.2 CLIENT-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

and return a proper response object As defined in the standard used

by Representational State Transfer service, a response object is anHTML object or a JSON type object which contains response data ormessages and HTTP status code [20, p.15] The status code of a re-sponse defined in the Request For Comments [25, p.296] as a set offamilies of code which includes: “Informational”, “Successful”, “Redi-rection”, “Client Error” and “Server Error” associated with each firstdigit of the code from 1 to 5 respectively [26, p.505] When receive aresponse, the client begin to assess the status of the response by thesestatus codes, there should be an appropriate action defined by clienttaken upon each of these codes Using a predefined standard of codescreate a consistent handling method between server and client, whichreduce time consumed for response and request interpreting

2.2 Client-side Development

2.2.1 Android and the basic knowledge

Android is a mobile operating system founded by Andy Rubin, RichMiner, Nick Sears and Chris White in 2003 before being acquired byGoogle in 2005 [27] Applications running on Android platform are de-veloped with Android software development kit (SDK) [28, p.7] which

is powered by Java Programming Language [29], and allows the bination with optional C/C++ support framework [28, p.445], but atcurrent stage, the authors’ project have not needed C/C++ support inandroid development

com-Application core components

Android’s application framework lets developers comfortably and novatively create apps using a set of reusable components This partgive readers a quick and very fundamental look on the how an androidapplication works based on the Android SDK

in-2.2 CLIENT-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

• Activity: an instance of Activity class can be considered as the try point of an application to handle interactions with users, manag-ing a window in which User Interface (UI) is drawn This windowmay fill up the screen, or apart of the screen and be floating over ofother windows To implement developers own logic that manages awindow or a screen, they create a subclass extending Activity class,

en-so an Activity is not only a unit to represent user interface tion but also a unit to carry out some under-the-hood calculation.[28, p.77]

interac-An application usually contains many screens, that means the ber of activities is larger than one, and for each application, there isalways one main activity which plays as the very first screen inter-acting with users, called the launcher Each activity can also openanother activity for different purposes from the current one via In-tent [28, p.78]

num-Further than ability to start another activity defined in the sameapplication, an activity can also start the activity of another appli-cation by Intent with appropriate input

An activity has a life cycle which define specific events that takeplace during its living time [28, p.90] It can be found at Appendix

C of this paper

• Service: a Service object is used to perform long-term actions inbackground of Android Platform without user interface, even af-ter the holding application is out of scope (users switch to anotherapplication or to home screen but they have not killed the appli-cation) A service can be started from another context such as anactivity or another service [28, p.79]

• Intent: an Intent instance is used as a messaging object to request

an action from an application component to another ones There arethree fundamental cases of using intents: first is to start an activity,

2.2 CLIENT-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

second is to start a service, and third is to send broadcast messages,which can be understood as global announcements which any run-ning application can receive.[30]

• Fragment: a Fragment instance behave as a portion of UI in an tivity, multiple fragments can combine together to build a completemulti-panel UI of a screen The advantages of a fragment is thereusability and the simplicity when dealing with smaller separate

ac-UI components instead of the whole bundle of components put injust one activity class A fragment instance also has a life cycleaffected directly from the parent activity [28, p.197], the life cyclecan be read for more details in Appendix C

• Content Providers: this is a standard interface of Android ing system that provide a secured and official manner to access anapplication data as well as other applications data stored in the An-droid device It works as an RESTful web service that has the basicmanipulation such as insert, update, query, delete [28, p.79]

operat-• AsyncTask: this component allows developers to perform works on

a different thread from UI thread and return the results to UI thread.The result can be an update of a progress or the final output of thewhole work.[28, p.143-154]

Application User Interface

In android, building user interface includes main concepts: layout,menus, custom components, styles and themes However, basically,layout is the most fundamental concept because it defines the visualstructure for a UI components like activities, fragments, or app wid-gets Layouts can be declared in two ways:

• Pre-declaring UI elements in XML files: Android uses XML mat to define user interface, so it also provides some overhead

for-2.2 CLIENT-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

vocabulary corresponding to built-in View classes and subclasseswhich can be utilized and combined to speed up the UI buildingprocess The advantages of this approach are the reusability to com-bine with another layout xml declarations to build a more complex

UI element, the separation from the logical part handling eventsand changes in UI interface, the coherent visualization of the An-droid Visual Editor help developers recognize the defects and bugsmore effectively One more thing, menus are also usually declared

in an XML file before hand

• Initiate UI elements at run-time: As stated above, each XMLtag or element in android development correspond to a native Viewclass or subclass Therefore, a View object or instance can be cre-ated programmatically and then attached to a presented parent view.This manner allows views to be dynamically initiated and added tothe user interface at run-time, the UI is flexible to changes, but it issomehow challenge the developers because there is no preview forthem to thoroughly observe the behaviours of the UI

2.2.2 Client Cloud Drive APIs

A Cloud Drive is a service that bases on web technology to provide age space on a remove server, as well as a tool set to manage data stored

stor-in that storage [31] API, which was aforementioned without clear planation, is a contract established between the component providingthe supportive functionality and the component utilize that functional-ity (client) [32, p.1] Therefore, Client Cloud Drive APIs are the sets ofsupportive adapting tools to receive the requests for data in Cloud Drivefrom the client, process the request, send request to the cloud drive re-mote server, get back the responses, process the responses and returnappropriate data to the client The main speciality of this kind of API

ex-is the integration at client application to ease the sending request andreceiving response tasks to the API in the remote server whereas the

2.2 CLIENT-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

API of this project is a server API that control some of security tasks ofthe client application

As stated in the Introduction, Google Drive and Dropbox are twodrives selected to be the initial drive services integrated with this projectapplication, therefore, their client APIs are implemented at the clientapplication to managing data on the remote more efficiently Becausetwo drive APIs have different providers, the behaviours of each one isdefinitely different in some way, but they still follow some standards of

a cloud drive Understanding that matter, the authors attempt to build

an extremely neccessary adapter to connect different client drive APIsinto a common API

2.2.3 Local Area Network (LAN) Server

A local area network or LAN is a computer networks which allowcomputers to each other in an specific limited area like a neighbor-hood, a school, a lab, an university campus or an building[33, p.5] Aserver on the other hand is a computer that provides dedicated servicessuch as file service, web service, remote access, database, monitoring,thread management, email service [34, p.2-3] From those definitions,LAN Server can be understood as a computer play the role of a serviceprovider on a limited area computer networks, which in the context ofthis project, is the android device installed the output application of theproject

For instance, Alfresco JLAN is an application which can be ered as an embedded virtual file system that is able to be integrated

consid-to Java client and server with built-in CIFS (Common Internet FileSystem) JLAN with CIFS can be applied to LAN to work as anLAN Server to manage shared data as well as user-specific data byusing NTLM (NT LAN Manager, which is used by Windows NT)

2.2 CLIENT-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

Authentication.[35]

2.2.4 ReactJS in Web Development

First, understanding what is Model-View-Controller (MVC) is an portant thing to do MVC is a standard pattern for expressing UI of asoftware It explicitly separates an application into three main modules

im-to distinguish the internal process of data from the manner that data isshown to and interacted with users.[36]

React is a intellectual product of John Walke, a software engineerworking at Facebook [37] React is recommended as a technologyfor future web development stem from its ease to develop and its ef-ficiency [38] It is a library of UI components which you can extendfor your own sakes, it is not a framework but it can be associated withanother frameworks such as AngularJS, Ember, etc or can be used as

a standalone library combined with another language such as HTMLand CSS [39, p.2] However, React depends on Node.js - a scalablejavascript platform [40], so Node.js is required to be set up on the de-velopers’ computer beforehand That is the preparation for web devel-opment with ReactJS And for exporting a React project to production,there are several ways recommended by React creator, then the authorschoose Webpack as the production build tool for the web applicationdue to its more powerful control over the modules despite the complex-ity of the initial configs [41]

React Basic Concepts

React or React JS works with Component-Based-Architecture concepts[42], so in this section, the very fundamental knowledge about a com-ponent in React:

• Component: it is a neccessary thing to know about the identity

of a very component A component in terms of UI building is apiece of element structuring the whole UI of an application [42]

2.2 CLIENT-SIDE DEVELOPMENT CHAPTER 2 BACKGROUND

According to the authors, its definition can be mapped to a fragment

in Android Development mentioned in the section of Android andthe basic knowledge In React, to declare a component, the classComponent needs to be extended

• render: the only required method in a React component, it is apart in the component life cycle, where the host view component isattached to the main UI.[39, p.7]

• props: the data inputted from the outside to a component when it iscalled, it cannot be updated during the run-time If props are not setwhen component is invoked, it can be set to some default values.[39, p.3-5]

• states: the internal data of a React component, it can be considered

as variables, these variables can be initialized with some values andcan be updated during the run-time [39, p.6]

• propTypes: this feature allows you to state a specific type for eachprops sent to the component, it is useful for debugging thanks tothe invoked errors every time you send some wrong props into thecomponent.[39, p.8]

• displayName: this feature is used to identify the component andthis property is automatically set if you do not define it, only fordebugging purposes.[39, p.8]

• Lifecycle: this concept is similar to the lifecycle in appendix droid Activity and Fragment Lifecycles The component in Re-act also has pre-defined methods to manage the component duringits presentation on UI, section React Componnent Lifecycle inthis paper gives more details about this concept

An-2.3 CRYPTOGRAPHY CHAPTER 2 BACKGROUND

2.3.1 RSA Algorithm

RSA is a cryptosystem that is currently well-researched and applied

in most of security application as a system of key exchanges amongseparate server or client There are several cryptosystem which wasdesigned based on RSA with a higher extent of efficiency and security

in some particular circumstances RSA is designed by Ron Rivest, AdiShamir and Leonard Adleman as a public-key and asymmetric cryp-tosystem [43, p.3]

According to Abhijit Das and C E Veni Madhavan [44], public-keycryptology is a solution for securing transmission of message by rea-sonably involving with abstract mathematics to efficiently encrypt themessage by a complete different key or technique than its decryption.Besides RSA, Diffie and Hellman algorithm is also one of the funda-mental cryptology that use the same mechanism of mathematics withRSA, which is modular exponentiation, but more vulnerable due to itsshared secret [45] The invention of public-key cryptology basicallydue to the problem of securing communication between two person,which is commonly solve by sharing the same secret key among twopeople and encrypt their message by that secret key However, sharingthe same secret key poses a threat in the synchronization process, where

2.3 CRYPTOGRAPHY CHAPTER 2 BACKGROUND

two parties exchange their key Therefore, public-key cryptology came

to existence for solving regarding problem Public-key cryptography isalso known as asymmetric cryptography since it require a pair of keysfor encryption and decryption, unlike symmetric cryptography whereonly one shared secret key for both operations [46]

In practice, RSA algorithm is not used for bulk data encryption due

to its slow performance in comparison with Advanced Encryption dard Algorithm[47] However, RSA algorithm can fill the vulnerablehole of Advanced Encryption Standard Algorithm to secure the en-crypted data by playing as secret key encryption for key sharing [47].Therefore, RSA algorithm is often applied in combination with Ad-vanced Encryption Standard Algorithm for bulk data encryption that

Stan-is well-used in storage software, for instance, cloud storage services.However, brute-force attack is considered harmful to public-key cryp-tography by applying “invertable mathematics function”, but with amassive scale of complexity depends on the modulus length [48] There-fore, it’s very essential to generate a proper modulus that turn brute-force attack to impractical but enough for a practical performance ofencryption and decryption

Typically, RSA Algorithm have four common steps: Key Generation,Key Distribution, Encryption and Decryption [46] For Key Generationand Encryption step, both plain-text and cipher-text must be integerswith the length between 0 and n − 1 with some n [48] General length

of number n is 1024 or multiplication of 1024 in bits [48]

Key Generation: [48]

1 Choose 2 distinct prime number q and p

2 Compute n = p × q, n is modulus of both private and public key

2.3 CRYPTOGRAPHY CHAPTER 2 BACKGROUND

3 Compute λ(n) = (p − 1) × (q − 1) which is Carmichael’s lambdafunction [49], this integer will be kept privately

4 Choose an integer D that satisfy:

(

0 < D < λ(n)gcd(λ(n), D) = 1which make D and λ(n) co-prime

5 Compute d ≡ e−1 mod λ(n) which means d is modular tive inverse of e mod λ(n) [50, p.80]

multiplica-6 In combination with the public modulus n, D is the public nent, which will be distributed as the public key and d is the privateexponent which is kept locally

expo-Key Distribution:[51, p.164] When a pair of keys is already ated properly, the party which is going to receive the encrypted criticalinformation will send its generated public key to the sender With thepublic key of the pair, the sender then encrypt essential data using thepublic-key and send back the encrypted data back to the receiver Usingthe private key of the pair, the receiver can decrypt the data whereas noother party can encrypt the data without the private key

gener-Encryption: [46] Given the public key (n, D) with two components:the public modulus n and the public exponent D, with the plain-text

a The sender can encrypt the data with encryption function: e = xDmod n

Decryption: [46] Give the private key (n, d) with two components:the public modulus n and the private exponent d, with the encrypteddata e The receiver can decrypt the data with encryption function:

a= ed mod n

2.3 CRYPTOGRAPHY CHAPTER 2 BACKGROUND

2.3.2 Advanced Encryption Standard Algorithm

Prior to Advanced Encryption Standard (AES), Data Encryption dard (DES) was a well-used encryption standard as well as it’s inheritor,triple-DES, an improvement of DES [] Due to weaknesses of DES, forinstance, the short length of DES key is vulnerable to brute-force at-tack [52, p.1157], the National Institute of Standards and Technology(NIST) required a alternative encryption standard to replace DES andRijndael by Joan Daemen and Vincent Rijmen became AES that sat-isfy new standard requirements [53] AES is currently the most popu-lar symmetric encryption that encrypt and decrypt data with one sharedkey, which is a strong cryptography for password-based security butnot secured messaging system

Stan-AES was designed upon the principle of substitution-permutationnetwork (SP-network) [53], that is a combination of substitution andpermutation AES has the symmetric and parallel structure which helpagainst cryptonalysis attack, provides flexibility in implementation andadaptability to modern processors [54, p.107] Typically, AES processcertain number of rounds on a divided block of plain-text with the samesize key block [54] Conceptually, a block of plain-text can be best de-scribed in 4 × 4 matrix as figure 2.1:

Figure 2.1: 16-byte matrix of each plain-text block

According to Hans Dobbertin and Vincent Rijmen in their book [53],substitution box (S-box) is considered the most important component

of AES that influence its strength and weaknesses As described in thebook [53, p.3], S-box has three main components within: “inversion

2.3 CRYPTOGRAPHY CHAPTER 2 BACKGROUND

over GF(28)”, “transformation by a GF(2)-linear map L” and tion of constant c = 0x63” From these components, the S-box S(x)

“addi-of AES is defined as “inversion in the multiplicative group “addi-of GF(28):S(x) = A(1x) with 10 = 0 where A(x) = L(x) + c is “a GF(2)-affine per-fumtation of GF(28) Hans Dobbertin and Vincent Rijmen analyzedthat as advantages of “1x on GF(2n)”, S-box constructions have severalcritical properties [53]

A typical number of rounds depends on the exact key length, but mally rounded to 10 rounds for 128-bit keys, 12 rounds for 192-bit keys

nor-or 14 rounds fnor-or 256-bit keys Each round AES algnor-orithm contains 4steps [54]:

Byte Substitution: In this step, each of ai, j with a S(ai, j) whereas S()

is an S-box The result is demonstrated in the figure 2.2

Figure 2.2: Bytes Substitution Step of each AES rounds

Shift Rows: After bytes substitution, AES shift each of row in theblock by its row index number (zero-based indexing), for instance, thefirst row have index = 0, then their is no shift in the first row, but thesecond row will shift by index = 1

Figure 2.3: Row Shifting Step of AES

Mix Columns: In this step, a invertible linear transformation is appliedfor combining 4 bytes within a column by multiplying each byte by a

2.3 CRYPTOGRAPHY CHAPTER 2 BACKGROUND

Figure 2.4: Columns Mixing Step of AES

Round Key Addition: In this step, using Rijndael’s key schedule [55],the substituted key is obtain from the main key Then add the substi-tuted key by applying XOR operation on each of substituted key bytewith the corresponding mixed byte to have the final encrypted bytes

Figure 2.5: Key Addition Step of AES

Overcome the DES by eliminating its weaknesses and reduce the sibility of generating equivalent keys with key scheduling, AES is pop-ularly used as a successor of DES Conceptually, AES design can with-stand differential attack and with a efficient number of rounds, no bettercryptography attack can non-exhaustively against AES

As a symmetric cryptography, AES is not applicable for messaging tem or data exchanging system with a randomly generated key or with-out a fixed predefined key In contrast, performance of RSA algorithm

sys-is substantially slow in encrypting and decrypting large data Therefore,combining RSA and AES can efficiently overcome their drawbacks asAES is used for huge data encryption and RSA is used for AES secret-key exchanging

2.3 CRYPTOGRAPHY CHAPTER 2 BACKGROUND

As described in figure 2.6, following steps are taken in the system of

Figure 2.6: Combination of AES and RSARSA and AES combination:

Step 1: The receiver generate a pair of RSA keys including: the publickey and the private key

Step 2: The receiver send the public key to the sender

Step 3: The sender generate randomly an AES key

Step 4: The sender encrypt the data with generated key and AES rithm

algo-Step 5: The sender encrypt the AES key with the received public keyStep 6: The sender response to the receiver with the encrypted dataand the encrypted AES key

Step 7: The receiver decrypt the encrypted AES key with the generated

2.4 MULTI-STEP AUTHENTICATION CHAPTER 2 BACKGROUND

private key

Step 8: The receiver use decrypted AES key to decrypt the data

Without sending private key anywhere else rather than itself, no otherparty than receiver can decrypt the AES key With a considerable per-formance of AES algorithm, the data will be encrypted in a fast pace

In the sending message, there are only encrypted data and encryptedkey with a public key, which cannot be decrypted or compromised byany technique rather than exhaustive brute-force attack Therefore, theencrypted data is completely secured In our project, the combination

of AES and RSA will be modified following device-based principle

2.4 Multi-step Authentication

As can be easily recognized through the name, Two-Factor tion is a type of Multi-Factor Authentication which is a manner to verifythe right to access of a user by asking the user to provide more than oneevidence (traditionally a password) to prove that user is allowed to getthe access to the system behind The evidence is an unique object thatrelates to the user that object is defined in four categories [56, p.26]:

Authentica-• ’something you know’: usually the password, or something the userhas registered with the system before

• ’something you have’: the object that the user is given to identifyhimself or herself by the system such as Identity Card, SecurityToken

• ’something you are’ : the biological object can define who the useris; fingerprint, eye vein can be considered as examples

• ’something you do’ : the object that is the product from one of theuser’s activities such as handwriting signatures, voices, etc

2.4 MULTI-STEP AUTHENTICATION CHAPTER 2 BACKGROUND

Multi-factor authentication by that way is simply the addition of one ormore security layers Hence, Two-factor authentication can be under-stood as the process that verify users’ access with two security layers inwhich one is the password - ’something you know’ and the other one is

an instance of three other aforementioned categories of factor authentication has become popular to internet users today [57],

evidence.Two-it is more secured than the tradevidence.Two-itional way wevidence.Two-ith single password tection [56, p.27] but it still satisfies the requirement of conveniencebecause it just increases one more layer of security - the lowest level ofmulti-factor authentication

pro-Nevertheless, multi-factor authentication is a child set of multi-stepauthentication There is nothing difficult to understand about multi-step term, it means the system need a user to do more than one step

to grant the access he or shee needs More particularly, in those steps,the evidence the user provide to prove the identity can be in the sameaforementioned categories, while the multi-factor term requires the ev-idence in each step to be in different categories to each other.[58]

In the case different from the multi-factor case in the multi-step thentication set, the familiar additional form of the additional step tothe traditional password verification step is One-time Password (OTP)which can be found in Google Authenticator, Steam Guard Authentica-tor, etc OTP can be defined as automatically generated string includingnumeric characters only or the combination of numeric and alpha char-acters which is used for authenticating a user access to a system andwill be invalid right after it is applied or a change of some conditionssuch as an expired session or cancelled transaction and so on [59] Inthe case of both Google Authenticator and Steam Authenticator, the va-lidity of the OTP is based on time, or in other words, they use TOTP(Time-based One-time Password); the difference between these two au-

au-2.4 MULTI-STEP AUTHENTICATION CHAPTER 2 BACKGROUND

thenticator is the destination of the OTP, Google sends OTP to the user’smobile phone via message service, whereas Steam Guard sends OTP tothe mobile phone as well, but via a mobile client application

2.4 MULTI-STEP AUTHENTICATION CHAPTER 2 BACKGROUND

Figure 2.7: Multi-step Verification General Flow chart [3]

work-To create an effective uniform User Interface for client applications,the authors have studied a little bit about the manner of combining col-ors There are many ways to combine colors in an user interface such

as Analog, Complementary, Split Complementary, Triad colors which

is based on Color Wheel, and some other ways like Monotone matic and Monotone Achromatic In this project, the authors appliedthe Split Complementary Colors along with some adjustments in theshades of each color to pick the color scheme for the user interface.The following are the colors used in the client applications under hexcode representation

Chro-• #4fc3f7: the primary color which is used on info-display nents that needs attraction from users such as toolbar or importantinformation panel

compo-• #0093c4: the darker color of the primary color, used for some plementary component such as status bar background in the androidapplication

sup-• #ffd54f: the secondary color which is applied to components that

3.1 FRONT-END DEVELOPMENT CHAPTER 3 METHODOLOGY

can be interacted with users or highlighted For examples, buttonsand progress bar

• #c8a415: this color is used for the content of interactive nents

compo-Beside those colors, white and black are also used as must-have ors White is for background of regular components, and black is forthe usual text For another appearance aspects, the authors also try toapply the principles of Material Design , which is a set of applicationdesign rules popularized by Google [60], about icons, views behavior,etc to the demo application

col-3.1.1 Android Mobile Application

The application is developed with Android Studio, the minimum OSVersion is Android Ice Cream Sandwich The application also needsusers’ devices to be installed Google Play Services for communicat-ing with Google Drive In addition, the permissions to read/write datafrom/to external storage (sd card), to connect to internet, access GoogleAccounts, Wifi and Network state are also needed

Use Cases

For lower complexity and better illustration, the authors divide the usecases into three groups in Figure 3.1 Credential Use Cases, Figure 3.2Files Management Use Cases and Figure 3.3 Other Use Cases

Authentication is the very first case that every user will do whenusing the demo application There are four cases shown in the Figure3.1

1 Log in: Users will carry out this step to use the demo applicationfunctionalities Username and Password are needed for this step Inaddition, only authorized device can go through this step withoutthe confirmation from the root device