Investigation of User Data Security for Android-based «Signal» Messenger

Authors: Kucher V. A., Putyato M. M.

Annotation: The article presents the security analysis of locally stored enduser data, as well as the specifics of working with them in the application called “Signal” based on Android OS. The investigated version 5.3.12 was the most recent one up to the time of writing this article. According to a certain scenario, test user data was generated in the application, and then the sources information with critical data was extracted from this data. Using the open-source code available, the mechanisms of the application's operation, including the implementation of protection measures, with the specified critical data were identified and analyzed. A qualitative assessment of implementing protection mechanisms for locally stored critical data was made to distinguish the data with typical protection measures inherent for any mobile applications, and the one specific for applications of this particular class of messengers. As a result, the flaws were discovered related to the inaccessibility of certain protective mechanisms on specific versions of the Android operating system, which could compromise the user data. As an advantage of the messenger protection, the database encryption module could be specified, which provides strong protection against unauthorized access to information due to the lack of a specific version of the assembly for personal computers. This article also proposes an approach to decrypt messenger databases, which requires either an emulator of an Android-based device, or a real mobile device with a specially developed application.

Keywords: mobile apps, android, static analysis, dynamic analysis, decompilation, reverse engineering, database, cybersecurity, data protection