A Mobile-based Authentication Technique (MbAT) for Enhancing Post-Decryption Security in Social Networking Applications

Abstract

The widespread adoption of mobile-based social networks (MbSNs) has made secure messaging a critical concern. While protocols like Signal provide robust end-to-end encryption (E2EE) for data in transit, a vulnerability exists at the endpoint: once a message is decrypted on the device, it is stored in plaintext and vulnerable to unauthorised access if the device is compromised. The study did a simulation using automated tools and manual techniques to scan systems for known security weaknesses; systems, applications, and networks. The goal was to uncover security flaws that could be exploited by malicious actors, allowing organisations or individuals to address them before they can be leveraged for attacks; specifically, MobSF was used. This paper presents the design and requirements analysis of the Mobile-based Authentication Technique (MbAT), a prototype tool designed to operate atop existing E2EE protocols. MbAT addresses this post-decryption vulnerability by implementing an additional authentication layer. It intercepts messages after reception but before display, verifying the intended recipient against the device's SIM card number. Only upon successful authentication is the message decrypted and displayed. The paper details the formal requirements of a Secure Messaging (SM) scheme, the architecture of the Signal protocol, which MbAT enhances, and the comprehensive functional and architectural design of the MbAT tool itself. MbAT's component-based design includes modules for input processing, encryption, authentication, decryption (using the Blowfish algorithm), and output control, ensuring that access rights (read/write/delete) are strictly enforced. This approach significantly reduces the attack surface on mobile devices by mitigating threats of unauthorised message viewing, injection, and deletion.