A secure approach for SMS in GSM network

IJCSET, 2011

Global System for Mobile (GSM) is a second generation cellular standard developed to cater voice services and data delivery using digital modulation. Short Message Service (SMS) is the text communication service component of mobile communication systems, using standardized communications protocols that allow the exchange of short text messages between mobile phone devices. SMS will play a very vital role in the future business areas whose are popularly known as m-Commerce, mobile banking etc. For this future commerce, SMS could make a mobile device in a business tool as it has the availability and the effectiveness. The existing SMS is not free from the eavesdropping, but security is the main concern for any business company such as banks who will provide these mobile banking. Presently there is no such scheme which can give the complete SMS security. Now, a new security scheme for improving the SMS security is proposed here. At first plaintext of SMS would be made as cipher text with the help of existing GSM encryption technology, then this cipher text would be digitally signed with the help of public key signature. These will be made compatible to existing infrastructure of GSM security. The proposed scheme will give total authenticity, data integrity, confidentiality, authorization and non-repudiation which are the most essential issues in m-commerce or mobile banking and in secure messaging.

2014

Billions of text messages are sent daily through GSM networks sent in plain text format which makes them susceptible to various attacks. With the increasing number of software crackers available for free in the internet, studies have shown SMS continues to suffer from several security vulnerabilities and loopholes. The aim of this project was to develop a secure messaging platform for Java enabled phones to securely send encrypted short messages via the GSM network.. The application was developed in MDIP 2.0 and CDLC 1.1configurations and applied symmetric encryption concepts. The experimental results revealed that the mobile application was able to encrypt, decrypt, send and receive text messages without adding changing the size of the packets .

5th International Conference on Modeling, Simulation and Applied Optimization

Short Message Service (SMS) is one of the mobile phone services widely used by the public worldwide. One of the main issues during the communication is information security and privacy. Digital Signature algorithms can be applied with the SMS cipher to prevent the message information from the repudiation attack. There are various existing algorithms for digital signature like RSA, DSA and ECDSA. Out of these, ECDSA has been proved and found the best algorithm in terms of efficiency and cryptanalysis. But ECDSA has some drawbacks also, and because of that some authors have proposed variant algorithms of ECDSA. In this paper, we propose solutions to an attack on digital signature that has been found on a variant of ECDSA. At the end of this paper, conclusion with the suitable solution approach with its security analysis is summarized.

The SMS based Mobile communications require high security in the network. Information as well as SMS security is important and challenging part for mobile communication. Some ethical hackers or attackers access the illegally sensitive data or messages. For solve this important issue and problems. Many users' uses the various algorithm and techniques for provide security to data and SMS in communication networks. Some users use encryption as well as decryption algorithms. Many people's implement own algorithm for SMS or data security in the communication network. The algorithms like AES, DES, Triple DES used by many authors for encrypt or decrypt SMS for communication. In the Wireless communication network for reducing processing time i.e. encryption or decryption time, developers uses various available algorithms. New algorithms implemented using AODV Protocols in wireless communication networks. In this paper we have propose the survey of SMS encryption as well as decryption techniques, algorithms, models use in communication network and security. The concept of Server key secure and Sender key secure messaging for SMS security.

Proceedings of SAICSIT, 2004

Short Message Service (SMS) has grown in popularity over the years and it has become a common way of communication. SMS is usually used to transport unclassified information, but with the rise of mobile commerce it has become a popular tool for transmitting sensitive information between the business and its clients. By default SMS does not guarantee confidentiality and integrity to the message content. Therefore SMS is not totally secure and reliable. This affects the Wireless Messaging API (WMA)-an optional package for Java 2 Micro Edition that enables SMS messaging on Java-enabled cellular phones. This paper proposes a protocol that can be used to secure a SMS connection between a WMA client and SMS-based server.

2015

Short message service (SMS) is most important communication medium in many daily life applications, including healthcare monitoring, mobile banking, mobile commerce, and so on. when a SMS send an from one mobile phone(MS) to another MS (Mobile subscriber), the information contained in the SMS transmit as plain text. Sometimes this information may be confidential like account numbers, passwords, license numbers, and so on, and it is a major drawback to send such information through SMS while the traditional SMS service does not provide encryption to the information before its transmission, However telecom service providers are ensuring at server end some security provided as Using A3,A8 and Kc algorithms, but not providing during the message transformation .In this paper, we propose an efficient and secure protocol called User End secure SMS along with integrity key check, which provides end-to-end secure communication through SMS between end users. The working of the protocol is pre...

… Conference on Machine …, 2009

In this paper, we describe a system for securing SMS messages during and after its transmission over mobile network. The system can also be used for protecting personal data for users who desire to keep their confidential data stored on their mobile phones. The system has been implemented employing the AES encryption algorithm and using symmetric-key encryption. The system has been tested using various devices. The testing and validation of the system is also reported.

2015

This thesis analyzes the security of Short Message Service (SMS) which is a permanent service on mobile networks. Mobile networks have evolved from GSM Technology for more than 20 years. Security is a headline issue these days and use of SMS service has become an extension of our lives and plays a paramount role in daily chores since its inception with most immediate and efficient form of communication. Due to the available functionality of the mobile networks, SMS are exposed to different kinds of attacks. SMS is one of the fundamental features of the mobile phone and is considered to be a fascinating area for attackers. For the increasing demand for secure SMS, it is important to perform vulnerability analysis of SMS implementation and finding out additional security vulnerabilities within the network, and smart-phones. With the existence of the mobile phone over the years, SMS has been widely embraced as a standard for quick and easy communication. SMS has proceeded from normal message service to two-factor authentication (2FA) scheme for account login and registering. Ever since the growing mindshare and outsized new security valuations to the users for their accounts, SMS service provides best possible forms such as one-time password (OTP) and mobile-Transaction Authentication Number (mTAN) for 2FA. The most important and challenging part of mobile communication is SMS security as attackers illegally access the sensitive data through messages and sometimes compromising the device. If these themes are not addressed adequately, through security controls and measures, the underlying threats could compromise the confidentiality, integrity and availability of SMS service. A detailed study of the mobile networks, SMS protocol structure, and various attack methods were investigated to understand the different properties of authentication and encryption methods that can be applied to counteract the exploits for the applicability of SMS messages in near future. Security Analysis of SMS and Related Technologies iii Acknowledgement I am grateful to numerous local and global peers who have contributed towards shaping this thesis. At the outset, I would like to express my sincere thanks to Berry Schoenmakers for his advice during my thesis work. As my supervisor, he has constantly encouraged me to remain focused on achieving my goal. His observations and comments helped me to establish the overall direction of the research and to move forward with some detailed investigations. He has helped me greatly and been a source of knowledge to me. I wish to extend my gratitude to Benne de Weger and Jerry den Hartog for accepting to be in the evaluation committee of my final examination of thesis. My sincere thanks to everyone who has provided me with kind words, a welcome ear, new ideas, useful criticism, or their invaluable time, I am truly indebted. My gratitude also goes out to my younger brother Sanket Chaudhari , my family and friends in Eindhoven and India who helped me all the way during my Master's and during the thesis with any technical problems on the way. I must acknowledge the academic resources that I have got from Technical Univeristy of Eindhoven. Last, but not the least, I would like to dedicate this thesis to my family, for their love, patience, and understanding. Security Analysis of SMS and Related Technologies v Contents Contents vii List of Figures ix List of Tables xi

IJCA, Published by Foundation of Computer Science, New York, USA, 2012

Asymmetric algorithm like Diffie-Hellman can be used to encrypt the SMS message in M-commerce or mobile banking system. Password key exchange protocol based on Diffie-Hellman key exchange algorithm allows users to exchange a secret key that can be used in message encryption. The security of this protocol can be increased by using the MAC (message authentication code) or hash function with the encryption. These functions act as an error detecting code or checksum. This paper throws a light on the comparative analysis of both the authentication functions separately in password key exchange protocol. By analyzing some of the security issues viz. (i) brute force attach and (ii) cryptanalysis, it can be very well shown that the MAC function is more secure than hash.

IAEME PUBLICATION, 2014

Short Message Service (SMS) has become common in many of our daily life applications. Sometimes SMS is used to send confidential information like password, passcode, banking details etc. But in traditional SMS service, information content is transmitted as plain text which is not at all secure. It’s because when SMS is transmitted as plain text without using any encryption mechanisms it is easily subjected to many attacks. In this paper, we propose a protocol called SecuredSMS which make use of the symmetric key shared between the end users thus providing secure and safe communication between two users. The analysis of this protocol shows that it is highly secure as it is able to prevent the information content from various attacks like replay attack, man-in-the-middle attack, over the air modification and impersonation attack. SecuredSMS can be activated in the phone using PIN number. It also provides a way for remote destruction and remote locking in the case if the phone is stolen or lost.