Mitigating attacks on open functionality in SMS-capable cellular networks
IEEE/ACM Transactions on Networking (TON)
A PK-SIM card based end-to-end security framework for SMS
Computer Standards & Interfaces
EC-Web 2009 Proceedings of the 10th International Conference on E-Commerce and Web Technologies
An Extensible Framework for Efficient Secure SMS
CISIS '10 Proceedings of the 2010 International Conference on Complex, Intelligent and Software Intensive Systems
Security analysis and enhancements of 3GPP authentication and key agreement protocol
IEEE Transactions on Wireless Communications
Secure communication mechanisms for GSM networks
IEEE Transactions on Consumer Electronics
Hi-index | 0.00 |
Nowadays, the SMS is a very popular communication channel for numerous value added services (VAS), business and commercial applications. Hence, the security of SMS is the most important aspect in such applications. Recently, the researchers have proposed approaches to provide end-to-end security for SMS during its transmission over the network. Thus, in this direction, many SMS-based frameworks and protocols like Marko's SMS framework, Songyang's SMS framework, Alfredo's SMS framework, SSMS protocol, and, Marko and Konstantin's protocol have been proposed but these frameworks/protocols do not justify themselves in terms of security analysis, communication and computation overheads, prevention from various threats and attacks, and the bandwidth utilization of these protocols. The two protocols SMSSec and PK-SIM have also been proposed to provide end-to-end security and seem to be little better in terms of security analysis as compared to the protocols/framework mentioned above. In this paper, we propose a new secure and optimal protocol called SecureSMS, which generates less communication and computation overheads. We also discuss the possible threats and attacks in the paper and provide the justified prevention against them. The proposed protocol is also better than the above two protocols in terms of the bandwidth utilization. On an average the SecureSMS protocol reduces 71% and 59% of the total bandwidth used in the authentication process as compared to the SMSSec and PK-SIM protocols respectively. Apart from this, the paper also proposes a scheme to store and implement the cryptographic algorithms onto the SIM card. The proposed scheme provides end-to-end SMS security with authentication (by the SecureSMS protocol), confidentiality (by encryption AES/Blowfish; preferred AES-CTR), integrity (SHA1/MD5; preferred SHA1) and non-repudiation (ECDSA/DSA; preferred ECDSA).