|
SSMS is a Secure SMS Messaging Protocol . The Global Service for Mobile communications (GSM) with the greatest worldwide number of users succumbs to several security vulnerabilities. In the GSM, only the airway traffic between the Mobile Station (MS) and the Base Transceiver Station (BTS) is optionally encrypted with a weak and broken stream cipher (A5/1 or A5/2). The authentication is unilateral and also vulnerable. There are also many other security vulnerabilities and shortcomings. Such vulnerabilities are inherited to the Short Message Service (SMS) as one of the superior and well-tried services with a global availability in the GSM networks. The SMS messaging has some extra security vulnerabilities due to its store-and-forward feature, and the problem of fake SMS that can be conducted via the Internet. When a user is roaming, the SMS content passes through different networks and perhaps the Internet that exposes it to various vulnerabilities and attacks. Another concern is arisen when an adversary gets access to the phone and reads the previous unprotected messages. SSMS is a new secure application layer protocol, that efficiently provides the desired security attributes for the SMS messages to be used as a secure bearer in the m-payment systems. SSMS efficiently provides the confidentiality, integrity, authentication, and non-repudiation for the SMS messages. It provides an elliptic curve-based public key solution that uses public keys for the secret key establishment of a symmetric encryption. It also provides the attributes of public verification and forward secrecy of message confidentiality. It efficiently makes the SMS messaging suitable for the m-payment and m-commerce applications where the security is the great concern.
|
|
|