Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Authentication, Security, Secrete Key, Mobile Phone

advertisement 
A Secure Symmetric key utilized for EasySMS convention
Geetha L S
Thejaswini S
M.Tech Student
Assistant professor
Department of CSE
SIT, Tumkur
thjs_bharath@yahoo.com
Department of CSE
SIT, Tumkur
geethals200@gmail.com
ABSTRACT
The widely used communication technology between
different end users is SMS (Short Message Service).Text
Messaging can be termed as an act of composing &
sending an electronic message between two or more
mobile phones. Nowadays many applications in the real
world are using SMS for communication. But when end
users communicate by sending SMS, the information
contained in it is transferred as plain text and sometimes
the information may be confidential so this will be a
major constraint with respect to security. The possible
assaults can be SMS Disclosure, Replay assault and
Man-in-the Middle assaults. Therefore one cannot trust
this traditional SMS to send sensitive information like
passwords, account number etc. To provide security for
the SMS a protocol by name EASYSMS has been
proposed. This protocol is completely based on
symmetric key cryptography.
Keywords
Authentication, Security, Secrete Key, Mobile Phone
INTRODUCTION
Short Message Service abbreviated as SMS, a platform
that uses mobile cellular network to transmit and receive
messages between end users across the world. The
world’s first SMS was sent in 1992 through Vodafone
network by Neil Papworth[1]. The SMS service became
very popular and being used by many applications like
Transportation system[2] where a hand crafted GPSGSM unit is set on a vehicle and clients can inquiry
server over SMS with their own non-GPS empowered
PDAs, house heating systems, way2sms which is known
for sending bulk messages, txtWeb which is used by
many users to get weather updates, movie information
and cricket scores by sending messages. SMS is an
instant message that can have up to 160 characters of
length that can be sent to phones. There are three sorts of
alternatives offered by the transporters; they are free
SMS, expense per SMS and Monthly charge for SMS.
SMS can be sent in several ways it and depends on the
service provider. Not frequently but sometimes, we used
to send trusted data to our crew individuals like secret
key, credit number additionally bank pass book number
from one cellular telephone to another through system.
While sending the data over the system meddler can read
the data since that will be in the plaintext format. SMS
use is threatened with security concerns like SMS
disclosure, man-in-middle assault[3] and replay assault.
SMS messages are transmitted as plaintext between
portable client and the SMS center utilizing remote
system. When sensitive data is exchanged using SMS it
is crucial to protect the information from eavesdroppers,
as well as ensuring the origin of the message is from the
genuine sender. The vulnerabilities includes: (i)An
attacker may access the data stored on the Mobile station
and there is no guarantee that a message will be
delivered to its recipient (ii) An attacker may inject
messages into the network with a spoofed id.
RELATED WORK
A secure extensible and efficient SMS(SEESMS)[4] a
framework of Java which enables two peers to exchange
SMS which is encrypted and the communication between
peers is secured by using public-key cryptography and
the key-exchange process is implemented by using a
novel and simple security protocol which minimizes the
number of SMS messages to use. SEESMS supports the
encryption of a communication channel through the
ECIES[5] and the RSA algorithms.
A secure SMS system should atleast concentrate on
solving problems like: (i) Authentication (ii) Integrity
(iii) Confidentiality. For solving these problems a high
security framework of SMS has been chosen where it is
based on public key infrastructure and will ensure the
confidentiality of messages, integrity and will also
provide more m-commerce services [6].
A secure application layer protocol called SSMS[7] has
been considered to efficiently embed the desired security
attributes. This concept provides an elliptic-curve based
public key solution that makes use of public keys for the
establishment of secrete key. The [6] and [7] generate
secret key but also generates huge overhead.
SMSSec protocol[8] is used to protect an SMS
communication between end users that is sent by java
wireless messaging API. This protocol provides reliable
and low bandwidth solutions.
Due to the physical constraints of cellular telephones it is
necessary to consider a protocol that would make the
least utilization of assets(like computing resources) and
improves security. The proposed protocol EasySMS is
compared with two existing protocols SMSSec and PKSIM[9].
The reason behind choosing these protocols for
comparison is that they do not propose to change the
existing architecture of cellular networks. Both protocols
are based on client-server para-digm i.e mobile user is
considered as one end and Authentication Server[AS] is
considered as other end but there is no scenario presented
where SMS is transmitted over two mobile phones.
EXISITNG SYSTEM
SMS messages are transmitted as plaintext between
versatile client and the SMS center, utilizing remote
system. SMPP and UCP protocols are used to connect
SMSC for mobile phones. The contents of SMS are
stored in the system of network operators and can be read
by the personnel. An assault model depicts diverse
situations for the possibilities of different attacks where a
pernicious Mobile Station[MS] can access the original
data, or deceive the legitimate mobile station. Since, the
SMS is sent as plaintext, the network administrators can
undoubtedly access the data during SMS transmission at
the SMSC which results in SMS Disclosure assault. A
type of system assault where the conversation between
the mobile stations is delayed and where the aggressor
tries to cryptanalyze the produced keys is termed as
replay assault. The drawback of existing protocols like
PK-SIM & SMSSec is that they both are base don clientserver paradigm and are prone to various attacks as
mentioned above.
Fig1. Existing Architecture
PROPOSED SYSTEM
To defeat the above stated assaults a new protocol named
EasySMS has been proposed which furnish end-to-end
secure transmission of data in the cellular network.
Earlier existing protocols were based on both asymmetric
and symmetric key cryptography where as proposed
protocol is completely based on symmetric key.The
proposed protocol can be explained in two distinctive
scenarios. First scenario where both mobile station
belongs to same authentication servers, i.e. they happens
to share the same HLR(Home Location Register)a
database that contains pertinent data of those subscriber
who are approved to utilize the GSM and the second
scenario where MS belongs to different AS.
There are mainly two entities in the proposed protocol
(i)Authentication server that stores every single
symmetric key shared in the between AS and MS
(ii)Certified authority(CA) that stores all the data
identified with versatile endusers. It is assumed that each
enduser needs to enroll the details of mobile with CA and
strictly after the verification of identity SIM gets
activated.It is proposed to incorporate one more
administration as ‘EasySMS’ in the menu of portable
programming grew by different versatile organizations.
Portable administrations can add some additional charges
to send secure message by their clients over the system.
The proposed mechanism is illustrated in Fig 2:
Fig2. Proposed Architecture
An SMS gateway allows a computer to send or
receive Short Message Service and Simple Mail Transfer
Protocol (SMTP) is an Internet standard for electronic
mail (email) transmission. It is assumed that initially an
user has to register his/her details i.e., Username, Ph.NO,
email address etc and an database is considered to save
all these subscribers details. Using these components a
SMS is received to the user which consists of username
and password which is generated randomly. Using this
username and password one user can securely login to
chat with the other user. Once the user has got logged in
a request is sent to the other user with specific timestamp
the other user will receive the request number, timestamp
and the MAC address of the requester and now the user2
will validate the details and will approve the request
thereafter a secure connection is established and endusers can communicate with each other. The data that is
sent over the network is encrypted using a cipher
algorithm. By carrying out such process the SMS is
securely transmitted between the end-users and can
overcome the attacks like SMS Disclosure and Replay
attacks
Resistance to Assaults:
1. SMS Disclosure Assault: In EasySMS protocol, a
cryptographic encryption algorithm is considered to
provide end-to-end confidentiality to transmitted
messages in the network.
2. Replay Assault: Proposed protocol is free from this
kind of attack because it attaches a timestamp (like
T1,T2,T3) with each message that is sent over the
network. These unique timestamps prevent the system
from a kind of replay attack.
CONCLUSION
The EasySMS convention is ordinarily used to outline
for assurance of different assaults furthermore give endto-end secure correspondence. Symmetric key is
effectively overseen by the proposed protocol called
EasySMS furthermore it is correspondence overhead
amid execution, contrasted with SMSSec and PK-SIM
convention verification of trade of messages is less.
REFERENCES
[1] Press Release. (2012, Dec. 3). Ericsson Celebrates 20
Years
of
SMS
[Online].
Available:
http://www.ericsson.com/ag/news/2012-12-03-smsen_
3377875_c
[2] R. E. Anderson et al., “Experiences with a
transportation information system that uses only GPS
and SMS,” in Proc. IEEE ICTD, no. 4, Dec. 2010.
[3] A. Nehra, R. Meena, D. Sohu, and O. P. Rishi, “A
robust approach to prevent software piracy,” in Proc.
SCES, 2012, pp. 1–3.
[4] A. De Santis, A. Castiglione, G. Cattaneo, M.
Cembalo, F. Petagna, and U. F. Petrillo, “An extensible
framework for efficient secure SMS,” in Proc. Int. Conf.
CISIS, 2010, pp. 843–850.
[5]Manoj Patil, Prof. Vinay Sahu, “A Survey of
Compression and Encryption Techniques for SMS*” .
[6]S. Wu and C. Tan, “A high security framework for
SMS,” in Proc. 2nd Int. Conf. BMEI, 2009, pp. 1–6.
[7] M. Toorani and A. Shirazi, “SSMS—A secure SMS
messaging protocol for the m-payment systems,” in Proc.
IEEE ISCC, Jul. 2008, pp. 700–705.
[8] J. L.-C. Lo, J. Bishop, and J. H. P. Eloff, “SMSSec:
An end-to end protocol for secure SMS,”
Compute.Security, vol. 27, nos. 5–6, pp. 154–167, 2008.
[9] H. Rongyu, Z. Guolei, C. Chaowen, X. Hui, Q. Xi,
and Q. Zheng, “A PK-SIM card based end-to-end
security framework for SMS,” Comput. Standard Interf.,
vol. 31, no. 4, pp. 629–641, 2009.
[10]Nandini V and Deepak M, “An Efficient and Secure
Symmetric key used for EasySMS protocol”.
Related documents
SMS - FltPlan.com
SMS - FltPlan.com
here - Edenfield Road Surgery
here - Edenfield Road Surgery
Email Service
Email Service
Data Flow Diagram - Digital Knowledge Centre
Data Flow Diagram - Digital Knowledge Centre
simon-roberts-presentation
simon-roberts-presentation
True Fact - India Global SMS
True Fact - India Global SMS
Symptom Magnification Syndrome (SMS)
Symptom Magnification Syndrome (SMS)
Smith Magenis Syndrome
Smith Magenis Syndrome
Download
advertisement