SSMS - A secure SMS messaging protocol for the m-payment systems

The GSM network with the greatest worldwide number of users, succumbs to several security vulnerabilities. The short message service (SMS) is one of its superior and well-tried services with a global availability in the GSM networks. The main contribution of this paper is to introduce a new secure application layer protocol, called SSMS, to efficiently embed the desired security attributes in the SMS messages to be used as a secure bearer in the m-payment systems. SSMS efficiently embeds the confidentiality, integrity, authentication, and non-repudiation in the SMS messages. It provides an elliptic curve-based public key solution that uses public keys for the secret key establishment of a symmetric encryption. It also provides the attributes of public verification and forward secrecy. It efficiently makes the SMS messaging suitable for the m-payment applications where the security is the great concern.

[1]  Russ Housley,et al.  Delegated Path Validation and Delegated Path Discovery Protocol Requirements , 2001, RFC.

[2]  M. Hassinen,et al.  Java based Public Key Infrastructure for SMS Messaging , 2006, 2006 2nd International Conference on Information & Communication Technologies.

[3]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[4]  S.M. Siddique,et al.  Notice of Violation of IEEE Publication PrinciplesGSM Security Issues and Challenges , 2006, Seventh ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD'06).

[5]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[6]  M. Hassinen SafeSMS - end-to-end encryption for SMS , 2005, Proceedings of the 8th International Conference on Telecommunications, 2005. ConTEL 2005..

[7]  Marko Hassinen SafeSMS - End-to-end encryption for SMS messages , 2005 .

[8]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[9]  B. Dukic,et al.  m-order - payment model via SMS within the m-banking , 2005, 27th International Conference on Information Technology Interfaces, 2005..

[10]  K. Hypponen,et al.  Strong mobile authentication , 2005, 2005 2nd International Symposium on Wireless Communication Systems.

[11]  Carlisle M. Adams,et al.  X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.

[12]  Ayman I. Kayssi,et al.  J2ME end-to-end security for M-commerce , 2003, 2003 IEEE Wireless Communications and Networking, 2003. WCNC 2003..

[13]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[14]  W.L. Xu,et al.  A mobile-based home automation system , 2005, 2005 2nd Asia Pacific Conference on Mobile Technology, Applications and Systems.

[15]  Scott B. Guthery,et al.  Mobile Application Development with SMS and the SIM Toolkit , 2001 .