SMSCrypto: A lightweight cryptographic framework for secure SMS transmission

► The paper introduces a lightweight cryptographic framework for SMS applications. ► Adoption of certificateless cryptography does not need a PKI for digital signatures. ► The use of Elliptic Curve Cryptography allowed small overheads on SMS. ► The benchmark results show the low impact on usability...

Full description

Saved in:
Bibliographic Details
Published in:The Journal of systems and software 2013-03, Vol.86 (3), p.698-706
Main Authors: Pereira, Geovandro C.C.F., Santos, Mateus A.S., de Oliveira, Bruno T., Simplicio Jr, Marcos A., Barreto, Paulo S.L.M., Margi, Cíntia B., Ruggiero, Wilson V.
Format: Article
Language:English
Subjects:
Authentication protocols
Cell phones
Cellular telephones
Cryptography
Data encryption
Elliptic curve cryptosystems
Infrastructure
Lightweight
Message passing
Public Key Infrastructure
Security
Service introduction
Short message service
Signatures
SIM
SMS
Studies
Text messaging
Weight reduction
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:► The paper introduces a lightweight cryptographic framework for SMS applications. ► Adoption of certificateless cryptography does not need a PKI for digital signatures. ► The use of Elliptic Curve Cryptography allowed small overheads on SMS. ► The benchmark results show the low impact on usability of SMS applications. Despite the continuous growth in the number of smartphones around the globe, Short Message Service (SMS) still remains as one of the most popular, cheap and accessible ways of exchanging text messages using mobile phones. Nevertheless, the lack of security in SMS prevents its wide usage in sensitive contexts such as banking and health-related applications. Aiming to tackle this issue, this paper presents SMSCrypto, a framework for securing SMS-based communications in mobile phones. SMSCrypto encloses a tailored selection of lightweight cryptographic algorithms and protocols, providing encryption, authentication and signature services. The proposed framework is implemented both in Java (target at JVM-enabled platforms) and in C (for constrained SIM Card processors) languages, thus being suitable for a wide range of scenarios. In addition, the signature model adopted does not require an on-line infrastructure and the inherent overhead found in the Public Key Infrastructure (PKI) model, facilitating the development of secure SMS-based applications. We evaluate the proposed framework on a real phone and on SIM Card-comparable microcontroller.
ISSN:0164-1212
1873-1228
DOI:10.1016/j.jss.2012.11.004