SMSCrypto: A lightweight cryptographic framework for secure SMS transmission

► The paper introduces a lightweight cryptographic framework for SMS applications. ► Adoption of certificateless cryptography does not need a PKI for digital signatures. ► The use of Elliptic Curve Cryptography allowed small overheads on SMS. ► The benchmark results show the low impact on usability...

Full description

Saved in:
Bibliographic Details
Published inThe Journal of systems and software Vol. 86; no. 3; pp. 698 - 706
Main Authors Pereira, Geovandro C.C.F., Santos, Mateus A.S., de Oliveira, Bruno T., Simplicio Jr, Marcos A., Barreto, Paulo S.L.M., Margi, Cíntia B., Ruggiero, Wilson V.
Format Journal Article
LanguageEnglish
Published New York Elsevier Inc 01.03.2013
Elsevier Sequoia S.A
Subjects
Authentication protocols
Cell phones
Cellular telephones
Cryptography
Data encryption
Elliptic curve cryptosystems
Infrastructure
Lightweight
Message passing
Public Key Infrastructure
Security
Service introduction
Short message service
Signatures
SIM
SMS
Studies
Text messaging
Weight reduction
11T71
14G50
SMS
94A60
Elliptic curve cryptosystems
Cryptography
Security
Online AccessGet full text

Cover

More Information
Summary:► The paper introduces a lightweight cryptographic framework for SMS applications. ► Adoption of certificateless cryptography does not need a PKI for digital signatures. ► The use of Elliptic Curve Cryptography allowed small overheads on SMS. ► The benchmark results show the low impact on usability of SMS applications. Despite the continuous growth in the number of smartphones around the globe, Short Message Service (SMS) still remains as one of the most popular, cheap and accessible ways of exchanging text messages using mobile phones. Nevertheless, the lack of security in SMS prevents its wide usage in sensitive contexts such as banking and health-related applications. Aiming to tackle this issue, this paper presents SMSCrypto, a framework for securing SMS-based communications in mobile phones. SMSCrypto encloses a tailored selection of lightweight cryptographic algorithms and protocols, providing encryption, authentication and signature services. The proposed framework is implemented both in Java (target at JVM-enabled platforms) and in C (for constrained SIM Card processors) languages, thus being suitable for a wide range of scenarios. In addition, the signature model adopted does not require an on-line infrastructure and the inherent overhead found in the Public Key Infrastructure (PKI) model, facilitating the development of secure SMS-based applications. We evaluate the proposed framework on a real phone and on SIM Card-comparable microcontroller.
Bibliography:ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 23
ISSN:0164-1212
1873-1228
DOI:10.1016/j.jss.2012.11.004