Belaynew, Assefa (2013) Security Enhanced SMS for Sensitive Applications. Masters thesis, Addis Ababa University.
PDF (Security Enhanced SMS for Sensitive Applications)
Belaynew, Assefa.pdf - Accepted Version Restricted to Repository staff only Download (1MB) | Request a copy |
Abstract
Currently, Short Message Service (SMS) is one of the most widely used services in our day to day life. Recently, in Ethiopia, many organizations use SMS messaging in order to transmit sensitive information which needs more secure communication. Commercial Bank of Ethiopia (CBE), Dashen Bank, and Zemen Bank are some of Ethiopian financial organizations that introduces SMS based banking which enables bank customers to perform banking transactions using SMS messages. Ethiopian football federation and some other organizations also use SMS to transmit lottery number and other sensitive information. SMS based health is also introduced to transmit health related information. But SMS messaging over GSM network is not suitable to transmit sensitive information and it is not secure at all. Since, the traditional SMS over GSM network uses a store and forward method which means the transmitted SMS is stored on the SMSC as plain text. The SMS service providers can control this stored information and if someone access this SMSC server, the information will be at risk. SMS‟s security has become a major concern for different organizations and customers. Therefore, it is desirable to secure SMS for sensitive information by additional encryption. The aim of this thesis is to design a secure SMS protocol for mobile environment and to show that it enhances the traditional SMS security. To achieve this we propose a hybrid encryption method. Asymmetric encryption (ECC) used to secure the shared onetime password which is used to encrypt and decrypt the SMS message. Blowfish, symmetric encryption used to secure the original SMS message. This solution provides end-to-end security between any two java enabled mobile phones. The first advantage of this solution is that, it reduces the number of keys used. It also allows to exchange confidential, non-repudiable and digitally signed SMS message over GSM network. This solution can be adopted for different SMS based applications that need security. Among such applications are SMS based Banking, SMS based health and SMS based voting. The result of this work is improving security drawbacks of the existing SMS communication by using hybrid encryption technique. After studying and analyzing different encryptions techniques we decide to use ECC for key exchange and Blowfish for securing the original SMS messages. In this work encrypted shared key and encrypted SMS payload sent together as a result, secret key management is solved and it reduces the storage required to store the secret key. The system had tested in different simulator and real mobile phone such as Nokia X2-00.
Item Type: | Thesis (Masters) |
---|---|
Uncontrolled Keywords: | Secure SMS Messaging, Hybrid Encryption, ECC, Blowfish |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science Q Science > QA Mathematics > QA76 Computer software T Technology > T Technology (General) |
Divisions: | Africana |
Depositing User: | Selom Ghislain |
Date Deposited: | 12 Sep 2018 07:38 |
Last Modified: | 12 Sep 2018 07:38 |
URI: | http://thesisbank.jhia.ac.ke/id/eprint/5209 |
Actions (login required)
View Item |