A Secure SMS Authentication Based on Limited-Used Session Keys
Article Sidebar
Main Article Content
Abstract
- Currently, short message service (or SMS) is very popular like a payment transaction, payment products or services, vote or a comment to activities. A lot of researches have been presented SMS authentication. However, a number of researches were presented still lacking of security and authentication. This paper presents SMS authentication to increase security. Moreover, the proposed protocol deploys a limited-use offline session key generation and use of distribution technique to enhance security. The result of proposed protocol illustrated that it gained better performance and less time than existing papers and sending short text messages each time was less than the maximum.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
I/we certify that I/we have participated sufficiently in the intellectual content, conception and design of this work or the analysis and interpretation of the data (when applicable), as well as the writing of the manuscript, to take public responsibility for it and have agreed to have my/our name listed as a contributor. I/we believe the manuscript represents valid work. Neither this manuscript nor one with substantially similar content under my/our authorship has been published or is being considered for publication elsewhere, except as described in the covering letter. I/we certify that all the data collected during the study is presented in this manuscript and no data from the study has been or will be published separately. I/we attest that, if requested by the editors, I/we will provide the data/information or will cooperate fully in obtaining and providing the data/information on which the manuscript is based, for examination by the editors or their assignees. Financial interests, direct or indirect, that exist or may be perceived to exist for individual contributors in connection with the content of this paper have been disclosed in the cover letter. Sources of outside support of the project are named in the cover letter.
I/We hereby transfer(s), assign(s), or otherwise convey(s) all copyright ownership, including any and all rights incidental thereto, exclusively to the Journal, in the event that such work is published by the Journal. The Journal shall own the work, including 1) copyright; 2) the right to grant permission to republish the article in whole or in part, with or without fee; 3) the right to produce preprints or reprints and translate into languages other than English for sale or free distribution; and 4) the right to republish the work in a collection of articles in any other mechanical or electronic format.
We give the rights to the corresponding author to make necessary changes as per the request of the journal, do the rest of the correspondence on our behalf and he/she will act as the guarantor for the manuscript on our behalf.
All persons who have made substantial contributions to the work reported in the manuscript, but who are not contributors, are named in the Acknowledgment and have given me/us their written permission to be named. If I/we do not include an Acknowledgment that means I/we have not received substantial contributions from non-contributors and no contributor has been omitted.
References
2. O. Dandash, Y. Wang, and P.D. Le, “Fraudulent Internet Banking Payments Prevention using Dynamic Key,”Journal of Networks,” Vol.3(1), Academy Publisher, pp. 25-34, 2008.
3. S. Kungpisdan, P.D. Le, and B. Srinivasan, “A Limited-Used Key Generation Scheme for Internet Transactions,” Lecture Notes in Computer Scienc e, Vol. 3325, 2005.
4. Li, Y. and Zhang, X, “A Security-enhanced One-time Payment Scheme for Credit Card,” Proc. of the Int’l Workshop on Research Issues on Data Engineering: Web Services for ECommerce and E-Government Applications, 2004.
5. S. Kungpisdan, B. Srinivasan, and P.D. Le, “Lightweight Mobile Credit-card Payment Protocol,” Lecture Notes in Computer Science, Vol. 2904, pp. 295-308, 2003.
6. A. D. Rubin and R.N. Wright, “Off-line Generation of Limited-Use Credit Card Numbers,” Lecture Notes in Computer Science, Vol. 2339, pp. 196, 2002.
7. H. Ratshinanga, J. LO, and J. Bishop. "A Security Mechanism for Secure SMS Communication," Proceedings of SAICSIT, pp. 1-6, 2004.
8. J. L. Lo, J. Bishop and J.H.P Eloff, "SMSSec: an end-to-end protocol for secure SMS," Computers & Security, vol. 27, no. 5-6, pp. 154-167, 2008.
9. H. Rongyu, Z. Guolei, C. Chaowen, X. Hui, Q. Xi and Q. Zheng, "A PK-SIM card based end-to-end security framework for SMS", Computer Standards & Interfaces 31.4, pp. 629-641, 2009.
10. N. Saxena and N.S. Chaudhari, "SecureSMS: A secure SMS protocol for VAS and other applications," Journal of Systems and Software 90 (2014): pp. 138-150, 2014.
11. N. Saxena, N. S. Chaudhari and G. L. Prajapati, "An extended approach for SMS security using authentication functions", Industrial Electronics and Applications (ICIEA), 7th IEEE Conference on. IEEE, pp. 663-668, 2012.
12. N. Saxena and A. Payal, "Enhancing Security System of Short Message Service for M-Commerce in GSM", International Journal of Computer Science & Engineering Technology (IJCSET), ISSN: 2229-3345 Vol. 2 No. 4, pp. 126-133, 2011.
13. N. Saxena and N. S. Chaudhari, "A secure approach for SMS in GSM network", Proceedings of the CUBE International Information Technology Conference. ACM, pp. 59-64, 2012.
14. M. Toorani and A. A. B. Shirazi, SSMS – A Secure SMS Messaging Protocol for the M-Payment Systems, Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC'08), Marrakech, July 6-9, 2008, pp. 700-705.
15. A. Biryukov, A. Shamir and D. Wagner, Real Time Cryptanalysis of A5/1 on a PC, 2000 [Online]. Available: https://cryptome.org/a51-bsw.htm. Accessed on: 13 February 2007.
16. N.R. Potlapally, S. Ravi, A. Raghunathan, and N.K. Jha, “A study of the energy consumption characteristics of cryptographic algorithms and security protocols,” IEEE Transactions on mobile computing, vol. 5, no. 2, pp. 128-143, 2006.