BVPSMS: A Batch Verification Protocol for End-to-End Secure SMS for Mobile Users

Neetesh Saxena, Hong Shen, Nikos Komninos, Kim Kwang Raymond Choo, Narendra S. Chaudhari

Research output: Contribution to journalArticlepeer-review

8 Citations (Scopus)

Abstract

Short Message Service (SMS) is a widely used communication medium for mobile applications, such as banking, social networking, and e-commerce. Applications of SMS services also include real-time broadcasting messages, such as notification of natural disasters (e.g., bushfires and hurricane) and terrorist attacks, and sharing the current whereabouts to other users, such as notifying urgent business meeting information, transmitting quick information in the battlefield to multiple users, notifying current location to our friends and sharing market information. However, traditional SMS is not designed with security in mind (e.g., messages are not securely sent). It is also possible to extract international mobile subscriber identity of the mobile user. In the literature, there is no known protocol that could enable secure transmission of SMS from one user to multiple users simultaneously. In this paper, we introduce a batch verification authentication and key agreement protocol, BVPSMS, which provides end-to-end message security over an insecure communication channel between different mobile subscribers. Specifically, the proposed protocol securely transmits SMS from one mobile user to many other users simultaneously. The reliability of the protocol is discussed along with an algorithm to detect malicious user requests in a batch. We then evaluate the performance of the proposed protocol in terms of communication and computation overheads, protocol execution time, and batch and re-batch verification times. The impacts of the user mobility, and the time, space and cost complexity analysis are also discussed. We then present a formal security proof of the proposed protocol. To the best of our knowledge, this is the first provably-secure batch verification protocol that delivers end-to-end SMS security using symmetric keys.

Original languageEnglish
Article number8274977
Pages (from-to)550-565
Number of pages16
JournalIEEE Transactions on Dependable and Secure Computing
Volume17
Issue number3
DOIs
Publication statusPublished - 1 May 2020
Externally publishedYes

Keywords

  • Authentication
  • Batch verification
  • Mobile subscriber
  • SMS
  • Symmetric key cryptosystem

Fingerprint

Dive into the research topics of 'BVPSMS: A Batch Verification Protocol for End-to-End Secure SMS for Mobile Users'. Together they form a unique fingerprint.

Cite this