An end-to-end short message service (SMS) security using a hybrid technique of NTRU and AES-RIJNDAEL

Abstract

Short Message Service (SMS) is a very popular and easy-to-use communication technology for mobile phone users. Originally, this service was not designed to transmit secured data, so the security was not an important issue during its early design. Despite that, it is sometimes used to exchange sensitive information between communicating parties. Public Key Infrastructure (PKI) is a proven solution, which can be used to secure mobile communications. The usage of PKI encryption with mobile devices can provide the confidentiality, authentication, integrity and non-repudiation security services that needed to secure SMS. This research aims to propose and to develop an alternative solution that provides an end-to-end SMS security application layer solution that guarantees confidentiality, authentication, integrity and non- epudiation security services. The proposed solution is expected to achieve all required cryptographic operations independently of the mobile network operator or service provider without any additional hardware or any negative effects on mobile phone device performance. A hybrid cryptographic scheme has been used which combines the asymmetric (NTRU algorithm) and symmetric cryptography (AES-Rijndael) to achieve more robust functionality. For implementation, a mobile information device application (MIDlet) has been developed in Java 2 Micro Edition (J2ME) to introduce the required security services for SMS. The developed application has been tested first on simulators then move to the real mobile devices such as Nokia N70. The testing results on the actual mobile devices showed that all the required cryptographic operations are successfully demonstrated with a reasonable processing time (less than one second) while maintaining the mobile phone performance.