Performance Analysis of Cryptographic Protocols to Enhance SMS and M-Commerce Security
Nikhil B. Khandare "Performance Analysis of Cryptographic Protocols to Enhance SMS and M-Commerce Security". International Journal of Computer Trends and Technology (IJCTT) V44(2):58-63, February 2017. ISSN:2231-2803. www.ijcttjournal.org. Published by Seventh Sense Research Group.
Abstract -
This paper explores the issue of one time password which is sent in online electronic credit card transactions from payment gateway server to the customer. Confidentiality should be maintained in exchange of SMS between the parties. In section II, three solutions are proposed for secure transmission of this SMS, first is end to end encryption between the parties’ i.e. symmetric and asymmetric encryption, their performance is also analyzed. In second solution Elliptic curve Diffie-Hellman key exchange is used to share key between the two parties. In third solution BB84 protocol of Quantum cryptography is used to share the SMS between two parties. In section III observations of research are discussed which suggest logically that Elliptic curve Diffie-Hellman is most secure for key exchange. Section IV concludes the paper and extension of this research is given in future scope.
References
[1] Washington, Lawrence C. Elliptic curves: number theory and cryptography. CRC press, 2008.
[2] Saxena, Neetesh, and Narendra S. Chaudhari. "A secure approach for SMS in GSM network." Proceedings of the CUBE International Information Technology Conference. ACM, 2012.
[3] Kaushik, Sona, and Shalini Puri. "Online transaction processing using enhanced sensitive data transfer security model." Engineering and Systems (SCES), 2012 Students Conference on. IEEE, 2012.
[4] Saxena, Neetesh, and Narendra S. Chaudhari. "An Approach for SMS Security using Authentication Functions." Industrial Electronics and Applications (ICIEA), 2012 7th IEEE Conference on (0975–8887), Singapore, Digital Object Identifier. Vol. 10. 2012.
[5] Saxena, Neetesh, and Narendra S. Chaudhari. "SecureSMS: A secure SMS protocol for VAS and other applications." Journal of Systems and Software90 (2014): 138-150.
[6] Toorani, Mohsen, and A. Beheshti. "SSMS-A secure SMS messaging protocol for the m-payment systems." Computers and Communications, 2008. ISCC 2008. IEEE Symposium on. IEEE, 2008.
[7] Toorani, Mohsen, and A. Beheshti. "Solutions to the GSM security weaknesses." Next Generation Mobile Applications, Services and Technologies, 2008. NGMAST`08. The Second International Conference on. IEEE, 2008.
[8] Saxena, Navrati, Narendra S. Chaudhari, and Julian Thomas. "Solution to an attack on digital signature in SMS security." Modeling, Simulation and Applied Optimization (ICMSAO), 2013 5th International Conference on. IEEE, 2013.
[9] Saxena, Neetesh, and Narendra S. Chaudhari. "An Approach for SMS Security using Authentication Functions." Industrial Electronics and Applications (ICIEA), 2012 7th IEEE Conference on (0975–8887), Singapore, Digital Object Identifier. Vol. 10. 2012.
[10] Saxena, Neetesh, and Narendra S. Chaudhari. "Prevention of SMS against Repudiation Attack over the GSM Network." Journal of Information Assurance & Security 8.3 (2013): 156-166.
[11] Narendiran, C., S. Albert Rabara, and N. Rajendran. "Performance evaluation on end-to-end security architecture for mobile banking system." Wireless Days, 2008. WD`08. 1st IFIP. IEEE, 2008.
[12] Ma, Kun, Han Liang, and Kaijie Wu. "Homomorphic property-based concurrent error detection of RSA: a countermeasure to fault attack."Computers, IEEE Transactions on 61.7 (2012): 1040-1049.
[13] Agoyi, Mary, and Devrim Seral. "SMS security: an asymmetric encryption approach." Wireless and Mobile Communications (ICWMC), 2010 6th International Conference on. IEEE, 2010.
[14] Bella, Giampaolo, Fabio Massacci, and Lawrence C. Paulson. "Verifying the SET registration protocols." Selected Areas in Communications, IEEE Journal on 21.1 (2003): 77-87.
[15] Sun, Hung-Min, et al. "Dual RSA and its security analysis." Information Theory, IEEE Transactions on 53.8 (2007): 2922-2933.
[16] Sim, Kwang Mong, and Raymond Chan. "A brokering protocol for agent-based e-commerce." Systems, Man, and Cybernetics, Part C: Applications and Reviews, IEEE Transactions on 30.4 (2000): 474-484.
[17] Niemiec, Marcin, and Andrzej R. Pach. "Management of security in quantum cryptography." Communications Magazine, IEEE 51.8 (2013): 36-41.
[18] Stuttard, Dafydd, and Marcus Pinto. The Web Application Hacker`s Handbook: Finding and Exploiting Security Flaws. John Wiley & Sons, 2011
Keywords
Symmetric cryptography, assymetric cryptography, Elliptic curve Diffie-Hellman, Elliptic curve cryptography, Quantum cryptography.