See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/308811037

An encryption protocol for end-to-end secure transmission of SMS

Conference Paper · March 2015

DOI: 10.1109/ICCPCT.2015.7159471

CITATIONS READS
17 557

2 authors, including:

Panchami Vijayan
Toc H Institute of Science and Technology
10 PUBLICATIONS   45 CITATIONS   

SEE PROFILE

All content following this page was uploaded by Panchami Vijayan on 15 May 2018.

The user has requested enhancement of the downloaded file.

 2015 International Conference on Circuit, Power and Computing Technologies [ICCPCT]
An Encryption Protocol for End-to-end Secure
Transmission of SMS
Minta Thomas
PG Student,CSE
Toc-H Institute of Science and Technology
Ernakulam,India.Pin-682313
Email:mintathomasj7@gmail.com
Abstract-Short Message Service (SMS) is a process
of transmission of short messages over the
network. SMS is used in daily life applications
including mobile commerce, mobile banking, and
so on. It is a robust communication channel to
transmit information. SMS pursue a store and
forward way of transmitting messages. The
private information like passwords, account
number, passport number, and license number
are also send through message. The traditional
messaging service does not provide security to the
message since the information contained in the
SMS transmits as plain text from one mobile
phone to other. This paper explains an efficient
encryption protocol for securely transmitting the
confidential SMS from one mobile user to other
which serves the cryptographic goals like
confidentiality, authentication and integrity to the
messages. The Blowfish encryption algorithm
gives confidentiality to the message, the EasySMS
protocol is used to gain authentication and MD5
hashing algorithm helps to achieve integrity of the
messages. Blowfish algorithm utilizes only less
battery power when compared to other encryption
algorithms. The protocol prevents various attacks,
including SMS disclosure, replay attack, man-in-
the middle attack and over the air modification.
Index terms: Cryptography, Encryption, Secure
Transmission, Symmetric Encryption,
Asymmetric Encryption.
I. INTRODUCTION
Mobile phones have become pervasive and
ubiquitous in the current environment around the
world. Short Message Service (SMS) or text
messaging is one of the services that have been very
popular in the mobile phones. SMS has become one
of the fastest and strong communication channels to
transmit the information. It is crucial to protect the
content of the message when confidential information
978-1-4799-7075-9/15/$31.00©2015 IEEE
Panchami V
Assistant Professor ,CSE
Toc-H Institute of Science and Technology
Ernakulam,India.Pin-682313
Email: panchamam036@gmail.com
is exchanged using SMS. The data can be protected
using cryptography.
”Cryptography” derives from the Greek word kruptos
which means ”hidden”. Cryptography is an area of
computer science which is developed to provide
security for the senders and receivers to transmit and
receive confidential data through an insecure channel.
Cryptography [1] ensures that the message should be
sent without any alterations and only the authorized
person can be able to open and read the message.
The plain text is the original message that a person
wishes to send to other user. The Cipher text is the
message that cannot be understood by others. A key
can be a numeric or alpha numeric text or a special
symbol. Encryption is the process of converting the
plaintext into cipher text using a key. Decryption is
the reverse process of encryption in which the
original message is retrieved from the cipher text.
The encryption and decryption process is given in
Fig. 1. The original message or the plain text is the
input to the encryption process which encrypts the
plaintext using a key and produces a cipher text to be
transmitted. The input cipher text is passed through
the decryption process which decrypts the cipher text
using the same key as that of encryption at the
decryption end. Finally the original plaintext message
is obtained.
Fig. 1: Encryption and Decryption Process
A. Goals of cryptography
Cryptography provides some security services that
ensure adequate security of the systems or of data
transfers. Following are the main cryptographic goals
[2]:
 2015 International Conference on Circuit, Power and Computing Technologies [ICCPCT]
• Confidentiality: Assures that private or
confidential information is not made
available or disclosed to unauthorized
individuals.
• Integrity: Assures that information and
programs are changed only in a specified
and authorized manner.
• Authentication: Assurance that the
communicating entity is the one that it
claims to be.
• Non-repudiation: Provides protection
against denial by one of the entities involved
in a communication of having participated in
all or part of the communication.
• Access control: The prevention of
unauthorized use of a resource.
B. Classification of Cryptography
The cryptographic encryption can be classified into
two categories- Symmetric key cryptography and
Asymmetric key cryptography.
• Symmetric Key Cryptography
In symmetric key cryptography, a single key
is used for both encryption and decryption.
The sender uses the secret key to encrypt the
plaintext and sends the ciphertext to the
receiver. The receiver applies the same
secret key to decrypt the message and
recover the plaintext. Symmetric key
cryptography is also called secret key
cryptography or private key cryptography.
• Asymmetric Key Cryptography
In asymmetric key cryptography, two
different keys are used for encryption and
decryption-a public key and a private key. It
transforms plaintext into ciphertext using
public keys and an encryption algorithm.
Using the private key and a decryption
algorithm, the plaintext is recovered from
the ciphertext. Asymmetric key
cryptography is also known as public key
cryptography.
Symmetric Encryption Algorithm [3] runs faster
when compared to Asymmetric key algorithms. Also
the memory requirement of Symmetric algorithm is
lesser as compared to asymmetric.
C. Paper organization
This paper is organized as follows. The related work
is described in Section II. The problem definition is
described in Section III describes. The proposed
system is described in Section IV. The
implementation is described in Section V. The
conclusion is described in Section VI describes.
II. RELATED WORKS
The transmission of an SMS in the network is not
secure therefore it is desirable to secure SMS by
additional encryption process. To provide security to
the transmitted messages various authors have
proposed different techniques. In [4] an
implementation of a public key cryptosystem for
SMS in a mobile phone network has been discussed
but the security analysis of the protocol has not
discussed. In [5] a secure SMS is considered to
provide mobile commerce services which is based on
public key infrastructure.
A framework Secure Extensible and Efficient SMS
(SEESMS) [6] uses public key cryptography to
communicate between two peers. SEESMS is a
software framework written in Java which allows two
peers to exchange encrypted and digitally signed
SMS messages. The communication between peers is
secured by using public key cryptography. A security
Protocol called SMSSec in [7] uses both symmetric
and asymmetric encryption algorithms for
communication. SMSSec has a two-phase protocol
with the first handshake using asymmetric
cryptography which occurs only once, and a more
efficient symmetric nth handshake which is used
more dominantly.
A new system called Secret Short Message Service
(SSMS) [8] was proposed to secure SMS messages
transmission on mobile network. Their system is able
to protect the private data saved on mobile phone.
AES Rijndeal is used to perform encryption. Secret
key is embedded in cipher text using hash. It is used
to encrypt SMS message. Message decryption also
uses the same secret key. The encrypted secret key
is used for encryption and decryption.
There are lots of encryption algorithms available in
cryptography area. A study [1] is conducted on
symmetric key algorithms and asymmetric key
algorithms. It is found that symmetric key algorithms
run faster than asymmetric key algorithms such as
RSA and the memory requirement of symmetric
algorithms is lesser than asymmetric encryption
algorithms. The performance of asymmetric
algorithm is relatively low as compared to symmetric
key encryption. Most asymmetric algorithms depend
on the properties of hard problems in mathematics.
The asymmetric encryption works slower as
compared to symmetric encryption.
 2015 International Conference on Circuit, Power and Computing Technologies [ICCPCT]
In the paper [1] the comparisons of symmetric key
algorithms like DES, 3DES, AES, Blowfish are
performed. On the basis of key size and security the
supremacy is for Blowfish algorithm over DES [9],
AES and Triple DES. The F function of Blowfish
algorithm provides a high level of security to encrypt
the plaintext data. Also the Blowfish algorithm runs
faster than other popular symmetric key encryption
algorithms.
A study in [10] [11] is conducted for different
popular secret key algorithms such as DES, 3DES,
AES, and Blowfish. They were implemented, and
their performance was compared by encrypting input
files of varying contents and sizes. The results
showed that Blowfish had a very good performance
compared to other algorithms. Also it showed that
AES had a better performance than 3DES and DES.
It also shows that 3DES has almost 1/3 throughput of
DES, or in other words it needs 3 times than DES to
process the same amount of data.
A study in [12] [13] is conducted on the performance
evaluation of selected symmetric encryption
algorithms (AES, DES, 3DES, RC2, RC6, Blowfish)
on power consumption for wireless devices. It is
found that in case of encryption time, throughput, and
power consumption for encryption and decryption
Blowfish has better performance than other
encryption algorithms, followed by RC6. AES is
faster than 3DES, DES, and RC2. DES encrypts and
decrypts data faster than 3DES and RC2. 3DES is
faster than RC2. RC2 turns out to be the slowest
method when the data being encrypted is small.
A study [14] shows that Blowfish algorithm is a
symmetric key block cipher that uses a 64 bit block
size and variable key length. It takes a variable-length
key from 32 bits to 448 bits. Blowfish is one of the
fastest block ciphers which have developed to date.
No attack is known to be successful against it. The
superiority of Blowfish algorithm with other
algorithms is in terms of the throughput, processing
time and power consumption. Blowfish algorithm has
high throughput. More the throughput, more the
speed of the algorithm less will be the power
consumption.
The Hash function [2] is a function that maps any
message with the variety of length, into a fixed-
length hash value, called a hash code. Hash code is a
function of all bits in any message, which is used to
detect errors of the message. One bit changes in
original message will produce a different hash code.
There are various types of hash function algorithms,
while the MD5 and SHA-1 algorithm are the two
most commonly used algorithms.
Message digest 5 or MD5 [15] [16] is one of
message-digest algorithm that was developed by Ron
Rivest in 1991. MD5 algorithm takes an input in any
of length and produces an output in the form of a
digest with the length of 128 bits. Input received by
this algorithm will be processed in a block size of
512 bits, which will then be divided into 16 sub-
blocks, each is 32 bits. SHA [2] [17] was developed
by the National Institute of Standards and
Technology (NIST) and published as a Federal
Information Processing Standards (FIPS 180) in
1993. SHA-1 input can accept a maximum of less
than 64 bits, and 160 bits long output. SHA-1
processing input in a block size of 512 bits, and then
divide it into 16 sub block that each measuring 32 bit.
The advantages of MD5 [18] [19] is that it is easy to
compute the hash value for any given message,
infeasible to find a message that has a given hash,
infeasible to modify a message without changing its
hash, infeasible to find two different messages with
the same hash. It requires only less memory and low
processing time. All these advantages make it
suitable over other hashing algorithms and to be used
in a mobile platform. From the literature survey it can
be concluded that the best suitable algorithm for
encrypting the message in mobile phone is the
Blowfish algorithm. This is due to its encryption
speed, high throughput, low energy consumption and
saving of battery power. Also MD5 is suitable for
checking the errors that may occur during the
transmission.
III. PROBLEM DEFINITION
The main purpose of SMS is to deliver text messages
from one mobile device to another. But it is not safe
and secure when confidential information is
transmitted using the typical SMS services. It is
important to avoid the SMS content from being
illegally interrupted by illegal sources. Several
cryptography techniques are used to overcome the
SMS security problems and satisfy the security
requirements. The traditional SMS service does not
provide information security of the message being
sent over the network. The existing system makes use
of AES algorithm for the process of encryption. From
the related works it is clear that AES algorithm has
low speed, less throughput, consumes more energy
and reduces battery power. The existing system only
ensures confidentiality and authentication of the
messages that are sending over the network.
 2015 International Conference on Circuit, Power and Computing Technologies [ICCPCT]

IV. PROPOSED WORK

The proposed work is a combination of encryption

algorithm, hashing algorithm and a protocol for
secure end-to-end transmission of SMS. The existing
system [20] uses AES encryption algorithm which
has less throughput, low speed, consumes more
energy and reduces battery power. Since the platform
of proposed work is mobile phone the battery power
is of high importance. The main objective of the
project is to securely transmit SMS from one mobile
to another. Also to develop a system which encrypts
more faster, high throughput, reduces the energy
consumption and saves battery power which provide
confidentiality, authentication and integrity to the
Fig. 2: The Protocol
messages. The protocol prevents various attacks,
including SMS disclosure, replay attack, man-in-the
On the sender side, the hash code of the message or
middle attack and over the air modification.
plain text (P) is first calculated using MD5 algorithm.
The hash code is appended with the message and is
The algorithms used in the project are EasySMS
encrypted using Blowfish algorithm. The key used
protocol, Blowfish encryption algorithm and MD5
for encryption is received from the authentication
hashing algorithm. The protocol aims to achieve
server. The cipher message (Y) thus obtained can be
authentication, the Blowfish encryption algorithm is
transmitted over the network. On the receiver side,
used to achieve confidentiality and MD5 is used to
the cipher message is decrypted using Blowfish
achieve integrity to the message. The protocol
algorithm where the message (P) and hash code is
includes two Mobile Stations (MS1 and MS2),
obtained. The hash code of the message P is
Authentication Server (AS) and a certified authority
calculated and is compared with the received hash
(CA). The AS stores all the symmetric keys shared
code. If both are same then no error has occurred in
between AS and the respective MS. CA stores all the
the transmission.
information related to the mobile subscribers. We
assume that every subscriber has to register his/her
mobile number with CA entity and only after the
verification of identity, the SIM card gets activated
by this entity. Thus, this entity is responsible to
validate the identity of the subscribers. We also
assume that a symmetric key is shared between the
AS and the CA which provides the proper security to
all the transmitted information between AS and CA
[20].

First, the mobile user who wants to send the SMS

(say MS1) transmits an initial request to other mobile
Fig. 3: Secure Communication
user (say MS2) for the connection. On receiving the
message MS2 forwards request to AS. When the AS
receives a message from the MS2 the message is
The sender and receiver are the two mobile users.
forwarded to CA. The CA checks the validity of both
The battery power and throughput have a vital role
entities and sends the reply back to the AS. On
since the platform used is mobile phone. So we opted
receiving the message from the CA, if the AS finds
Blowfish algorithm for encrypting the message.
any of the entities is invalid then the connection is
Blowfish encryption algorithm has high throughput,
simply terminated and MS1 needs to send a fresh
reduces the energy consumption and saves battery
connection request. The AS sends the secret key to
power. The MD5 algorithm checks whether any
the MS1 and MS1 sends an acknowledgment back to
alteration or modification of the message has
AS. The AS also sends the secret key to the MS2 to
occurred during the transmission. Hence the system
which an acknowledgment is send back to the AS.
proves to transmit the messages securely between
Hence MS2 confirms the connection with MS1 and
mobile users.
now secure communication can be taken place.
 2015 International Conference on Circuit, Power and Computing Technologies [ICCPCT]
V. IMPLEMENTATION
The proposed work aims to achieve the cryptographic
goals by making use of protocol and algorithms as
discussed in proposed work. The overall system can
be divided into three modules, namely, User Profile,
Authentication Server and Secure Communication.
A. User Profile
When a mobile user wants to send a confidential
information to another user, the user requests for a
connection to the authentication server. The request
includes the MAC or timestamp of the message. The
authentication server forwards the requests to
certified authority where all the mobile subscriber
details are stored. If it is a valid user, then the user is
connected to server.
B. Authentication Server
An authentication server (AS) stores the keys shared
between the authentication server and the users. On
conforming the connection between the sender and
receiver the authentication server sends the secret key
to both users. The encryption takes place through this
secret key.
C. Secure Communication
The sender calculates the hash value of the message
using MD5 and encrypts the message using the
Blowfish algorithm. The key for encryption is send
by the authentication server. On receiving the
message the receiver decrypts the ciphered message
and calculates the hash. The error detection is
performed by comparing the received and calculated
hash.
VI. CONCLUSION
The SMS are being used in many daily life
applications. But when we send an SMS from one
mobile phone to other, the information contained in
the SMS transmit as plain text. The paper explains an
efficient encryption protocol which includes the
Blowfish and MD5 algorithms that aims to achieve
confidentiality and integrity respectively. The
EasySMS protocol provides authentication. The
proposed work aims to achieve high throughput,
encrypts more faster and saves battery power as it
makes use of energy efficient Blowfish algorithm.
Hence the SMS can be securely transmitted from one
mobile to another.
REFERENCES
[1] Monika Agrawal, A Comparative Survey on
Symmetric Key Encryption Techniques, International
Journal on Computer Science and Engineering
(IJCSE),Vol. 4 No. 05 May 2012.
[2] William Stallings, Cryptography and Network
Security Principles and Practices Fourth Edition.
[3] Ketu File white papers, Symmetric vs
Asymmetric Encryption, a division of Midwest
Research Corporation.
[4] M. Hassinen, Java based public key infrastructure
for SMS messaging,in Proc. 2nd ICTTA, 2006, pp.
8893.
[5] S. Wu and C. Tan, A high security framework for
SMS,in Proc. 2nd Int. Conf. BMEI, 2009, pp. 16.
[6] A. De Santis,G. Cattaneo, M. Cembalo, F.
Petagna, and U. F. Petrillo, An extensible framework
for efficient secure SMS,in Proc. Int. Conf. CISIS,
2010, pp. 843850.
[7] J. L.-C. Lo, J. Bishop, and J. H. P. Eloff, SMSSec:
An end-toend protocol for secure SMS, Computer
Security, vol. 27, nos. 56,pp. 154167, 2008.
[8] M. Toorani and A. Shirazi, SSMS: A secure SMS
messaging protocol for the m-payment systems,in
Proc. IEEE ISCC, Jul. 2008, pp. 700705.
[9] Tingyuan Nie, Chuanwang Song, Xulong Zhi,
Performance Evaluation of DES and Blowfish
Algorithms,IEEE, 2010.
[10] Diaa Salama Abdul Minaam, Hatem M. Abdual-
Kader, and Mohiy Mohamed Hadhoud, Evaluating
the Effects of Symmetric Cryptography Algorithms on
Power Consumption for Different Data
Types,International Journal of Network Security,
Vol.11, No.2, PP.7887, Sept. 2010.
[11] Najib A. Kofahi, Turki Al-Somani and Khalid
Ai-Zamil, Performance Evaluation of Three
Encryption/Decryption Algorithms,IEEE,2010.
[12] Diaa Salama,Hatem Abdual Kader, and Mohiy
Hadhoud, Wireless Network Security Still Has no
Clothes,International Journal on Computer Science
and Engineering (IJCSE),Vol. 4 No. 05 May 2012.
[13] P. Ruangchaijatupon, P. Krishnamurthy,
Encryption and Power Consumption in Wireless
LANs-N, The Third IEEE Workshop on Wireless
LANs - September 27-28, 2001- Newton,
Massachusetts.
[14] Pratap Chnadra Mandal, Superiority of Blowfish
Algorithm,International Journal of Advenced
Research in Computer Science and Software
Engineering 2(9),September - 2012, pp. 196-201.
[15] R. Rivest, The MD5 Message-Digest
Algorithm,Network Working Group, 1992.
[16] Zhang Qing, Iterative Hashing Algorithm Base
on MD5, Journalon Computer Engineering,vol.37(18)
124-126,2011.
[17] A. A. Pamungkas, Implementasi Algoritma
Sistem Kriptografi MD5,SHA-1 dan RC4 pada
Aplikasi Mobile Internet Berbasis Java,Journal
Penelitian dan Pengembangan Telekomunikasi, vol.
11, no. 1, June 2006.
 2015 International Conference on Circuit, Power and Computing Technologies [ICCPCT]

[18] Zhang Shaolan, Xing Guobo, Yang Yixian,

Improvement to MD5 and Security Analysis, Journal
on Computer Application,vol.29(4):947- 949,2009.
[19] Anak Agung Putri Ratna and Ahmad Shaugi,
Analysis and Comparison of MD5 and SHA-1
Algorithm Implementation in Simple-O
Authentication based Security System,IEEE Quality
in Research 2013.
[20] Neetesh Saxena and Narendra S. Chaudhari,
EasySMS: A Protocol for End-to-End Secure
Transmission of SMS,IEEE Transactions on
Information Forensics and Security, Vol. 9, No. 7,
July 2014.

View publication stats