SMSSec: An end-to-end protocol for secure SMS

Lo, Johnny Li-Chang; Bishop, Judith; Eloff, J. H. P.

doi:10.1016/j.cose.2008.05.003

Cited by 50 publications

(18 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Salah satu teknologi yang berkembang yakni aplikasi pesan singkat yang digunakan sebagai sarana komunikasi antar sistem untuk memfasilitasi kebutuhan suatu instansi terhadap client-nya, misal di dunia perbankan. Pesan singkat yang dilakukan antar pihak tersebut memang dilakukan secara langsung, namun terdapat tambahan proses yakni berupa pengamanan data untuk menghindari adanya kebocoran pada informasi yang seharusnya hanya diketahui oleh pihak yang diinginkan [1]. Informasiinformasi yang dilewatkan secara bebas, bisa berakibat dicuri oleh pihak tidak berkepentingan, terlebih informasi tersebut adalah sangat rahasia.…”

Section: Pendahuluanunclassified

“…Seperti dijelaskan di penelitian [1][3] bahwa terdapat tiga metode pengamanan yang dilakukan saat proses komunikasi data. Algoritma kriptografi asimetrik Rivest Shamir Adleman (RSA) dengan komputasi pembangkit bilangan primanya yang tangguh, komputasi kriptografi simetrik AES dengan kesederhanaan sistem dengan hasil cipher yang tangguh, dan kriptografi fungsi satu arah (hash) Secure Hash Algorithm (SHA) untuk dilibatkan dipertukaran kunci yang dilakukan [4].…”

Section: Pendahuluanunclassified

“…Hal tersebut dilakukan untuk menghitung waktu proses pencocokan nilai hash yang dihasilkan yakni sekitar lima detik. Data respon time pada simulasi diperoleh hasil yang lebih singkat dibanding dengan respon time dari sistem SMSSec yang disebutkan di [1] yang berkisar antara 20 detik < waktu (detik) < 60 detik setiap satu kali transaksi. Hal ini dikarenakan pada [1] menggunakan handshake yang lebih dari satu kali, yakni handshake pertama sampai ke-n dan disetiap handshake dilakukan komputasi ketiga kriptografi sehingga total waktu respon yang dibutuhkan pun bertambah.…”

Section: A Respon Timeunclassified

See 2 more Smart Citations

Inisialisasi Key Generating Kriptografi AES Pada Pendekatan Protokol SMSSEC

Sanjaya

2017

INFOTEL

View full text Add to dashboard Cite

Abstrak -Perkembangan teknologi di dunia internet tidak terlepas dari saling keterkaitannya dengan kriptografi yang menyediakan layanan dalam pengamanan data. Salah satu pengamanan data yang diperlukan yakni penyandian data dengan proses komputasi kriptografi yang digunakan saat berlangsungnya proses yang melibatkan data penting seperti pada transaksi perbankan, yakni pertukaran data rahasia yang dilakukan oleh seseorang untuk memudahkan atau memfasilitasi kegiatannya. Kebutuhan untuk kemudahan dalam akses ke data pribadinya di dunia perbankan seperti transaksi cek saldo atau transfer antar rekening sangatlah krusial dan perlu dijaga kerahasiaannya. Metode kriptografi klasik sudah tidak lagi mumpuni jika diterapkan untuk dijadikan salah satu solusi dalam pengamanan data transaksi tersebut. Oleh karena itu dalam penelitian ini, diusulkan suatu rancangan baru mengenai metode pengamanan data yang dapat digunakan pada aplikasi perbankan dengan biaya komputasi yang rendah. Adapun rancangan baru tersebut melibatkan pendekatan protokol SMSSecure yang di dalamnya menyertakan tiga tipe algoritma kriptografi. Pada penelitian ini juga dilakukan pembaharuan proses kriptografi simetrik Advanced Encryption Standard (AES) yakni pada inisialisasi pembuatan kunci enkripsi/dekripsi. Dari hasil simulasi pengujian diperoleh hasil bahwa performansi waktu proses komputasi dari usulan rancangan mencapai empat sampai lima belas kali jauh lebih cepat dibanding rancangan awal. Juga ada penghematan dari hasil analisis parameter konsumsi memory yang dibutuhkan selama satu kali transaksi yakni sekitar tiga kilo bytes. Namun, parameter avalanche effect yang dihasilkan jauh dari kriteria baik dan berada di nilai AE sebesar 78,74%.Kata kunci -kriptografi AES, konsumsi memory, protokol SMSSec, avalanche effect.Abstract -The growth of technology in internet is related to role of the cryptography which provides a service to secure the data exchanged each other. One of the methods for securing data needed is to have confidentiality, integrity and nonrepudiation which is able to be conducted using computation of cryptography. It is necessary to conduct the applied cryptography while exchanging secret data take places such as in banking, namely the data exchanging that people do to facilitate the activity. The needs of people to get facilitated while doing the private access into their account in banking such as transaction of checking the balance or to do transferring the number of money to other account have to be done in secured secret way. Meanwhile, the conventional of cryptography has to be improved to implement a secure transaction as one of solution to overcome this problem of data exchanging. Thus, in this research is proposed a new design concerning the method for securing the data which can be applied on banking application with minimum computation cost. As for the proposed design involves an approach of SMSSecure protocol which had been studied in previous research and it included three types of cryptography namely asymmetric, symmetric ...

show abstract

Section: Pendahuluanunclassified

Section: A Respon Timeunclassified

See 1 more Smart Citation

Inisialisasi Key Generating Kriptografi AES Pada Pendekatan Protokol SMSSEC

Sanjaya

2017

INFOTEL

View full text Add to dashboard Cite

show abstract

“…We implemented the system using the Java programming language and BouncyCastle library as the provider for the cryptographic functions. We choose this provider as it is commonly used to provide cryptographic functions like in existing research [27], [28], [29], [30]. As can be seen in Fig.…”

Section: Practical Approachmentioning

confidence: 99%

A distributed authentication architecture and protocol

2017

View full text Add to dashboard Cite

Original scientific paper Most user authentication methods rely on a single verifier being stored at a central location within the information system. Such information storage presents a single point of compromise from a security perspective. If this system is compromised it poses a direct threat to users' digital identities if the verifier can be extracted from the system. This paper proposes a distributed authentication environment in which there is no such single point of compromise. We propose an architecture that does not rely on a single verifier to authenticate users, but rather a distributed authentication architecture where several authentication servers are used to authenticate a user. We consider an authentication environment in which the user authentication process is distributed among independent servers. Each server independently performs its own authentication of the user, for example by asking the user to complete a challenge in order to prove his claim to a digital identity. The proposed architecture allows each server to use any authentication factor. We provide a security analysis of the proposed architecture and protocol, which shows they are secure against the attacks chosen in the analysis. Keywords: authentication factors; digital identity; distributed authentication architecture; distributed authentication protocol; distributed user authentication Arhitektura i protokol za raspodijeljenu autentifikaciju korisnikaIzvorni znanstveni članak Većina metoda autentifikacije korisnika oslanjaju se na jedan verifikator koji se pohranjuje na središnjem mjestu unutar informacijskog sustava. Takva pohrana osjetljivih informacija predstavlja jedinstvenu točku ispada iz sigurnosne perspektive. Kompromitacija verifikatora jednog sustava predstavlja izravnu prijetnju korisnikovom digitalnom identitetu. U radu se predlaže raspodijeljeno okruženje za autentifikaciju u kojem ne postoji takva točka ispada. Rad opisuje arhitekturu koja omogućuje raspodijeljenu autentifikaciju korisnika u kojoj više autentifikacijskih poslužitelja sudjeluju u provjeri autentičnosti korisnika. Razmatra se autentifikacijsko okruženje u kojem se proces autentifikacije korisnika raspodjeljuje na više nezavisnih poslužitelja. Svaki poslužitelj samostalno obavlja autentifikaciju korisnika, na primjer tražeći od korisnika da odgovori na izazov kako bi dokazao da je vlasnik digitalnog identiteta. Predložena arhitektura omogućuje svakom poslužitelju da koristi drugi autentifikacijski faktor. Provedena je sigurnosna analiza predložene arhitekture i protokola, čime se dokazuje otpornost sustava od napada odabranih u analizi.Ključne riječi: autentifikacijski faktori; digitalni identitet; raspodijeljena autentifikacija korisnika; raspodijeljeni autentifikacijski protokol; raspodijeljena arhitektura za autentifikaciju

show abstract

“…In this application SMS is send from one mobile to another mobile with high speed and the efficiency is also very high. The new protocol is used in this application [12]. Using Advanced Encryption Standard algorithm an author develop an application to secure the data between two communicating users.…”

Section: B Advanced Encryption Standard Algorithm(aes)mentioning

confidence: 99%

An Overview of Real Time Secure SMS Transmission

Rautkar¹,

Prasad²

2015

International Journal of Advanced Research in Computer and Comm

View full text Add to dashboard Cite

There are so much daily routine application where the SMS is being used including medical purpose, banking purpose and any other mobile purpose. Forwarding an SMS is one of the cheapest, fastest and simple method. When we delegates message from one cell phone to another cell phone, the data contained in the message transmit as a vanilla text (unencrypted text). Consistently this data contained in the message may be arcane (private) like bank account number, identification key, and license number and so on, and it is an extreme trouble to transfer such data through message until the traditional message courtesy dose not supply (give) encryption to the data contained in the SMS before its transmission.

show abstract

SMSSec: An end-to-end protocol for secure SMS

Cited by 50 publications

References 10 publications

Inisialisasi Key Generating Kriptografi AES Pada Pendekatan Protokol SMSSEC

Inisialisasi Key Generating Kriptografi AES Pada Pendekatan Protokol SMSSEC

A distributed authentication architecture and protocol

An Overview of Real Time Secure SMS Transmission

Contact Info

Product

Resources

About