SECURE PROTOCOL FOR DELIVERY OF SMS BANKING SERVICES

Short Message Service (SMS) is increasingly being adopted and utilized in banking industry. However SMS does not guarantee confidentiality and integrity of message content, it was specifically intended for sending non-sensitive information in a GSM network. In the mobile communication systems, security offered by the network operator only applies on the wireless link; data delivered through the mobile core network may not be secured enough. Therefore end-to-end security mechanisms are required. The existing end-to-end security mechanisms are provided at application level and typically based on public key cryptosystem. The main concern in a public-key setting is the authenticity of the public key; this issue can be resolved by identity-based (ID-based) cryptography where the public key of a user can be derived from public information that uniquely identifies the user. This paper presents an encryption mechanism based on the ID-based scheme using Elliptic curves to provide end-to-end security for delivery of SMS-banking services. This mechanism has been implemented over the standard SMS network architecture and the Performance analysis showed that the encryption speed on the mobile device is faster than the duration of the transmission.