Authenticated and Secure End-To-End Communication Channel Using SMS Messages

One of the key issues of modern cryptography is the problem of establishing a secure end-to-end communication over an insecure communication channel. Short Message Service (SMS) is a hugely popular and easily adopted communications technology for mobile devices. Users conduct business, disclose passwords and receive sensitive notification reports from systems using this communication technology. SMSs by default are sent in clear text form within the serving GSM (Global System for Mobile communications) network, Over The Air (OTA), and potentially over the public Internet in a predictable format. This allows anyone accessing the GSM system to read, and or modify the SMS content even on the fly. In this paper, we present an approach mainly consists of two steps, first, SHA-1 authentication is used to generate a message digest that is combined with previous message digest and a shared secret key to form an initial key stream. Secondly, this key will be used as input to a mathematical equation derived in prefix notation from randomly selected set of operators and functions supported by the software platform extracted from special table. The final key stream is the output of this equation which is Abdullah A. Abdullah 210 a one time pad to encrypt the original message text. Lastly, encrypted SMS message will be sent and a randomized operation will be then applied to that table. A one-time pad, considered to be the only perfectly secure cryptosystem, secures an SMS message for transport over any medium between a mobile device and the serving GSM network and through it too.


I. INTRODUCTION
The Global System for Mobile communications (GSM) is a popular digital circuit switched network [10].GSM is a common telecommunications standard originally issued by the European Telecommunications Standards Institute (ETSI) [19].GSM provides recommendations, not requirements.The GSM specifications define the functions and interface requirements in detail but do not address the hardware.The reason for this is to limit the designers as little as possible but still to make it possible for the operators to buy equipment from different suppliers.
The initial Short Message Service (SMS) standard was first discussed in the early 1980s but the world's first commercial SMS service was not introduced until 1992.SMS was created as part of Phase I of the GSM standard.SMS is widely adopted with approximately 1 billion SMS messages sent every day worldwide [18].The SMS message, as specified by the ETSI organization in documents GSM 03.40 [19] and GSM 03.38 [4], can be up to 160 characters long, where each character is 7 bits according to the 7-bit default alphabet.Eight-bit messages (max 140 characters) are usually not viewable by the phones as text messages; instead they are used for data in e.g.smart messaging (images and ringing tones) and Over The Air (OTA) provisioning of Wireless Application Protocol (WAP) settings .16-bit messages (max 70 characters) are used for Unicode (UCS2) text messages, viewable by most phones.A 16-bit text message will on some phones appear as a Flash SMS (aka blinking SMS or alert SMS).The Short Message Peer-To-Peer Protocol (SMPP) [20], is a telecommunications industry protocol for exchanging SMS messages between SMS peer entities such as short message service centers (SMSCs).
SMS makes use of the Mobile Application Part (MAP) [6], which defines methods and mechanisms of communication in wireless networks between peer entities.However, MAP is an unencrypted protocol allowing anyone with access to the signaling system the ability to read and or modify SMS messages.With an increase of SMS messages being used to communicate sensitive information, such as banking information, and now also being used in search queries [9], the need arises to find a solution to ensure these SMS messages are secure and the content remains private.
A one-time pad [6] is a very simple yet completely unbreakable symmetric cipher where the same key is used for encryption and decryption of a message.To use a onetime pad, you need two copies of a "pad" or key which is a block of truly random data.
To encrypt a message each bit of each letter in the plaintext is combined with the corresponding letter's bit in the pad in sequence using a transformation called the bitwise exclusive or (XOR).If the key is truly random, an XOR-based one-time pad is perfectly secure against cipher text cryptanalysis.A pad is only used once and discarded, hence the name one-time pad.
In this paper we provide a solution to the SMS security problem.Our approach is to secure an SMS message using mixture of shared secret information and a couple of authenticated message digests of current and previous messages sent over the channel between both parties.

II. BACKGROUND A. GSM Architecture
The GSM system has two major components: the fixed installed infrastructure (network) and the Mobile Station (MS) [5] [21].Mobile users make use of the serving GSM network's services by communicating over a radio interface.Figure 1 illustrates GSM architecture.
The Mobile Station (MS) is the mobile phone or GSM compliant device.The Base Transceiver Station (BTS) is a radio tower or pico (single) cell with which the Mobile Station communicates.The Base Station Controller (BSC) acts as a common node between multiple BTSs and the network's backbone.The Mobile Switching Centre (MSC) performs the switching functions of the network.The MSC has an interface to one or more BSCs and to external networks.Several databases are available for control and network management.

B. SHORT MESSAGE SERVICE
Short Message Service (SMS), is characterized by an out-of-band packet delivery and low-bandwidth message transfer, which results in a highly efficient means for transmitting short bursts of data.SMS works on a store-and-forward basis and when received, is stored on the SIM card or on the MS's internal store.An SMS is transferred in a connectionless packet mode over the signaling channel of the serving GSM network.Once a message is sent, it is received by a SMSC (refer to Figure 1), which must then get it to the appropriate recipient mobile device via the MSC [9].SMS messages travel between several network nodes before being delivered.We now describe the process flow when an SMS message is sent from one sender MS to a recipient MS.
1) The SMS message is submitted from the sender MS to the SMSC 2) After the message is processed at the SMSC, it sends a request to the HLR and receives routing information for the recipient MS 3) The SMSC sends the SMS to the MSC 4) The MSC retrieves the recipient's information from the VLR.This may include an authentication operation between the MSC and VLR 5) The MSC forwards the message to the recipient MS 6) If delivered successfully, the SMS is stored on the recipient MS's SIM card under USER-DATA 7) The MSC returns to the SMSC the outcome of the SMS delivery status 8) If requested by the sending MS, the SMSC reports delivery status of the SMS back to the sender

III. Security of SMS communication
A. Network vulnerabilities identification and analysis SMS messages are delivered in a best effort manner to other cellular telephone users asynchronously through the cellular network.These networks operate separately from the internet and are sometimes considered to be more secure, accessible and less open to misuse (such as spam).However the GSM network does not provide important security services such as mutual authentication, end-to-end security, non-repudiation or user anonymity [16].
Many users are used to SMS messaging so much that they prefer it to voice calls.It is important to realize the fact that SMS messaging -though attractive -introduces security problems for both parties of communication, especially if it is used for exchange of sensitive information, which should not be available to third parties.In this section we present the vulnerabilities identified in [11] that occurs within a mobile environment.Let us review some of the risks.

Easy interception of SMS messages:
SMS messages can be intercepted (wiretapped) very easily.Costs of wiretaps are lower than in voice communication.For an operator, it is easy to scan all SMS going through their network for keywords, which is often really done.Also wiretap devices can be bought on black market from many corporations and private detectives.

Capturing and Modifying of data during OTA transmission
SMS messages are sent across the air interface between the MS and BSS.In most GSM networks all traffic (digitized voice and data) and signaling data sent across this air interface is encrypted optionally, using one of two GSM-specific algorithms known as A5/1 or A5/2.The A5 algorithm is a symmetric cipher.Biryukov, Shamir and Wagner [1] demonstrated that the secret key could be cracked in minutes, rendering A5/1 only to counter casual eavesdropper and A5/2 completely insecure.

Compromise of text due to users' error:
SMS is more persistent than a call.So, if you forget to delete an incoming or outgoing SMS, it will be present in your phone until you delete it finally.Now, if you leave your phone for a few minutes, anyone can look into your SMS list and read the secrets.This, of course, also concerns situations when your phone is stolen.

Long lifetime
SMS are very small in size, and therefore can be stored easily.Currently, when a gigabyte of storage capacity costs less than $1, the possibility of long-term archivation is clear.So, some people could have access to a long history of your SMS communication.

Danger of message modification
SMS message, going through operator's network in plaintext, can be not only intercepted, but also modified.For example, identity of the sender can be altered, or the text changed.One can never be sure, whether a normal SMS has been received in the same form as it has been sent, and who is the real author.The network acts as a black-box to both parties of communication.

SMS Spoofing to the MS or AS
The possibility exists that an attacker manages to inject SMS messages into the messaging network with a 'spoofed' originator IDs.The attack can be applied in both ways by impersonating the AS for a legitimate MS or impersonating the MS for a legitimate AS.With the former case, the possibility of spoofing is very high as it is possible to send SMS message from the internet with the correct headers, without the recipient being able to detect that it comes from the internet.Also the mobile service provider is able to change the originator ID.
In the latter case, the possibility of spoofing is also high; however the attacker is required to know the authenticating information of the user.This depends on how the SMS service is implemented.If the attacker can manage to spoof an SMS message, fraudulent transactions can be conducted.

B. Features of real SMS protection: must fulfill the following requirement [8]: 1. Security against eavesdropping
Messages between two users are encrypted and a key derived from a hybrid security information.An adversary which monitors the communication seems only a senseless sequence of binary data, and is unable to decrypt them without knowledge of having previous message and the secret password.Also, the keys (passwords) can be changed very easily, when the two sides agree upon new ones.

Protection of integrity of messages
Any encrypted message exchanged between two end users includes a special security code (MD) based on SHA-1 standard.This code prevents anyone in the network from altering contents of the message.If a single bit is changed, the message's code will not match anymore and the receiving user will be notified about decryption failure.

Prevention of impersonation attacks
Successful decryption of a received message is also a proof of the fact that the sending person has the correct key.Without knowledge of the key, the adversary is unable to generate a message which would decrypt into correct text on the receiving side.Therefore, the fact that a message has been really sent by its author, is ensured.

Protection of saved messages from reading
All received and sent messages of our proposed system, which are saved into the phone, are protected by encryption, with use of SHA-1 and our MOF encryption method.At each start, the system asks for the, main application password.Without it, it cannot decrypt the data correctly.Any adversary which gets access to your saved data will need to guess the correct password as well.In case of a good password, checking of all possibilities will takes long time.

IV. CRYPTOSYSTEMS: Secure Hash Function
And One-Time Pad A cryptosystem is a mechanism that allows two or more users to communicate in a secure manner, that is nobody but these users must be able to learn the content of the communication message.Every message, denoted by m, is subject to an encryption operation, denoted by E. The encrypted message is often referred to as cipher text.In order to recover the original message from a given cipher text a decryption operation, denoted by D is performed [13].
A hash function H is a transformation that maps an arbitrary length message M to a fixed length message digest (MD), often referred to as the hash value or MD = H(M).The basic properties of a hash function are: • The description of H( ) is publicly known with no hidden information • H(M) is relatively easy to compute for any given x • H(M) is one-way meaning its difficult to invert such that given MD, it is hard to find a message M where H(M) = MD, and given M and H(M), it is hard to find a message M' (≠M) such that H(M') = H(M) SHA-1 [14] algorithm is a popular algorithm for generating cryptographic hash functions.SHA-1, considered the successor to MD5 [17], produces 160-bit output while MD5 produces 128-bit output.
A perfect, or unconditionally secure cryptosystem, is an encryption technique that can not be broken even if unlimited time and computational power were present.A common example of a perfect cryptosystem is the Vernam cipher, often referred to as one-time pad.At a character-level, all the bits in the first letter of the message m are XORed with all the bits in the first letter of the key k.This produces a binary pattern of the encrypted letter [15].The one-time pad has the following requirements, namely: • Each key k is used only once • The key k used to encrypt a message m is at least as long as m, that is length(k) ≥ length(m) • Each key k is random and unpredictable If these requirements are satisfied, the one-time pad is an unconditionally secure cryptosystem.However, the one-time pad has some associated difficulties in its practical implementation.These include the fact that a new truly random secret key must be issued prior to every communication and must be significantly long for large messages.Again, once a key is generated it must be distributed between the communicating parties.This aspect is commonly referred to as the key distribution problem, as the key k used in the encrypting and decrypting of messages m must only be shared between the communicating parties.

V. PRACTICAL
The main goal of this work is to create a safe communication channel between two parties through unauthenticated and insecure environment (i.e.SMS messages), which can then be sent over mobile networks.Due to the limited capabilities of the mobile phone in processing speed, memory size and SMS small size (140 byte), so the proposed algorithm should be suitable to these mentioned constraints.

A. SHA authenticates SMS message:
SHA-1 hash algorithm from variable length input produces 160-bit output.The idea of using SHA-1 algorithm to authenticate SMS messages is really simple, the message plain text which is entered from user will be considered as input to SHA-1 algorithm in order to produce 160-bit message digest which we call CMD (Current Message Digest).This message digest then will be stored in front of message text (i.e.resides in first 20 bytes of the message).After that the user should select an integer value that indicates the complexity of ciphering equation which we call OFTD (Operators and Functions Tree Depth) explained later, this means that the first 21 bytes is allocated to message header.From section I, we recall that an SMS User Data (the message) is 140 bytes long.The message body thus contains 1120 bits (140 x 8) of data which exists in clear text form.For example if message body was full (i.e.140 byte) in length, then 119 bytes will be only specialized for actual plain text storage.
An important thing to notice, that is where CMD is the output of the SHA-1 hash for input M. The CMD is insufficient for a strong cryptosystem, so with addition of PMD (Previous Message Digest) and SSK (Shared Secret Key) which is only known by the two parties; the probability of an interception from an eavesdropper is minimal.

B. Encryption using Mathematical Prefix Equation (MPEQ):
A perfect, or unconditionally secure cryptosystem, is an encryption technique that can not be broken even if unlimited time and computational power were present.So our proposed encryption will depend on using a mixture of symmetric cipher features (i.e.SSK) and employing message authentication process with a time-differ message digests (i.e.PMD and CMD).Finally cipher key is generated by a mathematical equation derived in a randomized style as follows.

Cipher Key Generation
For the simple reason that one time pads require the key k used to encrypt a message m to be at least as long as m, we propose a two step process of generating the cipher key satisfying this condition in order to be finally XORed with original message text:  b.The selected set of mathematical operators and functions is then used to form a mathematical equation represented in prefix expression notation and all the needed arguments will be inserted for expression completeness.Then the input x is equaled to IKS stream to generate the final key stream FKS which is then XORed with the original text to produce the cipher text message.For example if OFTD = 5 then set of equations is {% , cos , + , log , sin} Figure 3, shows the complete mathematical encryption equation in prefix notation after inserting the needed arguments with consideration of binary or unary types, so the final equation will be as follows: Y(x) = %(cos(+ (log(sin( x )), x)), x) , where x = IKS.
This means that every byte value of IKS will be applied to five operations in order to generate the corresponding encryption key value that is used to encrypt the corresponding original message byte value.
Now we can summarize our proposed encryption process as in the following notation:

C. Re-indexing MOFT:
In order to support one time pad feature, the last step of our proposed algorithm is to re-index the mathematical operators and functions table to prepare it to next message ciphering process.The re-indexing schema is to be applied using shifting technique by considering the OFTD value as index of the new first record in this table as in Figure 4.This step participates in randomizing the cipher key stream which will be used in the encryption process for the next SMS message, and ensuring that next encryption parameters will defer even if same SMS message was sent again, therefore security level will increase.

D. Proposed Sending algorithm
The algorithm as in Figure 5 begins by reading the user SMS message that is entered by the user.The byte stream of message plain text then used as an input to the SHA-1 method in order to obtain a message digest ( CMD ,160 bit or 20 byte), after that the initial cipher key will be formed from three parts: previous message digest, current message digest and shared secrete key.
Our proposed encryption method depends on a cipher key stream generated as output of randomly-formed mathematical equation to be XORed with the original plain text stream producing the final cipher text message.So, before the encryption process started, a mathematical equation should be produced.This process is performed as follows, firstly OFTD value is used to specify the indices from IKS beginning stream to select the mathematical operators and functions in order to form a mathematical prefix equation.After that needed operands are inserted to form a true prefix style equation, secondly, IKS is sent as input to this equation and the output is the final cipher key stream which will be XORed with the original plain text of SMS message to produce the ciphered SMS message to send it.
In order to strength the security and to support the one-time property of the cipher key stream which will be used in the encryption process for the next SMS message, so the final step is re-indexing MOFT table using OFTD value as a transposition key in order to randomize this table.This process ensures that next encryption parameters will defer even if same SM message was sent again.

1 .
Initialize Key Stream (IKS): which consist of multiples of 400 bit or 50 byte repeated stream consist of previous message digest (160 bit), current message digest (160 bit) and shared secret key (80 bit) such that: IKS = (k 1 , k 2 , k 3 , …, k i ) where k 1 = k 2 = k 3 … The count of ki depends on the length of original message text as illustrated below
Final Key Stream (FKS):This process involves applying a set of mathematical operators and functions that supported by software platform which applied in, this set is to be selected in random fashion to ensure the one time aspect for the final cipher key as follows: a.The first n bytes of IKS is considered as indices in a Mathematical Operators and Functions Table (MOFT) to select the corresponding set of operators and functions as in Figure2, our table size was 16 record so each byte value must be a module to base 16 in order to prepare right indices values.The value of n is equal to the value of the first byte before the original message text portion started which we call operators and functions tree depth OFTD (i.e.byte no.21) which is selected by sender.