Open Access  Subscription or Fee Access

The Short Messaging Service (SMS) is global wireless service that is used to send and receive the messages over Global System for Mobile Communication (GSM).Short Message Service (SMS) has grown in popularity over the years and it has become a common way of communication. It is fastest way of communication around the world. SMS is usually used to transport unclassified information, but with the rise of mobile commerce it has become a popular tool for transmitting sensitive information between the business and its clients.SMS has become a mass communication tool and has been broadly used in mobile business applications. But the security issue of the SMS has often been considered as a crucial barrier to its application in many fields that need strong authentication and confidentiality, such as mobile-commerce. There is no built –in procedure to authenticate and offer security for text transmitted over GSM network. This paper describes all the existing security mechanisms in SMS and security shortfalls and various attacks on SMS in GSM networks which include Authentication, Encryption, Equipment Identification and Subscriber Identity Confidentiality, Denial of service Attacks, Brute force attack, Replay Attack and security measures to prevent GSM network from these attacks. Two Applications, MySecSMS (sms sender J2ME application) and SecSMS(sms receiver Android application) describes the SMS mechanism.

Short Message Service Security, Mobile Communication, Global System for Mobile Communication, Wireless Messaging API , Java 2 Micro Edition, Android.

Hammonnds, M. B. 2003. Spam – the meat of the problem. “Computer Law & Security Report “vol 19, issue 5, 388 – 391.

Brown, I., Cajee , Z., Davies, D., AND Stroebel, S. 2003.” Cell phone banking: predictors of adoption in South Africa – an exploratory study”. International Journal of Information Management, volume 23, issue 5, 381 – 394.

Lord, S. 2003. “Trouble at Telco: When GSM Goes Bad”. Network Security, issue 1, 10 – 12.

Zhang F, Yang HW, Song C (2005). “A security scheme of SMS system.” pp. 1333.

Hossain M, Jahan A, Hussain S, Amin MM, Newaz MR, Shah SH (2008). “A proposal for enhancing the security system of short message service in GSM”. pp. 235-240.

Croft NJ, Olivier MS. “Using an approximated one-time pad to secure short messaging service (SMS)”. In: Proceedings of African telecommunication networks and applications conference (SATNAC); 2005. p. 71–6.

G. Le Bodic, "Mobile Messaging Technologies and Services SMS, EMS” and MMS", 2nd ed. John Wiley & Sons Ltd, (2005).

(www.ericsson.com/support/telecom/part-d/d-6-4.shtml)

(www.ericsson.com/support/telecom/part-d/d-6-4.shtml

(www.gsmsecurity.com/faq.shtml)

Steve Lord,” X-Force Security Assessment Services, and Internet: Trouble at the Telco When GSM goes bad”. In Network Security, 2003(1):10 12, 2003

A. Biryukov, A. Shamir, D. Wagner, “Real Time Cryptanalysis of A5/1 on a PC”, 2000 http://cryptome.org/a51-bsw.htm. Accessed on: 13February 2007.

SMS Forum, “Short Message Peer-to-Peer Protocol Specification version” 5.0, http://www.smsforum.net.)

Wagner, D. “GSM Cloning”. Smartcard Developer Association and ISAAC security research group http://www.isaac.cs.berkeley.edu/isaac/gsm.html (1998); accessed 28 October 2006.

http://www.tech-faq.com/brute-force-attack.html

N.J Croft, M.S Olivier “A Silent SMS Denial of Service (DoS) Attack” Information and Computer Security Architectures (ICSA) Research Group South Africa

Sun Microsystems. J2ME devices [Online]. Available from: http://developers.sun.com/techtopics/mobility/device/device; 2005a[accessed 14.11.05].

Thomas Eisenbarth, Sandeep Kumar, Christof Paar and Axel Poschmann, Leif Uhsadel, A Survey of Lightweight-CryptographyImplementations, IEEE Design & Test of Computers, November- December 2007