| Abstract: | With the rapid development of mobile communication technology, mobile subscribers can send multiple messages such as text, picture, and video, etc., besides simply through voice in the past. They can also obtain information about finance, sports, local or international news as they need and have prompt supplementary and value-added services. In addition, short message service is the most popular among subscribers and brings lots of profits to each carrier.
Although carriers provide encrypted protocols to short message service during its transmission, these still not belong to end-to-end encryption. Hence, plaintext are still exposed to the carriers. If they don’t have an effective safety mechanism, then short message service could be stolen by anyone who attempts to. With this unsolved drawback, many researchers brought up different end-to-end encryption protocols about short message service in order to provide extra protection and relieve customer’s concern.
The current end-to-end safe short message service protocols integrate public key cryptosystem with symmetric encryption algorithm to against illegal access. However, the biggest challenge in adopting public key is verification. Although the popular solution is using certificate to assure the correctness of public key, it adds burdens to storage, communication, and computation during verifying process. It becomes serious issue to limited resource of mobile communication device without doubt.
Therefore, this research provides two kinds of end-to-end encryption protocols about short message service. The Scheme 1 applies QR-Code and one-way hash function to send the short message service securely. It is completely different from the traditional public key cryptosystem and upgrade operation efficiency substantially.
In Scheme 1, senders and receivers must accomplish key exchange beforehand, thus, it restricts part of its application. For this reason, the concept of the self-certified public key cryptosystem is introduced in Scheme 2. It not only can solve the problems of key exchange successfully, but also can further derive the benefits inherited from self-certified public key system, such as verifying public key without certificate and reducing storage, communication, and computation costs. |
