BVPSMS: A Batch Verification Protocol for End-to-End Secure SMS for Mobile Users

Abstract

Short Message Service (SMS) is a widely used communication medium for mobile applications, such as banking, social networking, and e-commerce. Applications of SMS services also include real-time broadcasting messages, such as notification of natural disasters and terrorist attacks, and sharing the current whereabouts to other users, such as notifying urgent business meeting information, transmitting quick information in the battlefield to multiple users, notifying current location to our friends, and sharing market information. However, traditional SMS is not designed with security in mind (e.g. messages are not securely sent). In this paper, we introduce a batch verification Authentication and Key Agreement (AKA) protocol, BVPSMS, which provides end-to-end message security over an insecure communication channel between different Mobile Subscribers (MSs). Specifically, the proposed protocol securely transmits SMS from one MS to multiple MS simultaneously. We then evaluate the performance of the BVPSMS protocol in terms of communication and computation overheads, protocol execution time, and batch and re-batch verification times. The impacts of the user mobility, and the time, space, and cost complexity analysis are also discussed. We present a formal proof of the proposed protocol. To the best of our knowledge, this is the first provably-secure batch verification AKA protocol, which provides end-to-end security to the SMS using symmetric keys