On the security verification of a short message service protocol
Jurcut, Anca Delia; Liyanage, Madhusanka; Chen, Jinyong; Gyorodi, Cornelia; He, Jingsha (2018-06-11)
A. Delia Jurcut, M. Liyanage, J. Chen, C. Gyorodi and J. He, "On the security verification of a short message service protocol," 2018 IEEE Wireless Communications and Networking Conference (WCNC), Barcelona, 2018, pp. 1-6. doi: 10.1109/WCNC.2018.8377349
© 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
https://rightsstatements.org/vocab/InC/1.0/
https://urn.fi/URN:NBN:fi-fe2019081524258
Tiivistelmä
Abstract
Short Message Service (SMS) is a text messaging service component of smart phones, web, or mobile communication systems which requires a high level of security to provide user authentication and data confidentiality. To provide such security features, a high security communication protocol for SMS, called Message Security Communication Protocol (MSCP) was proposed. In this paper, MSCP is formally analyzed using an automated logic-based verification tool with attack detection capabilities. The performed formal verification reveals that the proposed protocol is susceptible to parallel session and denial-of-service (DoS) attacks. The reasoning why these attacks are possible is detailed and an amended protocol is proposed to counter the identified attacks. Formal verification of the amended protocol provides confidence regarding the correctness and effectiveness of the proposed modifications.
Kokoelmat
- Avoin saatavuus [34589]