Advertisement

Harnessing Electronic Signatures to Improve the Security of SMS-Based Services

  • Thomas Zefferer
  • Arne Tauber
  • Bernd Zwattendorfer
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 140)

Abstract

Powered by the emergence of information and communication technologies, governments and public administrations are nowadays offering online services to facilitate the execution of governmental procedures. Citizens, businesses, and even governments themselves benefit from greater flexibility and cost efficiency of such e-Government services. Recently, the increased mobility of citizens and the growing popularity of mobile communication technologies has raised the need for mobile governmental services. Such services have become known under the term m-Government. Interestingly, most m-Government services still rely on SMS technology. Reasons for that are the simplicity, inexpensiveness and wide support of this technology. Despite these various advantages, a lack of supported security features usually hinders SMS to be used in transactional m-Government services, as these services have higher security requirements. To bypass this issue, we propose a method to enhance SMS-based m-Government services by means of electronic signatures. Our solution allows citizens to generate, electronically sign, and deliver electronic documents by sending well-defined SMS messages. We demonstrate the practical applicability of our approach by means of a prototypical implementation. A detailed discussion of different security aspects of our solution concludes this contribution.

Keywords

SMS m-Government Electronic signatures SMS based services Austrian Mobile-Phone signature Security analysis 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Leitold, H., Hollosi, A., Posch, R.: Security Architecture of the Austrian Citizen Card Concept. In: Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC 2002). IEEE Computer Society (2002)Google Scholar
  2. 2.
    Orthacker, C., Centner, M., Kittl, C.: Qualified Mobile Server Signature. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IFIP AICT, vol. 330, pp. 103–111. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  3. 3.
    European Union: Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal of the European Communities (1999)Google Scholar
  4. 4.
    Posch, K.C., Posch, R., Tauber, A., Zefferer, T., Zwattendorfer, B.: Secure and Privacy-Preserving eGovernment—Best Practice Austria. In: Calude, C.S., Rozenberg, G., Salomaa, A. (eds.) Rainbow of Computer Science. LNCS, vol. 6570, pp. 259–269. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Mobi Solutions Ltd.: Mobile Government: 2010 and Beyond (2010)Google Scholar
  6. 6.
    Zefferer, T.: Mobile Government - E-Government for Mobile Societies (2011), http://www.a-sit.at/pdfs/Technologiebeobachtung/mobile_government_1.0.pdf
  7. 7.
    MBAONLINE: Planet Text - How SMS Messaging is Changing the World (2011), http://www.mbaonline.com/planet-text/
  8. 8.
    EGov-Labs: PDF-AS (2012), http://egovlabs.gv.at/projects/pdf-as/
  9. 9.
    Barkan, E., Biham, E., Keller, N.: Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication. J. Cryptol. 21, 392–429 (2008)MathSciNetMATHCrossRefGoogle Scholar
  10. 10.
    Lisonek, D., Drahansk, M.: SMS Encryption for Mobile Communication. In: International Conference on Security Technology, pp. 198–201. IEEE Computer Society (2008)Google Scholar
  11. 11.
    Anuar, N.B., Kuen, L.N., Zakaria, O., Gani, A., Wahab, A.W.A.: GSM mobile SMS/MMS using public key infrastructure: m-PKI. W. Trans. on Comp. 7, 1219–1229 (2008)Google Scholar
  12. 12.
    Al-bakri, S., Kiah, M.: A novel peer-to-peer SMS security solution using a hybrid technique of NTRU and AES-Rijndael. Scientific Research and Essays 5(22), 3455–3466 (2010)Google Scholar
  13. 13.
    Medani, A., Gani, A., Zakaria, O., Zaidan, A.A., Zaidan, B.B.: Review of mobile short message service security issues and techniques towards the solution. Scientific Research and Essays 6(6), 1147–1165 (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Thomas Zefferer
    • 1
  • Arne Tauber
    • 1
  • Bernd Zwattendorfer
    • 1
  1. 1.Institute for Applied Information Processing and CommunicationsGraz University of TechnologyGrazAustria

Personalised recommendations