With rapid growth of telecommunications networks and consequently popularity of mobile phones; the use of relatively cheap SMS service has grown dramatically as a tool for communication, advertising, business, news, …. One point to which less attention has gone is the security of this useful tool. Although, GSM network can encode SMS during their transmission over air channel and the very service is mostly active, but – regardless of weakness of used encryption algorithm- they are transferred in other parts of the network, including SMS Center telecom operators, in form of revealed ones. So, unauthorized individuals can access to messages through the acquisition of the mobile phone or stored messages in SMS center. SIMA system is a product which provides secure send/receive service of SMS between a center and number of users. Different organizations can use this product to launch central system of secure SMS send/receive. This system provides accuracy and confidentiality services of transferred SMS based on symmetric encryption method. Implementation of SIMA secure SMS distribution system is shown in the following figure:
As above figure shows, this system is made from following main components:
A) SIMA service provider software: This software installs in a PC with Windows OS and is responsible to distribute SMS. A database was used in SIMA service provider software to maintain users’ information (such as phone numbers and group) as well as received messages. At first, system operator starts to define groups and users in SIMA provider service and determines each user’s encryption key (as a file). This key file is stored in software’s database. During encryption operation, cipher key is chosen randomly from the key file. This system structure is as follow: SIMA service provider software decodes received message (if it was encoded) by using sent key file and saves it. Also, operator can send its desired messages to users or groups in form of encrypted or revealed ones. To save sensitive information of database (such as key files) safely, a hardware security module called KeyA (a product of Payam Pardaz Co.) is sued in server.
B) GSM Modem: this modem in which a SIM card is placed is responsible to send / receive SMS to/from GSM network.
C) SIMA software (in user side): This software is responsible to make SMS safe in cell phones. SIMA software encodes SMS during send process by using key file which was saved before in cell phone, and then decodes it during receiving. This software is provided for smart phone which has Mobile Windows or Symbian.
- Securing SMS and providing accuracy and confidentiality services
- Distinguishing any manipulation in SMS content
- Private cipher algorithm with 256-bit key length (it can be ordered by customer)
- Using automatic key (based on key file)
- The ability to transfer multi-sectoral SMS
- Compressing messages’ content (to scrounge about number of sent SMS)
- The ability to send and receive SMS in Persian.
Features of SIMA service provider
- To be executable on Windows
- To send/receive SMS securely or as a revealed one
- To send bulk SMS
- To search in received SMS
- To have phone book
- To use Templates for SMS
- To mark read messages
- To schedule messages to send in the future
- To define user groups and manage groups
- To back up information
- To have tracking service of delivery status of sent SMS
- To report received SMS list with the ability to categorize based on the receive date and name of the sender and the ability to export to Excel, Word and PDF
- To protect sensitive information of database by using KeyA security module
Features of SIMA program (user side)
- To be able to install on cell phones which support Symbian and mobile windows OS
- To send/receive SMS securely
- To save SMS safely in cell phone
- To confirm user authentication to login to program by password
- To report the time of SMS encoding to user during decoding to prevent replay attacks