Figure 8 Security Comparison of C&A and CAN Models
Related Figures (11)
Fig. 1: Key Transport using Identity Based Encryption PKG and the private key generated as a result is sent to the requesting user over the secure channel. The receiver then executes the decrypt algorithm to unwrap the keying material using its private key. Following successful key transport, both sender and receiver can engage in secure SMS communication. Fig. 3: C&A Model - Sender Side PMIV and four byte Message Code (MC) (?7EAM) are then concatenated with the encrypted message. Message Authenti- cation Code (MAC) of this concatenated value is calculated using HMAC-256 and 256-bit Symmetric Authentication Key (SAcK) from the SKDB. 32 Most Significant Bits (MSB) of MAC are also appended with the MC, PMIV and the encrypted SMS before transmitting to the GSM Network. The MAC value provides the origin authentication as well as message integrity. The original SMS text is also encrypted using Symmetric Authorization Key (SAzK) and the IV. SAzK is generated from the sender’s password and salt (MSISDN) value according to PKCS#5 [23]. The 128-bit IV is formed by zero padding the MSISDN which has a maximum length of 15 digits. The encrypted SMS is stored in the secure message database (SMDB) as a sent item to provide security at rest. The process flow at the sender side can be seen in Fig. 3. Fig. 4: C&A Model - Receiver Side The decrypted text is again encrypted using SAzK of receiver and stored in SMDB as an inbox item. The flow at the receiver side is shown in Fig. 6. Fig. 6: CAN Model - Receiver Side Fig. 5: CAN Model - Sender Side TABLE III: Secret Key Database (SKDB) 5) Key Zeroization: All the secret keys once used, must be zeroized. The variables holding the secret keys are overwritten with zeros to wipe the parameters temporarily stored in Ran- dom Access Memory (RAM). Zeroization of each key shall 4) Key Storage: The identity based public parameters and PbSKs are stored in plain. PrSK and PrKTK are wrapped according to [32]. SDEK and SAcK are stored in SKDB in encrypted form using SAzK. The structure of SKDB and PKDB is shown in Table III and IV. 2) Key Generation: SDEKs and SAcKs are generated according to National Institute of Standards and Technology (NIST) Special Publication SP800- encryption, public key is calculated the public parameters taken from 33 [30].For identity based by the sender itself using the PKG whereas private key is acquired from the PKG over a secure channel [22]. For DSA, domain parameters and public private key pairs (2048,256) are generated according to Federal Information Processing Standards (FIPS) 186-4 [28]. It should be noted that the domain parameters are common for all mobile users where as public/private signature key pairs are generated by each user individually. The SAzKs are generated using the password provided by the user and salt(MSISDN) according to [23]. 1) Key Types: Five different types of keys are used for providing end-to-end security in SMS communication. All these key types are named according to [29]. A summary of which is shown in Table II. Fig. 7: Key Establishment Fig. 9: Performance Comparison of C&A and CAN Models
![Fig. 3: C&A Model - Sender Side PMIV and four byte Message Code (MC) (?7EAM) are then concatenated with the encrypted message. Message Authenti- cation Code (MAC) of this concatenated value is calculated using HMAC-256 and 256-bit Symmetric Authentication Key (SAcK) from the SKDB. 32 Most Significant Bits (MSB) of MAC are also appended with the MC, PMIV and the encrypted SMS before transmitting to the GSM Network. The MAC value provides the origin authentication as well as message integrity. The original SMS text is also encrypted using Symmetric Authorization Key (SAzK) and the IV. SAzK is generated from the sender’s password and salt (MSISDN) value according to PKCS#5 [23]. The 128-bit IV is formed by zero padding the MSISDN which has a maximum length of 15 digits. The encrypted SMS is stored in the secure message database (SMDB) as a sent item to provide security at rest. The process flow at the sender side can be seen in Fig. 3.](https://figures.academia-assets.com/49026928/figure_003.jpg)
![TABLE III: Secret Key Database (SKDB) 5) Key Zeroization: All the secret keys once used, must be zeroized. The variables holding the secret keys are overwritten with zeros to wipe the parameters temporarily stored in Ran- dom Access Memory (RAM). Zeroization of each key shall 4) Key Storage: The identity based public parameters and PbSKs are stored in plain. PrSK and PrKTK are wrapped according to [32]. SDEK and SAcK are stored in SKDB in encrypted form using SAzK. The structure of SKDB and PKDB is shown in Table III and IV.](https://figures.academia-assets.com/49026928/table_001.jpg)
![2) Key Generation: SDEKs and SAcKs are generated according to National Institute of Standards and Technology (NIST) Special Publication SP800- encryption, public key is calculated the public parameters taken from 33 [30].For identity based by the sender itself using the PKG whereas private key is acquired from the PKG over a secure channel [22]. For DSA, domain parameters and public private key pairs (2048,256) are generated according to Federal Information Processing Standards (FIPS) 186-4 [28]. It should be noted that the domain parameters are common for all mobile users where as public/private signature key pairs are generated by each user individually. The SAzKs are generated using the password provided by the user and salt(MSISDN) according to [23]. 1) Key Types: Five different types of keys are used for providing end-to-end security in SMS communication. All these key types are named according to [29]. A summary of which is shown in Table II.](https://figures.academia-assets.com/49026928/figure_008.jpg)
