Securing Instant Messaging Communications Using Limited-Used Session Keys

Main Article Content

Supakorn Kungpisdan


- Instant Messaging (or IM for short) is becoming one of the most popular applications on the Internet. Individuals can communicate instantly through a user-friendly graphical user interface over fixed and wireless devices. However, several security issues occur, majorly privacy and authentication. A number of secure IM protocols have been proposed, but they still lack of necessary security properties and acceptable performance. In this paper, we introduce a new secure instant messaging protocol that not only satisfies necessary security properties. Moreover, our analysis shows that the proposed protocol has better transaction performance than existing protocols.

Article Details

How to Cite
S. Kungpisdan, “Securing Instant Messaging Communications Using Limited-Used Session Keys”, JIST, vol. 1, no. 1, pp. 23–29, Jun. 2010.
Research Article: Soft Computing (Detail in Scope of Journal)


1. Wireshark,, last access February, 2010.

2. TCPdump,, last access February, 2010.

3. M. Mannan and P. C. van Oorschot, “Secure Public Instant Messaging”, Proceedings of Financial Cryptography and Data Security 2006.

4. C. H. Yang, T. Y. Kuo, T Ahn, and C. P. Lee, “Design and Implementation of a Secure Instant Messaging Based on Elliptic-Curve Cryptography”, Journal of Computers, Vol. 18(4), January 2008.

5. O. Dandash et al., “Fraudulent Internet Banking Payments Prevention using Dynamic Key,” Journal of Networks, Vol.3(1), Academy Publisher, pp. 25-34, 2008

6. S. Kungpisdan, P.D. Le, and B. Srinivasan, “A Limited- Used Key Generation Scheme for Internet Transactions”, Lecture Notes in Computer Science, Vol. 3325, 2005.

7. S. Kungpisdan and S. Metheekul, “A Secure Offline Key Generation With Protection Against Key Compromise” in the World Multi-conference on Systematics, Cybernetics, and Informatics 2009, Orlando, Florida, July. 2009, pp. 63-67.

8. Li, Y. and Zhang, X., 2004. A Security-enhanced Onetime Payment Scheme for Credit Card. Proc. of the Int’l Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and EGovernment Applications,

9. S. Kungpisdan, B. Srinivasan, and P.D. Le, “Lightweight Mobile Credit-card Payment Protocol”, Lecture Notes in Computer Science, Vol. 2904, pp. 295-308, 2003.

10. A. D. Rubin and R.N. Wright, “Off-line Generation of Limited-Use Credit Card Numbers”, Lecture Notes in Computer Science, Vol. 2339, pp. 196-209, 2002.