A Secure SMS Authentication Based on Limited-Used Session Keys

Main Article Content

สุรการ ดวงผาสุข
ชาลี ธรรมรัตน์


- Currently, short message service (or SMS) is very popular like a payment transaction, payment products or services, vote or a comment to activities. A lot of researches have been presented SMS authentication. However, a number of researches were presented still lacking of security and authentication. This paper presents SMS authentication to increase security. Moreover, the proposed protocol deploys a limited-use offline session key generation and use of distribution technique to enhance security. The result of proposed protocol illustrated that it gained better performance and less time than existing papers and sending short text messages each time was less than the maximum.

Article Details

How to Cite
ดวงผาสุข ส. and ธรรมรัตน์ ช., “A Secure SMS Authentication Based on Limited-Used Session Keys”, JIST, vol. 6, no. 2, pp. 38–47, Dec. 2016.
Research Article: Soft Computing (Detail in Scope of Journal)


1. S. Kungpisdan and S. Metheekul, “A Secure Offline Key Generation With Protection Against Key Compromise,” Proceedings of the 13th World Multi-conference on Systemics, Cybernetics, and Informatics, Orlando, USA, 2009.

2. O. Dandash, Y. Wang, and P.D. Le, “Fraudulent Internet Banking Payments Prevention using Dynamic Key,”Journal of Networks,” Vol.3(1), Academy Publisher, pp. 25-34, 2008.

3. S. Kungpisdan, P.D. Le, and B. Srinivasan, “A Limited-Used Key Generation Scheme for Internet Transactions,” Lecture Notes in Computer Scienc e, Vol. 3325, 2005.

4. Li, Y. and Zhang, X, “A Security-enhanced One-time Payment Scheme for Credit Card,” Proc. of the Int’l Workshop on Research Issues on Data Engineering: Web Services for ECommerce and E-Government Applications, 2004.

5. S. Kungpisdan, B. Srinivasan, and P.D. Le, “Lightweight Mobile Credit-card Payment Protocol,” Lecture Notes in Computer Science, Vol. 2904, pp. 295-308, 2003.

6. A. D. Rubin and R.N. Wright, “Off-line Generation of Limited-Use Credit Card Numbers,” Lecture Notes in Computer Science, Vol. 2339, pp. 196, 2002.

7. H. Ratshinanga, J. LO, and J. Bishop. "A Security Mechanism for Secure SMS Communication," Proceedings of SAICSIT, pp. 1-6, 2004.

8. J. L. Lo, J. Bishop and J.H.P Eloff, "SMSSec: an end-to-end protocol for secure SMS," Computers & Security, vol. 27, no. 5-6, pp. 154-167, 2008.

9. H. Rongyu, Z. Guolei, C. Chaowen, X. Hui, Q. Xi and Q. Zheng, "A PK-SIM card based end-to-end security framework for SMS", Computer Standards & Interfaces 31.4, pp. 629-641, 2009.

10. N. Saxena and N.S. Chaudhari, "SecureSMS: A secure SMS protocol for VAS and other applications," Journal of Systems and Software 90 (2014): pp. 138-150, 2014.

11. N. Saxena, N. S. Chaudhari and G. L. Prajapati, "An extended approach for SMS security using authentication functions", Industrial Electronics and Applications (ICIEA), 7th IEEE Conference on. IEEE, pp. 663-668, 2012.

12. N. Saxena and A. Payal, "Enhancing Security System of Short Message Service for M-Commerce in GSM", International Journal of Computer Science & Engineering Technology (IJCSET), ISSN: 2229-3345 Vol. 2 No. 4, pp. 126-133, 2011.

13. N. Saxena and N. S. Chaudhari, "A secure approach for SMS in GSM network", Proceedings of the CUBE International Information Technology Conference. ACM, pp. 59-64, 2012.

14. M. Toorani and A. A. B. Shirazi, SSMS – A Secure SMS Messaging Protocol for the M-Payment Systems, Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC'08), Marrakech, July 6-9, 2008, pp. 700-705.

15. A. Biryukov, A. Shamir and D. Wagner, Real Time Cryptanalysis of A5/1 on a PC, 2000 [Online]. Available: https://cryptome.org/a51-bsw.htm. Accessed on: 13 February 2007.

16. N.R. Potlapally, S. Ravi, A. Raghunathan, and N.K. Jha, “A study of the energy consumption characteristics of cryptographic algorithms and security protocols,” IEEE Transactions on mobile computing, vol. 5, no. 2, pp. 128-143, 2006.