Abstract
In this paper, an identity-based key agreement protocol for securing mobile telephony in GSM and UMTS networks is presented. The approach allows two mobile phones to perform a session key agreement over an unsecured channel and between different providers using telephone numbers as public keys. Using the created session key, a symmetric encryption of all call data can be performed. Solutions to the problems of multi-domain key generation, key distribution, multi-domain public parameter distribution and inter-domain key agreement are presented. Furthermore, the proposed approach can be speeded up using server-aided cryptography, by outsourcing computationally expensive cryptographic operations to a high-performance backend computing server. The feasibility of the approach is illustrated by presenting experimental results based on a Symbian implementation running on N95-1 and N82-1 Nokia smartphones.
Similar content being viewed by others
References
Boneh D, Franklin M (2003) Identity-based encryption from the Weil pairing. SIAM J Comput 32(3):586–615
Boneh D, Boyen X, Goh E-J (2005) Hierarchical identity-based encryption with constant size ciphertext. In: EUROCRYPT—advances in cryptology, Aarhus, Denmark. Lecture notes in computer science, vol 3494. Springer, Berlin, pp 440–456
Clavier C (2007) An improved SCARE cryptanalysis against a secret A3/A8 GSM algorithm. In: Third international conference on information systems security, Delhi, India, pp 143–155
Cryptophone (2010) http://www.gsmk.de/
Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory 6:644–654
Dijk M, Clarke D, Gassend B, Suh GE, Devadas S (2006) Speeding up exponentiation using an untrusted computational resource. Des Codes Cryptogr 39(2):253–273
Dryburgh L, Hewett J (2003) Signaling system No. 7 (SS7/C7): protocol, architecture, and applications. Cisco Press, Indianapolis
Hohenberger S, Lysyanskaya A (2005) How to securely outsource cryptographic computations. In: Theory of cryptography, Cambridge, MA, USA. Lecture notes in computer science, vol 3378. Springer, Berlin, pp 264–282
Horwitz J, Lynn B (2002) Toward hierarchical identity-based encryption. In: EUROCRYPT—advances in cryptology. Lecture notes in compute science, vol 2332. Springer, Berlin, pp 466–481
Katugampala N, Villette S, Kondoz A (2003) Secure voice over GSM and other low bit rate systems. In: IEE seminar on secure GSM and beyond: end to end security for mobile communications. London, pp 13–15
Kumar KP, Shailaja G, Kavitha A, Saxena A (2006) Mutual authentication and key agreement for GSM. In: ICMB ’06: proceedings of the international conference on mobile business, Copenhagen, Denmark. IEEE Computer Society, Washington, p 25
LaDue CK, Sapozhnykov VV, Fienberg KS (2008) A data modem for GSM voice channel. IEEE Trans Veh Technol 57(4):2205–2218
Lim CH, Lee PJ (1995) Security and performance of server-aided RSA computation protocols. In: CRYPTO—advances in cryptology, Santa Barbara, California, USA. Lecture notes in computer science, vol 963. Springer, Berlin, pp 70–83
Lim CH, Lee PJ (2006) Authenticated session keys and their server-aided computation. Tech Report
Matsumoto T, Kato K, Imai H (1990) Speeding up secret computations with insecure auxiliary devices. In: CRYPTO—advances in cryptology, Santa Barbara, California, USA. Lecture notes in computer science, vol 537. Springer, Berlin, pp 497–506
McCullagh N, Barreto P (2005) A new two-party identity-based authenticated key agreement. In: Cryptographers’ track at RSA conference—CT-RSA
Meyer U, Wetzel S (2004) A man-in-the-middle attack on UMTS. In: WiSe ’04: proceedings of the 3rd ACM workshop on wireless security, Philadelphia, PA, USA. ACM Press, New York, pp 90–97
Moldal L, Jorgensen T (2003) End to end encryption in GSM, DECT and satellite networks using NSK200. In: IEE seminar on secure GSM and beyond: end to end security for mobile communications. London, pp 1–5
Nguyen PQ, Shparlinski IE, Stern J (1999) Distribution of modular sums and the security of server aided exponentiation. In: Proceedings of the workshop on computational number theory and cryptography. Singapore, pp 1–16
Okamoto E (1988) Key distribution systems based on identification information. In: CRYPTO—advances in cryptology, Santa Barbara, California, USA. Lecture notes in computer science, vol 403. Springer, Berlin, pp 194–202
Petrovic S (2002) An improved cryptanalysis of the A5/2 algorithm for mobile communications. In: Proceedings of the IASTED international conference on communication systems and networks, Malaga, Spain, pp 437–444
Pohlig S, Hellman M (1984) An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Trans Inf Theory 24:106–110
Pollard J (1974) Theorems of factorization and primality testing. Math Proc Camb Phil Soc 76:521–528
Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 1(2):120–126
Schridde C, Smith M, Freisleben B (2008) An identity-based key agreement protocol for the network layer. In: SCN—international conference on security and cryptography for networks, Amalfi, Italy. Lecture notes in computer science, vol 5229. Springer, Berlin, pp 409–422
ZFone. http://zfoneproject.com/
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Smith, M., Schridde, C., Agel, B. et al. Secure mobile communication via identity-based cryptography and server-aided computations. J Supercomput 55, 284–306 (2011). https://doi.org/10.1007/s11227-010-0455-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-010-0455-6