Practical usability and implementation's
concept of short text message encryption
The problem of short text message
encryption is not a new thought, but the spread of the GSM's SMS messages
getting wider and wider motivates the creation of a system specially designed
for such an environment.
The GSM system transmitting SMS messages
differs from the older analogue mobile phone systems among others that the
talking between the parties is encrypted so private information cannot be
stolen by sniffing the used frequency. But this claim is not true for all the
communication in the system. The data sent through the Call Control (CC)
channel used for starting calls and signing the Mobile Equipment (ME) for
incoming calls is not encrypted. This channel is also used for transmitting the
SMS messages.
Considering the above mentioned things it
can be seen that the theoretical opportunity of sniffing SMS messages exists so
the encryption is reasonable.
Solving the problem we have to consider
that the message to be sent cannot be larger than 140 bytes because of the
limits of GSM System so this is the largest data size to encrypt. (Longer SMS
messages are built from 140-byte packages.)
It occurs some other problems that the
usage of SMS as bearer cannot be considered as a reliable datagram protocol, so
we have to be aware of the possibility of packet loss. Designing the system we
have to use as much standardised resources as we can because such service can
be spread that needs no additional changes in the system or special ME on the
user side.
For increasing the reliability of
encryption we have to use Public Key Infrastructure (PKI) with the necessary
compromises of narrow bandwidth and low processor power.
The encryption of plain text messages
causes further problems because it can compromise the security of the coded
message so we have to work out a data compression solution for increasing the
entropy of the data to be encrypted. Common data compression mechanism is not
effective on 140 bytes size data.
The problem is very complex; the design of
the solution takes ideas from the fields of cryptography, data compression and
telecommunication.