دانلود رایگان مقاله انگلیسی در مورد تایید امنیت پروتکل سرویس پیام کوتاه - IEEE 2018

Abstract

Short Message Service (SMS) is a text messaging service component of smart phones, web, or mobile communication systems which requires a high level of security to provide user authentication and data confidentiality. To provide such security features, a high security communication protocol for SMS, called Message Security Communication Protocol (MSCP) was proposed. In this paper, MSCP is formally analyzed using an automated logic-based verification tool with attack detection capabilities. The performed formal verification reveals that the proposed protocol is susceptible to parallel session and denial-ofservice (DoS) attacks. The reasoning why these attacks are possible is detailed and an amended protocol is proposed to counter the identified attacks. Formal verification of the amended protocol provides confidence regarding the correctness and effectiveness of the proposed modifications.

VII. CONCLUSIONS

In this paper, the process of formally verifying a security protocol based on modal logic technique was introduced. An automated logic-based verification tool with the capability of detecting freshness and interleaving session attacks was used to verify the security properties of Message Security Communication Protocol (MSCP), which was proposed as a high security communication protocol for Short Message Service (SMS). The formal verification results revealed several weaknesses in MSCP that can be exploited by potential parallel session and Denial of Service (DoS) attacks. These weaknesses were analyzed and an amended protocol immune to these attacks was proposed. Formal verification of the amended protocol verified all of its security properties and could thus provide confidence in the correctness and effectiveness of the proposed modifications.