Please use this identifier to cite or link to this item:
Title: Identity-based Secure Messaging System
Authors: Gao, Wei
Department: Department of Computer Science
Issue Date: 2011
Supervisor: Supervisor: Dr. Wong, Shek Duncan; First Reader: Dr. Lam, Kam Yiu; Second Reader: Mr. Lee, Chan Hee
Abstract: Nowadays, Short Message Service (SMS) and Multimedia Messaging Service (MMS) have become extremely popular in our daily communications and social services. However, SMS and MMS are facing significant security challenges. Today since content of most messages sent through the services is totally plain, SMS and MMS messages may be read by unauthorized and unwanted people when they are being transmitted or stored somewhere. This not only threatens user privacy but also becomes a huge barrier of SMS and MMS utilization in many industries which emphasize user data confidentiality. Actually this is not a new topic and some organizations have developed solutions to the problems. However, all the existing solutions are based on symmetric key cryptography. It requires that a user pre-shares a unique password with every potential contact. Moreover, entering the corresponding password is necessary for sending or receiving each secure message. It becomes troublesome when serving a large number of users and hence not practical. In addition, the existing applications only provide encryption for SMS messages, but not MMS messages. Our project, Identity-based Secure Messaging System, aims to provide secure encryption for both SMS and MMS services while eliminating the limitations in the existing solutions. It adopts Identity-based encryption (IBE) to encrypt and decrypt SMS and MMS messages. IBE is a relatively new technique and can be regarded as a simplified version of traditional Public Key Encryption. In IBE, a public key can be a unique string containing any characters. Based on an arbitrary public key, it has a set of algorithms for private key generation, encryption and decryption. Therefore, in our proposed system, no pre-shared password is needed for exchanging secure SMS or MMS messages and the phone number of a user can serve as its public key. After getting the private key through a simple registration, a user is allowed to send and receive secure SMS and MMS messages without any extra operation. In order to protect messages stored on mobile phones, a user just needs to set a privately-owned password which is for all local messages and independent of the contacts. In this way, we make the application secure, user-friendly and practical on a large scale. The system proposed here consists of server and client applications. The server applications mainly deal with user registration and password reset requests. The client application is designated to run on mobile phones to provide core services such as sending secure SMS/MMS messages and affiliated services such as changing user password. Therefore, the whole system is capable of providing a complete solution to sending, receiving and storing SMS and MMS messages securely.
Appears in Collections:Computer Science - Undergraduate Final Year Projects

Files in This Item:
File SizeFormat 
fulltext.html145 BHTMLView/Open

Items in Digital CityU Collections are protected by copyright, with all rights reserved, unless otherwise indicated.