VULNERABILITIES OF SHORT MESSAGE ENCRYPTION IN MOBILE INFORMATION AND COMMUNICATION SYSTEMS OF CRITICAL INFRASTRUCTURE OBJECTS
DOI:
https://doi.org/10.28925/2663-4023.2022.17.145158Keywords:
strong cryptosystem, message length distribution, critical infrastructure, mobile device, cryptanalytic attackAbstract
The article considers the possibility of implementing attacks on information exchange in mobile information and communication systems (ICS), which are protected for additional practical cryptographic transformations. Information exchange in the IСS of critical infrastructure objects is often implemented by means of transmission, receiving and paying fees of apparently short notices. Such improvements can be used to formalize control commands and data on the flow mill of objects, alert signals, alerts about suspected activity in computer networks or data for the formation of multiple secrets (keys) in cyber defense systems. Short message services (Short Message Service - SMS) or add-ons on mobile platforms - messengers are analyzed for the exchange of apparently short notifications. Informed about the possibility of an attack on cryptographic systems with a method of designating a streaming station, the object of critical infrastructure and methods of its implementation. Formulated practical recommendations about how to prevent significant attacks, as well as direct further charges.
Downloads
References
Alomair, B., Poovendran, R. (2014). Efficient Authentication for Mobile and Pervasive Computing. IEEE Transactions on Mobile Computing, 13(3), 469–481. https://doi.org/10.1109/tmc.2012.252
Rosenfeld, A., Sina, S., Sarne, D., Avidov, O., Kraus, S. (2018). WhatsApp usage patterns and prediction of demographic characteristics without access to message content. Demographic Research, 39, 647–670. https://doi.org/10.4054/demres.2018.39.22.
Kwak, M., Cho, Y. (2021). A Novel Video Steganography-Based Botnet Communication Model in Telegram SNS Messenger. Symmetry, 13(1), 84. https://doi.org/10.3390/sym13010084.
Trabelsi, Z., El-Sayed, H., Frikha, L., Rabie, T. (2006). Traceroute Based IP Channel for Sending Hidden Short Messages. In Advances in Information and Computer Security (с. 421–436). Springer Berlin Heidelberg. https://doi.org/10.1007/11908739_30.
Zhang, T., Jin, Y. C., Sun, Z. X. (2015). A Lightweight Encoding Mechanism for Encrypted User Notification on Mobile Device in Power Grid System. In International Conference on Computer Information Systems and Industrial Applications. Atlantis Press. https://doi.org/10.2991/cisia-15.2015.140.
GSM 03.38 (ETSI 300 628): Digital cellular telecommunications system (Phase 2+); Alphabets and language-specific information.
GSM 03.40 (ETS 300 536): European digital cellular telecommunication system (Phase 2); Technical realization of the Short Message Service (SMS) Point to Point (PP).
Karale, S. N., Pendke, K., Dahiwale, P. (2015). The survey of various techniques & algorithms for SMS security. In 2015 International Conference on Innovations in Information,Embedded and Communication Systems (ICIIECS). IEEE. https://doi.org/10.1109/iciiecs.2015.7192943.
Makala, R., Bezawada, V., Ponnaboyina, R. (2017). A fast encryption and compression technique on SMS data. In 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET). IEEE. https://doi.org/10.1109/wispnet.2017.8299956.
Aung, T. M., Myint, K. H., Hla, N. N. (2018). A Data Confidentiality Approach to SMS on Android. In Intelligent Computing & Optimization (с. 505–514). Springer International Publishing. https://doi.org/10.1007/978-3-030-00979-3_53
Attacking SSL when using RC4 // Hacker Intelligence Initiative, March 2015/ Imperva. 10P. https://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf
Ekdahl, P., Johansson, T. (2003). Another attack on A5/1. IEEE Transactions on Information Theory, 49(1), 284–289. https://doi.org/10.1109/tit.2002.806129
Pan, J., Ding, Q., Qi, N. (2012). The Research of Chaos-based SMS Encryption in Mobile Phone. In 2012 Second International Conference on Instrumentation, Measurement, Computer, Communication and Control (IMCCC). IEEE. https://doi.org/10.1109/imccc.2012.124
Pan Jing, Qi Na, Xue Bing-Bing Ding Qun. (2012). Field programmable gate array-based chaotic encryption system design and hardware realization of cell phone short message. Acta Physica Sinica, 61(18), 180504. https://doi.org/10.7498/aps.61.180504
Novelan, M. S., Husein, A. M., Harahap, M., Aisyah, S. (2018). SMS Security System on Mobile Devices Using Tiny Encryption Algorithm. Journal of Physics: Conference Series, 1007, 012037. https://doi.org/10.1088/1742-6596/1007/1/012037
Lu, E.H., Huang, K.T., Chiu, J.H. (2016). Word-Based AES Encryption Without Data Expansion. Journal of Information Science and Engineering, 32(4), 849-861.
Ahamed, B. B., Krishnamoorthy, M. (2020). SMS Encryption and Decryption Using Modified Vigenere Cipher Algorithm. Journal of the Operations Research Society of China. https://doi.org/10.1007/s40305-020-00320-x
Hulak, H.M., Skladannyi, P.M. (2017). Zabezpechennia harantozdatnosti avtomatyzovanykh system upravlinnia ta peredachi danykh bezpilotnykh litalnykh aparativ. Matematychni mashyny ta systemy, 3, 154-161.
Grushevsky, Y., Elmasry, G., Argentieri, S., Lussier, R. (2006). Adaptive RS Code for Message Delivery Over Encrypted Military Wireless Networks. In MILCOM 2006. IEEE. https://doi.org/10.1109/milcom.2006.302323.
Asbullah, M.A, Ariffin, M.K. A Proposed CCA-secure Encryption on an ElGamal Variant. 2012 7th International Conference on Computing and Convergence Technology (ICCCT2012), 499-503.
Hulak, H.M., Mukhachov, V.A., Khoroshko, V.O., Yaremchuk, Yu.Ie. (2011). Osnovy kryptohrafichnoho zakhystu informatsii. VNTU.
Bresson, E; Chevassut, O. Pointcheval, D. New security results on encrypted key exchange. 7th International Workshop on Theory and Practice in Public Key Cryptography 2004 | Public Key Cryptography - PKC 2004, Proceedings 2947, 45-158
(IEEE Std 1363-2000) IEEE Standard Specifications for Public-Key Cryptography.
Mishra, P. Renuka, Verma, V. (2020). Identity Based Broadcast Encryption Scheme with Shorter Decryption Keys for Open Networks. Wireless Personal Communications, 115(2), 961-969
Boneh, D. Franklin, M.·(2003) Identity-Based Encryption from the Weil Pairing. SIAM J. of Computing, 32(3), 586-615
Schneier, B., Hall, C. An improved e-mail security protocol. In 13th Annual Computer Security Applications Conference. IEEE Comput. Soc. https://doi.org/10.1109/csac.1997.646194
Rosenfeld, A. Sina, S. Sarne, D. Avidov, O. Kraus, S. WhatsApp Usage Patterns and Prediction Models. https://www.researchgate.net/publication/299487660
Jaglom, A.M., Jaglom, I.M. (2007). Probability and information.
Srivastava, V., Singh, M. (2020). PHINC: A Parallel Hinglish Social Media Code-Mixed Corpus for Machine Translation. In Proceedings of the Sixth Workshop on Noisy User-generated Text (W-NUT 2020). Association for Computational Linguistics. https://doi.org/10.18653/v1/2020.wnut-1.7
Cramér, H. (1999). Mathematical Methods of Statistics. Princeton Landmarks in Mathematics. Princeton University Press.
Sobkowicz, P., Thelwall, M., Buckley, K., Paltoglou, G., Sobkowicz, A. (2013). Lognormal distributions of user post lengths in Internet discussions - a consequence of the Weber-Fechner law? EPJ Data Science, 2 (1). https://www.researchgate.net/publication/257868097_Lognormal_distributions_of_user_post_lengths_in_Internet_discussions_-_a_consequence_of_the_Weber-Fechner_law
Kekre, H.B., Saxena, C.L. (1979). An estimate of the distribution of message lengths in overseas communications. Computers & Electrical Engineering, 6(2), 79 92.
