Email and Text Messaging Security in the Wired and Wireless Worlds
International Lecture by Dr. Erik Kangas
“Internet email, Internet instant messaging, and mobile short text messaging are related in that they enable communications by pushing messages from sender to recipient over generally insecure networks. The security issues and vulnerabilities inherent in all three modes of communication are also very similar. This talk will review standard security threats associated with electronic messaging in general, and their common remedies including symmetric and asymmetric key encryption, digital signatures, and message authentication codes. Next, a detailed exposition of the security vulnerabilities inherent in all phases of Internet email delivery will be examined and solutions such as S/MIME, Authentication, and Transport Layer Security (TLS) will be discussed. After a brief look of the serious issues involved with public Instant Messaging services such as AOL Instant Messenger, Yahoo! Messenger, and ICQ, the Short Messaging System (SMS) over the Global System for Mobile Communications (GSM) will be examined. We will review the current security protocols used by GSM and identify the vulnerabilities to SMS. Finally, several ways that GSM or SMS could be extended or modified to ensure the security and privacy of SMS messages, even in a multi-vendor mobile environment, will be proposed.”
Dr. Erik Kangas is currently President of Lux Scientiae, Incorporated, an Internet services and consulting company located near Boston Massachusetts. Dr. Kangas received a Ph.D. in computational biophysics from the Massachusetts Institute of Technology (Cambridge, Massachusetts) in 2000 and two Bachelor’s degrees, one in theoretical physics and one in mathematics from Case Western Reserve University (Cleveland, Ohio) in 1995. After receiving his doctorate degree, he also worked as a Senior Software Engineer at Akamai Technologies. Dr. Kangas is interested in providing user-friendly, fast, and secure infrastructures to facilitate reliable and trustworthy global communications.
Lux Scientiae, Incorporated, was founded in 1999. It provides professional web and email hosting services, application and database development, web design, and content management services. They pride themselves on close personal customer support and service — something not found in abundance with most of the larger service providers. Lux Scientiae, pronounced “looks skee-en-tee-eye”, can be found in the Internet at www.luxsci.com and reached at sales @ luxsci.com.
The lecture will be given at the Helsinki Institute for Information Technology (HIIT) on August 27th, 2002 at 3pm local time. Helsinki Institute for Information Technology, founded in 1999, is a joint research institute of the University of Helsinki and the Helsinki University of Technology. HIIT conducts internationally top-level strategic research in information technology (IT), in close collaboration with the IT industry and applying sciences, and gives researcher training and research-related education.
The aim of HIIT is to raise the content, visibility and impact of Finnish IT research to the highest international level and thus further strengthen the interaction between Finnish universities, the IT industry, and major international research centers and universities. HIIT works to benefit the long-term competitiveness of the Finnish IT industry and the progress of the Finnish information society by combining scientific academic research with long-term and risky strategic industrial research and development and with the development of the information society. HIIT consists of an Advanced Research Unit (ARU) and a Basic Research Unit (BRU), each comprising a number of multidisciplinary research groups. HIIT/ARU is located in Ruoholahti in Helsinki and HIIT/BRU at the computer science departments of the two founding universities.
