Email and Text Messaging Security in the Wired and Wireless Worlds
Thursday, August 1st, 2002International Lecture by Dr. Erik Kangas
“Internet email, Internet instant messaging, and mobile short text messaging are related in that they enable communications by pushing messages from sender to recipient over generally insecure networks. The security issues and vulnerabilities inherent in all three modes of communication are also very similar. This talk will review standard security threats associated with electronic messaging in general, and their common remedies including symmetric and asymmetric key encryption, digital signatures, and message authentication codes. Next, a detailed exposition of the security vulnerabilities inherent in all phases of Internet email delivery will be examined and solutions such as S/MIME, Authentication, and Transport Layer Security (TLS) will be discussed. After a brief look of the serious issues involved with public Instant Messaging services such as AOL Instant Messenger, Yahoo! Messenger, and ICQ, the Short Messaging System (SMS) over the Global System for Mobile Communications (GSM) will be examined. We will review the current security protocols used by GSM and identify the vulnerabilities to SMS. Finally, several ways that GSM or SMS could be extended or modified to ensure the security and privacy of SMS messages, even in a multi-vendor mobile environment, will be proposed.”
Read the rest of this post »