Sender Reciever

A Secure SMS Communication for Android OS
Abstract:
Nowadays, short message service (SMS) is being used in many daily life applications, including
healthcare monitoring, mobile banking, mobile commerce, and so on. But when we send an SMS
from one mobile phone to another, the information contained in the SMS transmit as plain text.
Sometimes this information may be confidential like account numbers, passwords, license
numbers, and so on, and it is a major drawback to send such information through SMS while the
traditional SMS service does not provide encryption to the information before its transmission. In
this paper, we propose an efficient and secure protocol called EasySMS, which provides end-to-
end secure communication through SMS between end users. The working of the protocol is
presented by considering two different scenarios. The analysis of the proposed protocol shows
that this protocol is able to prevent various attacks, including SMS disclosure, over the air
modification, replay attack, man-in-the- middle attack, and impersonation attack. The EasySMS
protocol generates minimum communication and computation overheads as compared with
existing SMSSec and PK-SIM protocols. On an average, the EasySMS protocol reduces 51%
and 31% of the bandwidth consumption and reduces 62% and 45% of message exchanged during
the authentication process in comparison to SMSSec and PK-SIM protocols respectively.
Authors claim that EasySMS is the first protocol completely based on the symmetric key
cryptography and retain original architecture of cellular network.
Keywords: End-to-end Security, Encryption, Mobile Communication, EasySMS.

Introduction
Short Messaging Service (SMS) is a communication service, originally developed as part of the
Global System for Mobile Communications. Today it is one of the most widely used mobile
services, with million messages exchanged on a daily basis.
Their present-day uses are far different from the initial idea. SMS has now become a popular
means of communication by individuals and businesses. Banks worldwide are using SMS to
conduct some of their banking services. People sometimes exchange confidential information
such as passwords or sensitive data amongst each other. The mobile commerce is everyday
growing.
SMS provides many conveniences in our everyday lives, but is it really secure? SMS messages
are sent via a store-and-forward mechanism to a Short Message Service Centre (SMSC), which
will attempt to send the message to the recipient and possibly retry if the user is not reachable
at a given moment. Transmission of the short messages between SMSC and phone is via the
Signaling System Number 7 (SS7) within the unencrypted protocol allowing employees within
the cellular provider’s network, which has access to SS7 network, to eavesdrop or Modify SMS
messages.
Literature survey
1) R. E. Anderson et al., “Experiences with a transportation information

system that uses only GPS and SMS,” in Proc. IEEE ICTD, no. 4, Dec.
2010.
Short Message Service (SMS) is a very popular and easy-to-use communication medium for
mobile phone users. Using SMS mobile user send some confidential information such as
password , account number , banking information in the form of text message from one mobile
to another mobile,. The information send in plaintext format the hacker easily read this
information and privacy will not be maintained. Nowadays SMS is used for many value added
services as mobile banking and e-commerce but due to lack of security this application rarely
used. For this purpose we provide a solution that provides end to end security of the message
with authentication, confidentiality, integrity. Hence we present a secure model for SMS mobile
banking services tailored to suit mobile cellular phone users.
2). D. Risi and M. Teófilo, “MobileDeck: Turning SMS into a rich user experience,” in Proc. 6th
MobiSys, no. 33, 2009.
SECUREDSMS: A PROTOCOL FOR SMS SECURITY

Short Message Service (SMS) has become common in many of our daily life applications.
Sometimes SMS is used to send confidential information like password, passcode, banking
details etc. But in traditional SMS service, information content is transmitted as plain text which
is not at all secure. It’s because when SMS is transmitted as plain text without using any
encryption mechanisms it is easily subjected to many attacks. In this paper, we propose a
protocol called SecuredSMS which make use of the symmetric key shared between the end
users thus providing secure and safe communication between two users. The analysis of this
protocol shows that it is highly secure as it is able to prevent the information content from
various attacks like replay attack, man-in-the-middle attack, over the air modification and
impersonation attack. SecuredSMS can be activated in the phone using PIN number. It also
provides a way for remote destruction and remote locking in the case if the phone is stolen or
lost.
3)K. Yadav, “SMSAssassin: Crowdsourcing driven mobile-based system for SMS spam filtering,”
in Proc. Workshop Hotmobile, 2011, pp. 1–6.
SMSAssassin: Crowdsourcing Driven Mobile-based System for SMS Spam Filtering

Due to increase in use of Short Message Service (SMS) over mobile phones in developing
countries, there has been a burst of spam SMSes. Content-based machine learning approaches
were effective in filtering email spams. Researchers have used topical and stylistic features of
the SMS to classify spam and ham. SMS spam filtering can be largely influenced by the
presence of regional words, abbreviations and idioms. We have tested the feasibility of applying
Bayesian learning and Support Vector Machine(SVM) based machine learning techniques which
were reported to be most effective in email spam filtering on a India centric dataset. In our
ongoing research, as an exploratory step, we have developed a mobile-based system
SMSAssassin that can filter SMS spam messages based on bayesian learning and sender
blacklisting mechanism. Since the spam SMS keywords and patterns keep on changing,
SMSAssassin uses crowd sourcing to keep itself updated. Using a dataset that we are collecting
from users in the real-world, we evaluated our approaches and found some interesting results.
4) M. Densmore, “Experiences with bulk SMS for health financing in Uganda,” in Proc. ACM
CHI, 2012, pp. 383–398.
Experiences with bulk SMS for health financing in Uganda
Short message service (SMS, aka text messaging) is a low-cost and effective means of
communication for organizations attempting to maintain contact with many people. In this paper
we look at the deployment and of a bulk mobile text-messaging platform (Bulk SMS), conceived
and commissioned by a health non-governmental organization (NGO) for use in communicating
with the 100+ private health facilities. We show how the platform emerged from existing
practices, the features and expectations of the system, and the ways in which it was used.
Common failure points include infrastructural limitations, human error, and unexpected use
cases. We find that 1) the use of SMS as a media enables new types of communication, and 2)
SMS alone is not sufficient for maintaining relationships within the NGO program.
2. Problem Statement
1) Is it best application to properly message is sending from sender to receiver?
2) What is the accuracy of encryption techniques?
System Analysis
3.1 Introduction to System Analysis
System
A system is an orderly group of interdependent components linked together according to a plan

to achieve a specific objective. Its main characteristics are organization, interaction,
interdependence, integration and a central objective.
System Analysis
System analysis and design are the application of the system approach to problem solving
generally using computers. To reconstruct a system the analyst must consider its elements
output and inputs, processors, controls, feedback and environment.
Analysis
Analysis is a detailed study of the various operations performed by a system and their
relationships within and outside of the system. One aspect of analysis is defining the boundaries
of the system and determining whether or not a candidate system should consider other related
systems. During analysis data are collected on the available files decision points and transactions
handled by the present system. This involves gathering information and using structured tools for
analysis.
Existing System:
In existing system whenever you are sending the text message no encryption techniques is used
so whatever data you are sending from source system same to datasets will received as it is.
Disadvantages of Existing system:

1) Not secure
2) No encryption techniques is used.
Proposed System:
In this section, we focus on the selection criteria to choose a block cipher
based symmetric key algorithm. The efficiency of a block cipher algorithm
depends upon the block size and key size. Since, with a larger block size we
can encrypt large chunk of data in one cycle of the algorithm, thus, it speeds
up the execution of algorithm. However, a larger key results in a slower
algorithm, because in general, all bits of key are involved in an execution
cycle of the algorithm.
In Proposed system there is encryption technique we are using so that it

provides more security compare to the existing system.
Advantages:
 In Proposed system it contains more secure by using AES encryption.
FEASIBILITY STUDY
Feasibility is the determination of whether or not a project is worth doing. The process followed
in making this determination is called feasibility Study. This type of study if a project can and
should be taken. In the conduct of the feasibility study, the analyst will usually consider seven
distinct, but inter-related types of feasibility.
Technical Feasibility
This is considered with specifying equipment and software that will successful satisfy the user
requirement the technical needs of the system may vary considerably but might include
 The facility to produce outputs in a given time.

 Response time under certain conditions.
 Ability to process a certain column of transaction at a particular speed.
Economic Feasibility
Economic analysis is the most frequently used technique for evaluating the effectiveness of a
proposed system. More commonly known as cost / benefit analysis. The procedure is to
determine the benefits and savings are expected form a proposed system and a compare them
with costs. It benefits outweigh costs; a decision is taken to design and implement the system
will have to be made if it is to have a chance of being approved. There is an ongoing effort that
improves in accuracy at each phase of the system life cycle.
Operational Feasibility
It is mainly related to human organization and political aspects. These points are considered
are
 What changes will be brought with the system?
 What organizational structures are distributed?
 What new skills will be required?
 Do the existing system staff members have these skills?
 If not, can they be trained in the course of time?

System Requirements
5.1 Hardware Requirement
 Processor : 733
 Keyboard : 104 Keys
 Floppy Drive : 1.44 MB MHz Pentium III
 RAM : 128 MB
 Hard Disk : 10GB
 Monitor : 14” VGA COLOR
 Mouse : Logitech Serial Mouse
 Disk Space : 1 GB
5.2 Software Requirements
 Operating System : Win 2000/ XP

 Technologies used : Java, Servlets, JSP, JDBC
 JDK : Version 1.4
 Database : My SQL 5.0
System Design
6.1 Logical Design
Design for WebApps encompasses technical and non-technical activities. The look and
feel of content is developed as part of graphic design; the aesthetic layout of the user
interface is created as part of interface design; and the technical structure of the
WebApp is modeled as part of architectural and navigational design.
This argues that a Web engineer must design an interface so that it answers three
primary questions for the end-user:
1. Where am I? – The interface should (1) provide an indication of the WebApp

has been accessed and (2) inform the user of her location in the content.
2. What can I do now? – The interface should always help the user understand
his current options- what functions are available, what links are live, what content is
relevant.
3. Where have I been; where am I going? – The interface must facilitate

navigation. Hence it must provide a “map” of where the user has been and what
paths may be taken to move elsewhere in the WebApp.
6.2 Design goals – the following are the design goals that are applicable to virtually
every WebApp regardless of application domain, size, or complexity.
1. Simplicity
2. Consistency
3. Identity
4. Visual appeal
5. Compatibility.
Design leads to a model that contains the appropriate mix of aesthetics, content, and
technology. The mix will vary depending upon the nature of the WebApp, and as a
consequence the design activities that are emphasized will also vary.
The activities of the Design process:
1. Interface design-describes the structure and organization of the user interface.

Includes a representation of screen layout, a definition of the modes of interaction,
and a description of navigation mechanisms. Interface Control mechanisms- to
implement navigation options, the designer selects form one of a number of
interaction mechanism;
a. Navigation menus
b. Graphic icons
c. Graphic images
Interface Design work flow- the work flow begins with the identification of user, task,
and environmental requirements. Once user tasks have been identified, user
scenarios are created and analyzed to define a set of interface objects and actions.
2. Aesthetic design-also called graphic design, describes the “look and feel” of the
WebApp. Includes color schemes, geometric layout. Text size, font and placement,
the use of graphics, and related aesthetic decisions.
3. Content design-defines the layout, structure, and outline for all content that is
presented as part of the WebApp. Establishes the relationships between content
objects.
4. Navigation design-represents the navigational flow between contents objects and for
all WebApp functions.
5. Architecture design-identifies the overall hypermedia structure for the WebApp.

Architecture design is tied to the goals establish for a WebApp, the content to be
presented, the users who will visit, and the navigation philosophy that has been
established.
a. Content architecture, focuses on the manner in which content objects and

structured for presentation and navigation.
b. WebApp architecture, addresses the manner in which the application is structure

to manage user interaction, handle internal processing tasks, effect navigation,
and present content. WebApp architecture is defined within the context of the
development environment in which the application is to be implemented.
J2EE uses MVC Architecture

6. Component design-develops the detailed processing logic required to implement
functional components.
Modules:
User Registration module: user needs to be registered for the

application by giving the credentials, such as name, phone no, email id and password.
Sender module: the user need to select the user from their contact list based,
and provide the necessary text to the user (Receiver) and click on send option. Once the sender
has clicked the send option the message will be encrypted by using AES Encryption.
Receiver module: The user will be receiving the messages in encrypted form,
once user clicks the decrypt then the messages will be decrypted using AES decrption.
Existing system:
An attack model describes different scenarios for the possibilities of various attacks where a malicious MS
can access the authentic information, or misguide the legitimate MS.Since, the SMS is sent as plaintext,
thus network operators can easily access the content of SMS during the transmission at SMSC.
Disadvantages of existing system:

 Less security
 Easily can be hacked
 Cannot be used for bank related application
Implementation:
Source Code
package DAO;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
public class CommonDAO {
private static Connection connection = null;

private static Statement statement = null;
private static ResultSet resultSet = null;
static int upload_flag;
public static boolean addUser(String uname, String password, String cell, String
mail, String role, String key)
{
boolean flag=false;
int i = 0;
String user = "";
String sql="";
try
{
Database database=Database.getInstance();
connection=database.connector();
statement = connection.createStatement();
sql="INSERT INTO m_user(uname,upass,umail,uphone,urole,ukey)
VALUES('"+uname+"', '"+password+"', '"+cell+"', '"+mail+"', '"+role+"', '"+key+"')";
System.out.println(sql);
i = statement.executeUpdate(sql);
if(i>1)
{
flag=true;
}
}
catch(Exception e)
{
System.out.println("Opp's Error is in UserDAO-
addDownloadTransaction(): ");
e.printStackTrace();
}
return flag;
}
public static boolean addencUser(String sid, String rdid, String ori, String enc)
{
boolean flag=false;
int i = 0;
String user = "";
String sql="";
try
{
sql="INSERT INTO
m_enc(sender_id,reciever_id,original_data,enc_data) VALUES('"+sid+"', '"+rdid+"',
'"+ori+"', '"+enc+"')";
if(i>1)
{
flag=true;
}
}
catch(Exception e)
{
}
return flag;
}
public static boolean update(String sid, String rdid, String ori, String enc)
{
boolean flag=false;
int i = 0;
String user = "";
String sql="";
try
{
sql="update m_enc set original_data= '"+ori+"',
enc_data='"+enc+"' where sender_id='"+sid+"' and reciever_id='"+rdid+"'";
if(i>1)
{
flag=true;
}
}
catch(Exception e)
{
}
return flag;
}
public static boolean deleteuser()

{
boolean flag=false;
int i = 0;
String user = "";
String sql="";
try
{
sql="delete from m_user";
if(i>1)
{
flag=true;
}
}
catch(Exception e)
{
}
return flag;
}
public static boolean CheckUserLogin(String username, String password)

{
System.out.println("its came Checkcurrentpassword.....................");
boolean flag=false;
ResultSet rs=null;
String sql="";
try
{
sql="select * from m_user where user_id = '"+ username + "' and
user_pwd='"+ password + "'";
rs=statement.executeQuery(sql);
System.out.println(rs);
while(rs.next())
{
flag=true;
}
System.out.println("Download Transaction Status : "+flag);
}
catch(Exception e)
{
}
return flag;
}
public static String selectdata(String username, String role)

{
StringBuffer sb=new StringBuffer();
boolean flag=false;
ResultSet rs=null;
String sql="";
try
{
sql="select * from m_enc where reciever_id = '"+ username + "'";
while(rs.next())
{
sb.append(rs.getString(2));
sb.append("~");
sb.append("~");
sb.append("~");
}
}
catch(Exception e)
{
}
return sb.toString();
}
public static boolean CheckUserExistance(String username, String role)
{
boolean flag=false;
ResultSet rs=null;
String sql="";
try
{
sql="select * from m_user where uname = '"+ username + "' and
urole='"+ role + "'";
while(rs.next())
{
flag=true;
}
}
catch(Exception e)
{
}
return flag;
}
public static boolean CheckUserExistancer(String username, String pass,String r)
{
boolean flag=false;
ResultSet rs=null;
String sql="";
try
{
sql="select * from m_user where uname = '"+ username + "' and
upass='"+pass+"' and urole='"+ r + "'";
while(rs.next())
{
flag=true;
}
}
catch(Exception e)
{
}
return flag;
}
public static boolean CheckdataExistancer(String sid, String rid)
{
boolean flag=false;
ResultSet rs=null;
String sql="";
try
{
sql="select * from m_enc where sender_id = '"+ sid + "' and
reciever_id='"+rid+"'";
while(rs.next())
{
flag=true;
}
}
catch(Exception e)
{
}
return flag;
}
public static List<String> selectCategory()

{
System.out.println("its came sendStudentClassId.....................");
ResultSet rs=null;
String sql="";
List<String> list = null;
try
{
sql="select cat_name from m_category";
list = new ArrayList<String>();
while(rs.next())
{
list.add(rs.getString(1));
}
System.out.println("category list: " + list);
}
catch(Exception e)
{
}
return list;
}
public static String selectcategoryId(String categoryName)

{
System.out.println("its came sendStudentClassId.....................");
ResultSet rs=null;
String sql="";
String categoryId = null;
try
{
sql="select cat_code from m_category where cat_name='"+
categoryName + "' ";
while(rs.next())
{
categoryId = rs.getString(1);
}
System.out.println("category Id : "+categoryId);
}
catch(Exception e)
{
}
return categoryId;
}
public static String getuaername(String role)
{
StringBuffer sb = new StringBuffer();
ResultSet rs=null;
String sql="";
String categoryId = null;
try
{
sql="select uname from m_user where urole='"+ role + "' ";
while(rs.next())
{
sb.append(rs.getString(1)) ;
sb.append("~") ;
}
System.out.println("category Id : "+categoryId);
}
catch(Exception e)
{
}
return sb.toString();
}
public static List<String> getTrunsuctionId()

{
System.out.println("Inside Body");
List<String> list = new ArrayList<String>();
String sql = "";
ResultSet rs=null;
String truncId;
try
{
sql = "SELECT pr_heart_rate FROM m_patient_reading2 ORDER
BY pr_id DESC limit 10";
while(rs.next())
{
truncId = rs.getString(1);
list.add(truncId);
}
catch(Exception e)
{
}
System.out.println("list"+list);
return list;
}
//getDate
public static List<String> getGetDate()
{
String sql = "";
ResultSet rs=null;
String date;
try
{
sql = "SELECT r1 FROM m_trans ";
while(rs.next())
{
date = rs.getString(1);
list.add(date);
}
catch(Exception e)
{
}
return list;
}
//getTime
public static List<String> getGetTime()
{
String sql = "";
ResultSet rs=null;
String time;
try
{
sql = "SELECT pr_accident_shakevakue FROM
m_patient_reading2 ORDER BY pr_id DESC limit 10 ";
while(rs.next())
{
time = rs.getString(1);
list.add(time);
}
}
catch(Exception e)
{
}
return list;
}
//getGetReading1
public static List<String> getGetReading1()
{
String sql = "";
ResultSet rs=null;
String reading1;
try
{
sql = "SELECT hr_status FROM
while(rs.next())
{
reading1 = rs.getString(1);
list.add(reading1);
}
}
catch(Exception e)
{
}
return list;
}
//Reading2
{
String sql = "";
ResultSet rs=null;
String reading2;
try
{
sql = "SELECT tr_status FROM
while(rs.next())
{
list.add(reading2);
}
}
catch(Exception e)
{
}
return list;
}
//Reading3
{
String sql = "";
ResultSet rs=null;
String reading2;
try
{
sql = "SELECT accident_status FROM
m_patient_reading2 ORDER BY pr_id DESC limit 10";
while(rs.next())
{
list.add(reading2);
}
}
catch(Exception e)
{
}
return list;
}
package DAO;
import java.sql.Connection;
import java.sql.DriverManager;
public class Database {

private static Database database = null;
private Database(){}
public static Database getInstance()
{
if(database==null)
return new Database();
else
return null;
}
public Connection connector()
{
Connection con=null;
try {
Class.forName("com.mysql.jdbc.Driver");
System.out.println("Driver has loaded");
con =
DriverManager.getConnection("jdbc:mysql://localhost:3306/db_senderreceive","root","ad
min");
System.out.println("jdbc:mysql://localhost:3306/db_senderreceive");
System.out.println("Connected" + con);
} catch (Exception e) {
System.out.println("Opp's Error is in connector()......."+ e);
}
return con;
}
}
DistanceDAO JAVA file
package DAO;
public class Distance

{
// 1.
/* Best Distance Calculation Formulla(Starts) */
public static double distFrom(double lat1, double lng1, double lat2, double lng2)
{
//double earthRadius = 3958.75;//In Miles
//double earthRadius = 6371;//In Km(Kilo meteres)
double earthRadius = 6371 * 1000;//In m(meter)
double dLat = Math.toRadians(lat2-lat1);
double dLng = Math.toRadians(lng2-lng1);
double a = Math.sin(dLat/2) * Math.sin(dLat/2) +
Math.cos(Math.toRadians(lat1)) * Math.cos(Math.toRadians(lat2)) *
Math.sin(dLng/2) * Math.sin(dLng/2);
double c = 2 * Math.atan2(Math.sqrt(a), Math.sqrt(1-a));
return earthRadius * c;
}
/* Best Distance Calculation Formulla(Ends) */

// 2.
/*
* Passed to function:
* lat1, lon1 = Latitude and Longitude of point 1 (in decimal degrees)
* lat2, lon2 = Latitude and Longitude of point 2 (in decimal degrees)
*
* unit = the unit you desire for results
* where: 'M' is statute miles
* 'K' is kilometers (default)
* 'N' is nautical miles
*/
public static double distance(double lat1, double lon1, double lat2, double lon2,
String unit)
{
double theta = lon1 - lon2;
double dist = Math.sin(deg2rad(lat1)) * Math.sin(deg2rad(lat2)) +
Math.cos(deg2rad(lat1)) * Math.cos(deg2rad(lat2)) * Math.cos(deg2rad(theta));
dist = Math.acos(dist);
dist = rad2deg(dist);
dist = dist * 60 * 1.1515;
if (unit.equals("K"))
{
dist = dist * 1.609344;
}
else if (unit.equals("N"))
{
dist = dist * 0.8684;
}
return (dist);
}
private static double deg2rad(double deg)

{
return (deg * Math.PI / 180.0);
}
private static double rad2deg(double rad)

{
return (rad * 180 / Math.PI);
}
/*
* Test
* system.println(distance(32.9697, -96.80322, 29.46786, -98.53506, "M") + " Miles\n");
* system.println(distance(32.9697, -96.80322, 29.46786, -98.53506, "K") + "
Kilometers\n");
* system.println(distance(32.9697, -96.80322, 29.46786, -98.53506, "N") + " Nautical
Miles\n");
*/
// Testing The Development

public static void main(String[] args)
{
double distance = 0;
double lat1 = 12.931818;

double lon1= 77.583436;
/*
//Point1(Srouce-Same)
double lat2 = 12.931818;
double lon2= 77.583436;
*/
/* //Point2
double lat2 = 12.931912;
double lon2= 77.58345;
*/
/* //Point3
double lat2 = 12.932816;
double lon2= 77.583548;
*/
//Point4
double lat2 = 12.932401;
double lon2= 77.580118;
//distance = Distance.getDistance(lat1, lon1, lat2, lon2);

distance = Distance.distFrom(lat1, lon1, lat2, lon2);
System.out.println("Distance : " + distance);
}
Android Code:
package com.database;
import android.content.Context;
import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteDatabase.CursorFactory;
import android.database.sqlite.SQLiteOpenHelper;
import android.util.Log;
public class DataBaseHelper extends SQLiteOpenHelper

{
public DataBaseHelper(Context context, String name, CursorFactory factory,int
version)
{
super(context, name, factory, version);
}
@Override
public void onCreate(SQLiteDatabase _db)
{
_db.execSQL(LoginDataBaseAdapter.DATABASE_CREATE);
_db.execSQL(LoginDataBaseAdapter.DATABASE_CREATE_RULE);
@Override
public void onUpgrade(SQLiteDatabase _db, int _oldVersion, int _newVersion) {
Log.w("TaskDBAdapter", "Upgrading from version " + _oldVersion + " to "
+ _newVersion + ", which will destroy all old data");
_db.execSQL("DROP TABLE IF EXISTS " + "TEMPLATE");
onCreate(_db);
}
package com.database;
import android.content.ContentValues;
import android.database.Cursor;
import android.database.SQLException;
import android.database.sqlite.SQLiteDatabase;
public class LoginDataBaseAdapter {

static final String DATABASE_NAME = "db_senderreciever.db";
static final int DATABASE_VERSION = 1;
public static final int NAME_COLUMN = 1;
static final String DATABASE_CREATE = "CREATE TABLE " + "m_user" + "( "
+ "ID" + "
integer PRIMARY KEY AUTOINCREMENT,"
+
"USERNAME text,PASSWORD text,CELL text,EMAIL text,ROLE text," +
"AESKEY
text); ";
static final String DATABASE_CREATE_RULE="CREATE TABLE " + "
m_encdec" +"("
+ "F_ID" + "
INTEGER PRIMARY KEY AUTOINCREMENT, "
+"SENDER_ID text," +
"RECIEVER
_ID text," +
"ENCRYPT
ED_DATA text);";
public SQLiteDatabase db;

private final Context context;
private DataBaseHelper dbHelper;
public LoginDataBaseAdapter(Context _context)

{
context = _context;
dbHelper = new DataBaseHelper(context, DATABASE_NAME,
null,DATABASE_VERSION);
}
public LoginDataBaseAdapter open() throws SQLException

{
db = dbHelper.getWritableDatabase();
return this;
}
public void close() {
db.close();
}
public SQLiteDatabase getDatabaseInstance() {

return db;
}
public void insertEntry(String userName, String password,String cell,String

email,String role,String aeskey)
{
ContentValues newValues = new ContentValues();
newValues.put("USERNAME", userName);
newValues.put("PASSWORD", password);
newValues.put("CELL", cell);
newValues.put("EMAIL", email);
newValues.put("ROLE", role);
newValues.put("AESKEY", aeskey);
db.insert("m_user", null, newValues);
public int deleteRuleEntry(int role_id)

{
String where = "ROLL_ID=?";

int numberOFEntriesDeleted = db.delete("m_rule", where,new String[]
{ String.valueOf(role_id) });
return numberOFEntriesDeleted;
public int deleteRuleEntry()

{
int numberOFEntriesDeleted = db.delete("m_user", null,null);
return numberOFEntriesDeleted;
}
public String getSinlgeEntry(String userName,String pwd,String role)

{
Cursor cursor = db.query("m_user", null, " USERNAME=?and
PASSWORD=?and ROLE=?",new String[] { userName,pwd,role }, null, null, null);
if (cursor.getCount() < 1)
{
cursor.close();
return "NOT EXIST";
}
return "SUCCESS";
}
public String getSinlgeEntryReciver(String userName,String pwd,String role)

{
Cursor cursor = db.query("m_user", null, " USERNAME=?and
PASSWORD=?and ROLE=?",new String[] { userName,pwd,role }, null, null, null);
{
cursor.close();
return "NOT EXIST";
}
return "SUCCESS";
}
public String checkexistanceofsenderreciever(String sender,String rec,String role)

{
Cursor cursor = db.query("m_encdec", null, " SENDER_ID=?and
RECIEVER_ID=?",new String[] { sender,rec }, null, null, null);
{
cursor.close();
return "NOT EXIST";
}
return "SUCCESS";
}
public String getSinlgeEntryCheck(String userName)

{
Cursor cursor = db.query("m_roll", null, " USERNAME=?",new String[]
{ userName }, null, null, null);
{
cursor.close();
return "NOT EXIST";
}
return "SUCCESS";
}
public String getSinlgeEntry_RULE(String userName,String pwd)

{
Cursor cursor = db.query("m_roll", null, " USERNAME=?and
PASSWORD=?",new String[] { userName,pwd }, null, null, null);
{
cursor.close();
return "NOT EXIST";
}
return "SUCCESS";
}
public Cursor gersenderkey(String sender, String role) {

String itemname ="";
/* String query = "SELECT AESKEY FROM m_user WHERE USERNAME = ?
and ROLE = ?";
String[] parameters = new String[] { sender ,role};
*///Cursor cursor = db.rawQuery(query, parameters);
Cursor cursor = db.query("m_user", new String[] { "AESKEY" },
"USERNAME=? and ROLE=?", new String[] { sender, role }, null, null, null);
/*if (cursor.moveToFirst()) {
do {
itemname = cursor.getString(cursor.getColumnIndex("AESKEY"));
}while (cursor.isAfterLast() != true);
}*/
return cursor;
}
public Cursor getreciever(String role) {

String itemname="";
//String query = "SELECT USERNAME FROM m_user WHERE ROLE =
'"+role+"' ";
//String[] parameters = new String[] {role};
Cursor c = db.query("m_user", new String[] { "USERNAME" }, "ROLE=?",
new String[] { role }, null, null, null);
return c;
}
public int getUserId(String userName) {
String query = "SELECT ROLL_ID FROM m_roll WHERE USERNAME = ?";

String[] parameters = new String[] { userName };
Cursor cursor = db.rawQuery(query, parameters);
if (cursor.moveToFirst())
return cursor.getInt(0);
else
return -1; // not found
}
public String getUserMobile(String userName) {
String query = "SELECT CELL FROM m_roll WHERE USERNAME = ?";

return cursor.getString(0);
else
return null; // not found
}
public String getUserPassword(String userName) {

String query = "SELECT PASSWORD FROM m_roll WHERE USERNAME
= ?";
return cursor.getString(0);
else
return null; // not found
}
public int insertRuleTable(String userName) {
String query = "SELECT ROLL_ID FROM m_roll WHERE USERNAME = ?";

return cursor.getInt(0);
else
return -1; // not found
}
public String getViewRuleTable(int rollid) {
String query = "SELECT * FROM m_rule WHERE ROLL_ID = ?";

String[] parameters = new String[] { String.valueOf(rollid) };
{
System.out.println(""+cursor.getInt(0)+"|"+cursor.getInt(1)+"|"+cursor.getString(2)+"|"+
cursor.getString(3));
System.out.println(""+cursor.getString(4)+"|"+cursor.getString(5)+"|"+cursor.getString(6
)+"|"+cursor.getString(7)+"|"+cursor.getString(8)+"|"+cursor.getString(9)+"|"+cursor.get
String(10));
return
cursor.getInt(0)+"~"+cursor.getInt(1)+"~"+cursor.getString(2)+"~"+cursor.getString(3)+"
~"+cursor.getString(4)+"~"+cursor.getString(5)+"~"+cursor.getString(6)+"~"+cursor.getS
tring(7)+"~"+cursor.getString(8)+"~"+cursor.getString(9)+"~"+cursor.getString(10);
}
else
return "NoRecordFound"; // not found
}
public void updateEntry(String userName, String password) {

ContentValues updatedValues = new ContentValues();
updatedValues.put("USERNAME", userName);
updatedValues.put("PASSWORD", password);
String where = "USERNAME = ?";

db.update("m_roll", updatedValues, where, new String[] { userName });
}
public void insertRuleTable(int roll_id, String username,String start_time, String

end_time, String action,String device_status, String location, String latitude,String
longitude,String distance)
{
// TODO Auto-generated method stub
System.out.println("===========insertion ========");
ContentValues newValues = new ContentValues();

newValues.put("ROLL_ID", roll_id);
newValues.put("RULE_NAME", username);
newValues.put("TIME_START", start_time);
newValues.put("TIME_END", end_time);
newValues.put("RULE_DEVICE", device_status);
newValues.put("RULE_ACTION", action);
newValues.put("RULE_LOCATION", location);
newValues.put("RULE_LATITUDE", latitude);
newValues.put("RULE_LONGITUDE", longitude);
newValues.put("DISTANCE", distance);
db.insert("m_rule", null, newValues);
}
public Cursor selectReciver()

{
String role = "reciver";
//String query = "SELECT USERNAME FROM m_user WHERE ROLE =
'"+role+"'";
String query = "SELECT USERNAME FROM m_user";
String[] parameters = new String[] {role};
Cursor cursor = db.rawQuery(query, null);
return cursor;
}
public long addEncData(String sender, String reciver, String encdata)
{
long i = 0;
String senderid = "";
String reciverid = "";
Cursor c = db.query("m_encdec", new String[] { "*" }, "SENDER_ID=?and
RECIEVER_ID=?", new String[] { sender,reciver }, null, null, null);
if (c.moveToFirst()){
do {
senderid=c.getString(c.getColumnIndex("SENDER_ID"));
reciverid=c.getString(c.getColumnIndex("RECIEVER_ID"));
}while (c.moveToNext());
/*if(sender.equals(senderid) && reciver.equals(reciverid))

{*/
ContentValues cv = new ContentValues();
cv.put("SENDER_ID", sender);
cv.put("RECIEVER_ID", reciver);
cv.put("ENCRYPTED_DATA", encdata);
i = db.update("m_encdec", cv, "SENDER_ID=? and
RECIEVER_ID=?", new String[] { sender,reciver });
}
else
{
ContentValues cv = new ContentValues();
cv.put("SENDER_ID", sender);
cv.put("RECIEVER_ID", reciver);
cv.put("ENCRYPTED_DATA", encdata);
i = db.insert("m_encdec", null, cv);
}
return i;
}
public Cursor getDecrypetData(String reciver) {

Cursor c = db.query("m_encdec", new String[] { "*" },
"RECIEVER_ID=?", new String[] { reciver }, null, null, null);
return c;
}
/*public Cursor getEncKey(String senderid, String role)

{
Cursor c = db.query("m_user", new String[] { "*" }, "RECIEVER_ID=?",
new String[] { reciver }, null, null, null);
return c;
}*/
AES Encryption Techniques:

package com.example.senderreciever_app;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class AES
{
private byte[] key;
private static final String ALGORITHM = "AES";
public AES(byte[] key)

{
this.key = key;
}
/**
* Encrypts the given plain text
*
* @param plainText The plain text to encrypt
*/
public byte[] encrypt(byte[] plainText) throws Exception
{
SecretKeySpec secretKey = new SecretKeySpec(key, ALGORITHM);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return cipher.doFinal(plainText);
}
/**
* Decrypts the given byte array
*
* @param cipherText The data to decrypt
*/
public byte[] decrypt(byte[] cipherText) throws Exception
{
SecretKeySpec secretKey = new SecretKeySpec(key, ALGORITHM);
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return cipher.doFinal(cipherText);
}
}
package com.example.senderreciever_app;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.http.NameValuePair;
import org.apache.http.message.BasicNameValuePair;
import com.HttpClient.CustomHttpClient;
import com.HttpClient.Global;
import com.database.LoginDataBaseAdapter;
import android.os.Bundle;
import android.os.StrictMode;
import android.view.View.OnClickListener;
import android.app.Activity;
import android.content.Intent;
import android.view.View;
import android.widget.ArrayAdapter;
import android.widget.Button;
import android.widget.EditText;
import android.widget.Spinner;
import android.widget.Toast;
public class Ip extends Activity {

EditText ipp, editTextPassword,editTextCell,editTextEmail,
editTextConfirmPassword,rolee;
Button slogin,rlogin,reg,deletesender;
Context context = this;
String AesKey="";
LoginDataBaseAdapter loginDataBaseAdapter;
String role="";
public static String ip="";

Spinner spin;
String[] country = { "sender", "reciever", };
private Button ppp;
@Override
protected void onCreate(Bundle savedInstanceState)
{
super.onCreate(savedInstanceState);
setContentView(R.layout.ip);
if (android.os.Build.VERSION.SDK_INT > 9) {
StrictMode.ThreadPolicy policy =
new StrictMode.ThreadPolicy.Builder().permitAll().build();
StrictMode.setThreadPolicy(policy);
}
loginDataBaseAdapter = new LoginDataBaseAdapter(this);
loginDataBaseAdapter = loginDataBaseAdapter.open();
ipp = (EditText) findViewById(R.id.ip);
ppp = (Button)findViewById(R.id.pp);
ppp.setOnClickListener(new OnClickListener() {
@Override
public void onClick(View v) {
ip= ipp.getText().toString();

Intent il = new Intent(Ip.this, MainActivity.class);
startActivity(il);
}
});
}
public void addListenerOnSpinnerItemSelection(){
spin.setOnItemSelectedListener(new CustomOnItemSelectedListener());
}
// validating email id
private boolean isValidEmail(String email) {
String EMAIL_PATTERN = "^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]
+)*@"
+ "[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$";
Pattern pattern = Pattern.compile(EMAIL_PATTERN);

Matcher matcher = pattern.matcher(email);
return matcher.matches();
}
// validating Phone
public static boolean isValidPhone(String phone)
{
String expression = "[0-9]{10}$";
CharSequence inputString = phone;
Pattern pattern = Pattern.compile(expression);
Matcher matcher = pattern.matcher(inputString);
if (matcher.matches())
{
return true;
}
else{
return false;
}
}
@Override
protected void onDestroy() {
super.onDestroy();
loginDataBaseAdapter.close();
}
}
Results
Conclusion
We have proposed a new protocol for secure SMS communications

between two parties with dynamical working key generation. It is based
on standard secure algorithms and hence it has the needed security.
Secure communication between two users by public channel, the AES
algorithm can be used. For more secure communication by public
channel, a digital signature should be applied. Finally, by using a
private channel for Initial Session Key exchange, the best security can
be obtained.
We proposed above usage of standard cryptographic algorithms,

AES,but the protocol can be implemented by using other cryptographic
algorithms as well.
References
1. Recommended elliptic curves for federal government use. National Institute of
Standards and Technology (1999), available at http://csrc.nist.gov/encryption
2. Speci cation for the advanced encryption standard (aes). Fed-

eral Information Processing Standards Publication 197 (2001),
http://csrc.nist.gov/publications/ ps/ ps197/ ps-197.pdf
3. Albuja, J.P., Carrera, E.V.: Trusted sms communication on mo-
bile devices. Proceedings of the IEEE pp. 165{170 (2002),
4. Daemen, J., Rijmen, V.: The design of Rijndael:AES | the Advanced Encryption
Standard. Springer-Verlag (2002)
5. Hassinen, M., Markovski, S.: Secure sms messaging using quasigroup encryption
and java sms api. In: SPLST. pp. 187{ (2003)
6. Herlin, H.: Method for secure communication in a telecommunications system

(2000)
7. Lisonek, D., Drahansky, M.: Sms encryption for mobile communication. In: Pro-
ceedings of the 2008 International Conference on Security Technology. pp.
198{ 201. SECTECH '08, IEEE Computer Society, Washington, DC, USA (2008),
http://dx.doi.org/10.1109/SecTech.2008.48
8. Luo, T.: Method for sending a secure message in a telecommunications system

(1999)
9. RATSHINANGA, H., LO, J., BISHOP, J.: A security mechanism for secure sms
communication. In: Conference of the South African Institute of Computer Scien-

tists and Information Technologists
10. Research, C.: Standards for e cient cryptography, SEC 1: Elliptic curve cryptog-
raphy (Sep 2000)

Sender Reciever

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Sender Reciever

Caricato da

Copyright:

Formati disponibili

A Secure SMS Communication for Android OS

Keywords: End-to-end Security, Encryption, Mobile Communication, EasySMS.

1) R. E. Anderson et al., “Experiences with a transportation information

SECUREDSMS: A PROTOCOL FOR SMS SECURITY

SMSAssassin: Crowdsourcing Driven Mobile-based System for SMS Spam Filtering

Experiences with bulk SMS for health financing in Uganda

A system is an orderly group of interdependent components linked together according to a plan

Disadvantages of Existing system:

In Proposed system there is encryption technique we are using so that it

 The facility to produce outputs in a given time.

 Ability to process a certain column of transaction at a particular speed.

 What changes will be brought with the system?

 What organizational structures are distributed?

 What new skills will be required?

 Do the existing system staff members have these skills?

 If not, can they be trained in the course of time?

5.1 Hardware Requirement

5.2 Software Requirements

 Operating System : Win 2000/ XP

1. Where am I? – The interface should (1) provide an indication of the WebApp

3. Where have I been; where am I going? – The interface must facilitate

The activities of the Design process:

1. Interface design-describes the structure and organization of the user interface.

5. Architecture design-identifies the overall hypermedia structure for the WebApp.

a. Content architecture, focuses on the manner in which content objects and

b. WebApp architecture, addresses the manner in which the application is structure

J2EE uses MVC Architecture

User Registration module: user needs to be registered for the

Disadvantages of existing system:

public class CommonDAO {

private static Connection connection = null;

public static boolean deleteuser()

public static boolean CheckUserLogin(String username, String password)

public static String selectdata(String username, String role)

public static List<String> selectCategory()

public static String selectcategoryId(String categoryName)

public static List<String> getTrunsuctionId()

public class Database {

public class Distance

/* Best Distance Calculation Formulla(Ends) */

private static double deg2rad(double deg)

private static double rad2deg(double rad)

// Testing The Development

double lat1 = 12.931818;

//distance = Distance.getDistance(lat1, lon1, lat2, lon2);

public class DataBaseHelper extends SQLiteOpenHelper

public class LoginDataBaseAdapter {

public SQLiteDatabase db;

public LoginDataBaseAdapter(Context _context)

public LoginDataBaseAdapter open() throws SQLException

public SQLiteDatabase getDatabaseInstance() {

public void insertEntry(String userName, String password,String cell,String

public int deleteRuleEntry(int role_id)

String where = "ROLL_ID=?";

public int deleteRuleEntry()

public String getSinlgeEntry(String userName,String pwd,String role)

public String getSinlgeEntryReciver(String userName,String pwd,String role)

public String checkexistanceofsenderreciever(String sender,String rec,String role)

public String getSinlgeEntryCheck(String userName)

public String getSinlgeEntry_RULE(String userName,String pwd)

public Cursor gersenderkey(String sender, String role) {

public Cursor getreciever(String role) {

public int getUserId(String userName) {

String query = "SELECT ROLL_ID FROM m_roll WHERE USERNAME = ?";