SecMsg

eMudhra SecMsg is mobile application designed to secure the SMS channel.[1][2][3] It allows users to send SMS's that are encrypted and signed using PKI technology and ensures that it is decrypted only by the intended user.

eMudhra SecMsg
eMudhra SecMsg
Developer(s)3i Infotech Consumer Services Ltd.
Stable release
2.0.1
Operating systemJava [any MIDP 2.0 mobile]
TypeEncryption
Websitewww.secmsg.emudhra.com

The algorithms used for crypto processes like Signing, Encryption, Decryption are RSA/ECC, AES and SHA.

Technical insight

Key pair generation

The RSA or ECC key pair is generated in the application and stored in the mobile. These keys will be used for all the crypto process like signing, encryption and decryption. The key pair generation is a onetime process and is completely user driven. The user can also use X.509 digital certificates from any certification authority (CA) for the crypto processes mentioned above.

Built-in-security

The user is required to provide the application PIN whenever he wants to gain access to it. The key pair is protected with the key PIN which controls signing, encryption/decryption processes.

Usage areas

Secure communication

SecMsg can be used to send and receive confidential messages.[4][5] Secure communication with peers can be established by exchanging the public key with friends/spouse/colleagues. The public key received from peers will be stored in the application.

Fig.1
Websitewww.secmsg.emudhra.com 

The messages composed by the user will be encrypted with recipient's public key and will land up in the inbox of SecMsg. This message can be decrypted with the intended recipient's private key only.[see Fig.1]

Secure Safe

'My Vault' is an organizer that gives additional security to store personal information that is protected with PIN. All the information stored will be encrypted with the RSA private key.

Two-factor authentication

Any online transaction (Fund transfer, Add payee, Online broking,End of day confirmation)can be acknowledged by digitally signing the transaction details.[6] This ensures confidentiality,integrity and more importantly non repudiation. Acknowledgment of the transaction thus made cannot be repudiated later.

Password/ATM PIN retrieval

Users can use the application for resetting/receiving passwords.[7] Banks can send the ATM PIN/Internet banking passwords as an encrypted text message for which a digitally signed acknowledgment can be received in no time.

Features

  • This application supports multiple X.509 certificates from any certification authority(CA). These digital signatures can also be used for digital signing and encryption/decryption.
  • Logging the history of transactions and messages, access to which requires PIN.
  • Remote data wiping for clearing the contents of the application if the mobile is lost.
  • Uses simplest and ubiquitous communication mode-SMS channel.
  • Low operating cost.
  • Extensive device support.

SecMsg on the News

See also

References

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.