Motivations

Problem

Is it possible to find efficient tools to provide security services at desirable levels for memory/processing/bandwidth constrained scenarios such as SMS over cell phones?

If conventional public key cryptography (PKC) was adopted, one would be faced with significative drawbacks. The RSA-based public keys are very large and undesirable to deploy into the given scenario. Storing many contact's public keys on the cell phone's SIM card chip brings implementation problems since we don't have enough memory. A further con of conventional PKC is that a Public Key Infrastructure (PKI) is required. PKI demands the transmission of large certificates what carries out to higher costs solutions when you have to send them over SMS.

One possible solution

My undergrad work consisted in providing a cheaper and practical solution to this problem, taking advantage of the smaller elliptic curve key sizes and proposing a self-certified signature protocol, minimizing the involved costs in the transmission of SMSs and also processing timings.

An illustrative poster is shown bellow, which was awarded with the Best 2008 Undergrad Work on Information Security by the computer engineering department. Here is the link of the press-release (in portuguese).