Article Title

Password-Based SIMSec Protocol


The purpose of the SIMSec protocol is to provide the infrastructure to enable secured access between the SIM (Subscriber Identity Module) card which doesn’t have an ephemeral key installed during production and the service provider. This infrastructure has a form based on agreements among the mobile network manufacturer, the user, the service provider and the card manufacturer. In order to secure transactions, authentication methods are used based on the fact that both parties can verify that they are the parties they claim to be. In this study, the key exchange and authentication models in the literature have been surveyed and the password-based authentication model is chosen. For the SIMSec protocol, the password-based authentication algorithm is integrated into the SIMSec protocol. Thanks to the proposed new structure, phase differences in the SIMSec protocol are shown. As a result, a new key exchange protocol is proposed for SIM cards.