Password-Based SimSec Protocol

Abstract

The purpose of the SIMSec protocol is to provide the infrastructure to enable secured access between theSIM (Subscriber Identity Module) card which doesn’t have an ephemeral key installed during productionand the service provider. This infrastructure has a form based on agreements among the mobile networkmanufacturer, the user, the service provider and the card manufacturer. In order to secure transactions,authentication methods are used based on the fact that both parties can verify that they are the partiesthey claim to be. In this study, the key exchange and authentication models in the literature have beensurveyed and the password-based authentication model is chosen. For the SIMSec protocol, thepassword-based authentication algorithm is integrated into the SIMSec protocol. Thanks to the proposednew structure, phase differences in the SIMSec protocol are shown. As a result, a new key exchangeprotocol is proposed for SIM cards.