Need for privacy
Need for privacy and security in the digital communications era is growing very
much since several years.
Million users exchange every day several SMSs to communicate fast and cheap, but
a few know vulnerabilities and risks beyond this technology. From one end, carriers
have to store SMSs on their database in clear text. From the other end, sent and
received SMSs are usualy stored in the SIM card and are visible clearly on the mobile
phone. So who can have in his hand a mobile phone for a few minutes could read sent
and received SMSs without any effort violating the owner's privacy. (see Gartner:
"Don't Use SMS for Confidential
Communication")
Message in a Bottle uses the most powerful cryptographic algorithms, such as Elliptic Curve cryptography and AES, to send encrypted SMS in a PGP fashion and enables to protect private SMSs in a special encrypted repository, separated from the canomical mobile phone's SMS repository, accessible only after typing the correct protection PIN.
Integrity and Authentication
GSM specifications doesn't define a mechanism to guarantee the integrity of the SMS and the authenticity of the sender. Infact, is really easy to have access to an SMS-gateway to send an SMS with a fake sender (see "SMS spoofing - Q&A with CCRC staff") o it is really simple intercepting an SMS e modifinying its content before it reaches the recipient. Definetly, when you receive and SMS you cannot trust of its sender and its content.
Message in a Bottle using Elliptic Curve cryptography enables to digitally sign the SMS for authenticating the sender and for verifying the integrity of its content.