QuSIM-Enhanced GSM Security: A Quantum Prover Authentication Protocol (QuPAP) for Mobile Communication

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2025-03-18 DOI:10.1109/JIOT.2025.3551679

Mansoor Ali Khan;Muhammad Naveed Aman;Biplab Sikdar

{"title":"QuSIM-Enhanced GSM Security: A Quantum Prover Authentication Protocol (QuPAP) for Mobile Communication","authors":"Mansoor Ali Khan;Muhammad Naveed Aman;Biplab Sikdar","doi":"10.1109/JIOT.2025.3551679","DOIUrl":null,"url":null,"abstract":"As the world rapidly embraces quantum technologies, the need for robust quantum security protocols becomes increasingly paramount. Quantum key distribution (QKD) has been at the forefront of secure key exchange, but establishing a root of trust remains unaddressed. This research article presents a pioneering approach for global system for mobile communications (GSM) that bridges the gap between QKD and device identity verification. Our approach utilizes single-qubit states and amplitude encoding, integrating the BB84 protocol to securely share secret keys between entities. We implement two-factor authentication (2FA) to further protect against attacks and unauthorized access. Unlike entangled state-based schemes that require quantum memory and face practical implementation challenges, our single-qubit approach avoids these issues, making it feasible with current technology. Central to our approach is the verification of the subscriber identity module (SIM) card holder’s authenticity using the quantum prover authentication protocol (QuPAP) at the mobile authentication Center. This quantum cryptography-based process enhances GSM communication security and can be integrated into existing networks with minimal modifications. Our proposed smartphone, equipped with dual SIM capabilities—one conventional (cSIM) and one quantum (QuSIM)—ensures compatibility with both current and future networks, allowing the benefits of quantum security without requiring a complete system overhaul. By integrating quantum security into classical GSM protocols, our scheme not only enhances security but also addresses crucial aspects of device identity authentication, attestation, and trust establishment. The security and performance analysis of the QuPAP prototype demonstrates a quantum leap in mobile security, fostering a future of trust, privacy, and resilience in the ever-evolving landscape of communication technologies.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 13","pages":"23036-23060"},"PeriodicalIF":8.9000,"publicationDate":"2025-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10929746/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

As the world rapidly embraces quantum technologies, the need for robust quantum security protocols becomes increasingly paramount. Quantum key distribution (QKD) has been at the forefront of secure key exchange, but establishing a root of trust remains unaddressed. This research article presents a pioneering approach for global system for mobile communications (GSM) that bridges the gap between QKD and device identity verification. Our approach utilizes single-qubit states and amplitude encoding, integrating the BB84 protocol to securely share secret keys between entities. We implement two-factor authentication (2FA) to further protect against attacks and unauthorized access. Unlike entangled state-based schemes that require quantum memory and face practical implementation challenges, our single-qubit approach avoids these issues, making it feasible with current technology. Central to our approach is the verification of the subscriber identity module (SIM) card holder’s authenticity using the quantum prover authentication protocol (QuPAP) at the mobile authentication Center. This quantum cryptography-based process enhances GSM communication security and can be integrated into existing networks with minimal modifications. Our proposed smartphone, equipped with dual SIM capabilities—one conventional (cSIM) and one quantum (QuSIM)—ensures compatibility with both current and future networks, allowing the benefits of quantum security without requiring a complete system overhaul. By integrating quantum security into classical GSM protocols, our scheme not only enhances security but also addresses crucial aspects of device identity authentication, attestation, and trust establishment. The security and performance analysis of the QuPAP prototype demonstrates a quantum leap in mobile security, fostering a future of trust, privacy, and resilience in the ever-evolving landscape of communication technologies.

查看原文本刊更多论文

qusim增强的GSM安全：用于移动通信的量子证明者认证协议（QuPAP）

随着世界迅速接受量子技术，对强大的量子安全协议的需求变得越来越重要。量子密钥分发（QKD）一直处于安全密钥交换的前沿，但是建立信任的根仍然没有得到解决。这篇研究文章提出了全球移动通信系统（GSM）的一种开创性方法，该方法弥合了QKD和设备身份验证之间的差距。我们的方法利用单量子比特状态和幅度编码，集成BB84协议在实体之间安全地共享密钥。我们实施双因素身份验证（2FA），以进一步防止攻击和未经授权的访问。与需要量子存储器并面临实际实施挑战的基于纠缠态的方案不同，我们的单量子比特方法避免了这些问题，使其在当前技术下可行。我们方法的核心是在移动身份验证中心使用量子证明者身份验证协议（QuPAP）验证用户身份模块（SIM）卡持有人的真实性。这种基于量子密码的过程提高了GSM通信的安全性，并且可以以最小的修改集成到现有网络中。我们提出的智能手机配备了双SIM卡功能-一个传统（cSIM）和一个量子(QuSIM) -确保与当前和未来的网络兼容，允许量子安全的好处，而无需进行完整的系统检修。通过将量子安全集成到经典GSM协议中，我们的方案不仅提高了安全性，而且解决了设备身份认证、认证和信任建立的关键方面。QuPAP原型的安全性和性能分析展示了移动安全性的巨大飞跃，在不断发展的通信技术领域培养了信任、隐私和弹性的未来。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.