SMS-Based Disaster Alert System with Integrated Cryptographic Security
Article Information
Abstract
Natural disasters are on a rise all over the world, and these have pointed out vulnerabilities in existing Public Warning Systems, which fail during crises when they become choked with information, and it is not very efficient for people using basic mobile technology. The standard Short Message Service is widely accepted and in practice but lacks basic authentication, which makes this service a highly vulnerable target for Denial of Service (DoS) attacks and message spoofing attacks. This research proposes a Disaster Alert System with an advanced Cryptographic Security system over SMS notifications for authenticated and safe transfer of information. The major highlight is a security system capable of functioning under resource-constrained systems. The system utilizes a robust 4096-bit key and RSA/ECDSA encryption methods for providing a high level of integrity. This solution has proved to be resilient under simulated critical disaster situations in terms of latency performance in encryption speed. The system has undergone thorough testing and proved to possess strong reliability and stability. Furthermore, this system can be deployed with relative ease, which confirms scalability capabilities in covering a country-wide warning system. This research successfully tackled the SMS security vulnerability to present a secure and efficient model which can transform the conventional Short Message Service into a reliable public warning service platform.
Graphical Abstract
Keywords
Data Availability Statement
Funding
Conflicts of Interest
AI Use Statement
Ethical Approval and Consent to Participate
References
- Lee, G., Lee, J., Lee, J., Im, Y., Hollingsworth, M., Wustrow, E., ... & Ha, S. (2019, June). This is your president speaking: Spoofing alerts in 4G LTE networks. In Proceedings of the 17th Annual International Conference on Mobile Systems, Applications, and Services (pp. 404-416).
[CrossRef] [Google Scholar] - Bitsikas, E., & Pöpper, C. (2022, December). You have been warned: Abusing 5G’s Warning and Emergency Systems. In Proceedings of the 38th Annual Computer Security Applications Conference (pp. 561-575).
[CrossRef] [Google Scholar] - Lee, J., Lee, G., Lee, J., Im, Y., Hollingsworth, M., Wustrow, E., ... & Ha, S. (2021). Securing the wireless emergency alerts system. Communications of the ACM, 64(10), 85-93.
[CrossRef] [Google Scholar] - Boneh, D., & Waters, B. (2006, October). A fully collusion resistant broadcast, trace, and revoke system. In Proceedings of the 13th ACM conference on Computer and communications security (pp. 211-220).
[CrossRef] [Google Scholar] - Boneh, D., Gentry, C., & Waters, B. (2005, August). Collusion resistant broadcast encryption with short ciphertexts and private keys. In Annual international cryptology conference (pp. 258-275). Berlin, Heidelberg: Springer Berlin Heidelberg.
[CrossRef] [Google Scholar] - Byun, Y.-K., Chang, S., & Choi, S. J. (2021). An Emergency Alert Broadcast Based on the Convergence of 5G and ATSC 3.0. Electronics, 10(6), 758.
[CrossRef] [Google Scholar] - Zhang, H., Zhang, R., & Sun, J. (2025). Developing real-time IoT-based public safety alert and emergency response systems. Scientific Reports, 15(1), 29056.
[CrossRef] [Google Scholar] - Liu, X., Sutton, P. R., McKenna, R., Sinanan, M. N., Fellner, B. J., Leu, M. G., & Ewell, C. (2019). Evaluation of secure messaging applications for a health care system: a case study. Applied clinical informatics, 10(01), 140-150.
[CrossRef] [Google Scholar] - OASIS. (2010, July 1). Common Alerting Protocol (CAP) v1.2 (OASIS Standard). Retrieved from https://docs.oasis-open.org/emergency/cap/v1.2/CAP-v1.2-os.html
[Google Scholar] - Smith, K. R., Grant, S., & Thomas, R. E. (2022). Testing the public’s response to receiving severe flood warnings using simulated cell broadcast. Natural hazards, 112(2), 1611-1631.
[CrossRef] [Google Scholar] - Dworkin, M. (2019). Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC (NIST Special Publication 800-38D).
[CrossRef] [Google Scholar] - Bellare, M., & Rogaway, P. (1994, May). Optimal asymmetric encryption. In Workshop on the Theory and Application of of Cryptographic Techniques (pp. 92-111). Berlin, Heidelberg: Springer Berlin Heidelberg.
[CrossRef] [Google Scholar] - Johnson, D., Menezes, A., & Vanstone, S. (2001). The elliptic curve digital signature algorithm (ECDSA). International journal of information security, 1(1), 36-63.
[CrossRef] [Google Scholar] - Fujisaki, E., Okamoto, T., Pointcheval, D., & Stern, J. (2001, August). RSA-OAEP is secure under the RSA assumption. In Annual International Cryptology Conference (pp. 260-274). Berlin, Heidelberg: Springer Berlin Heidelberg.
[CrossRef] [Google Scholar] - McGrew, D., & Viega, J. (2004). The Galois/Counter Mode of Operation (GCM) (NIST Special Publication 800-38D).
[CrossRef] [Google Scholar] - Rogaway, P. (2002, November). Authenticated-encryption with associated-data. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 98-107).
[CrossRef] [Google Scholar] - Niwa, Y., Ohashi, K., Minematsu, K., & Iwata, T. (2015, March). GCM security bounds reconsidered. In International Workshop on Fast Software Encryption (pp. 385-407). Berlin, Heidelberg: Springer Berlin Heidelberg.
[CrossRef] [Google Scholar] - Brown, D. R. L. (2005). Generic Groups, Collision Resistance, and ECDSA. Designs, Codes and Cryptography, 35(1), 119-152.
[CrossRef] [Google Scholar] - Barker, E., Chen, L., Keller, S., Roginsky, A., Vassilev, A., & Davis, R. (2017). Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography (No. NIST Special Publication (SP) 800-56A Rev. 3 (Withdrawn)). National Institute of Standards and Technology.
[CrossRef] [Google Scholar] - International Organization for Standardization. (2018). Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms (ISO/IEC 14888-3:2018). Retrieved from https://www.iso.org/standard/76382.html
[Google Scholar] - Shaik, A., Borgaonkar, R., Park, S., & Seifert, J.-P. (2019). New vulnerabilities in 4G and 5G cellular access network protocols: exposing device capabilities. In Proceedings of the 12th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '19). Miami, FL, USA.
[CrossRef] [Google Scholar] - Fonyi, S. (2020). Overview of 5G security and vulnerabilities. The Cyber Defense Review, 5(1), 117-134.
[Google Scholar] - Patel, S. K., Verma, S. B., Gupta, B. K., Singh, S., Naresh, E., & Pareek, P. K. (2025). Advances in authentication and security protocols for 5G networks: a comprehensive survey. Discover Applied Sciences, 7(7), 743.
[CrossRef] [Google Scholar] - Abdouli, A. A., Bellini, E., Caullery, F., Manzano, M., & Mateu, V. (2019, July). Rank-metric Encryption on Arm-Cortex M0: Porting code-based cryptography to lightweight devices. In Proceedings of the 6th on ASIA Public-Key Cryptography Workshop (pp. 23-30).
[CrossRef] [Google Scholar] - Suárez-Albela, M., Fraga-Lamas, P., & Fernández-Caramés, T. M. (2018). A practical evaluation on RSA and ECC-based cipher suites for IoT high-security energy-efficient fog and mist computing devices. Sensors, 18(11), 3868.
[CrossRef] [Google Scholar] - Thakor, V. A., Razzaque, M. A., & Khandaker, M. R. (2020). Lightweight cryptography for IoT: A state-of-the-art. arXiv preprint arXiv:2006.13813.
[Google Scholar] - Debnath, S., Arif, W., Roy, S., Baishya, S., & Sen, D. (2022). A comprehensive survey of emergency communication network and management. Wireless Personal Communications, 124(2), 1375-1421.
[CrossRef] [Google Scholar] - Chovanec, D., Kollár, B., & Halúsková, B. (2025). A Component-Based Approach to Early Warning Systems: A Theoretical Model. MDPI Applied Sciences, 15(6), 3218.
[CrossRef] [Google Scholar] - Mughal, M. A., Luo, X., Ullah, A., Ullah, S., & Mahmood, Z. (2018). A lightweight digital signature based security scheme for human-centered Internet of Things. IEEE Access, 6, 31630-31643.
[CrossRef] [Google Scholar] - Bernstein, D. J., Duif, N., Lange, T., Schwabe, P., & Yang, B. Y. (2012). High-speed high-security signatures. Journal of cryptographic engineering, 2(2), 77-89.
[CrossRef] [Google Scholar] - Wang, H., & Yu, W. E. (2011, July). Comparison between PKI (RSA-AES) and AEAD (AES-EAX PSK) Cryptography Systems for Use in SMS-Based Secure Transmissions. In International Conference on Networked Digital Technologies (pp. 1-12). Berlin, Heidelberg: Springer Berlin Heidelberg.
[CrossRef] [Google Scholar] - Sancar, A., & CiyLan, B. (2018). Implementation of Message Encryption Algorithms in Real Time Closed Network Systems. Gazi University Journal of Science Part A: Engineering and Innovation, 5(3), 89-100.
[Google Scholar]
Cite This Article
TY - JOUR AU - Ejaz, Emaar AU - Khan, Fadia Ali AU - Ahmed, Waqas AU - Shafiq, Shaloom PY - 2026 DA - 2026/04/17 TI - SMS-Based Disaster Alert System with Integrated Cryptographic Security JO - ICCK Transactions on Information Security and Cryptography T2 - ICCK Transactions on Information Security and Cryptography JF - ICCK Transactions on Information Security and Cryptography VL - 2 IS - 2 SP - 82 EP - 100 DO - 10.62762/TISC.2026.121086 UR - https://www.icck.org/article/abs/TISC.2026.121086 KW - SMS communication KW - RSA KW - secure emergency messaging KW - AES GCM KW - ECDSA KW - key management KW - SMS Channel KW - DoS AB - Natural disasters are on a rise all over the world, and these have pointed out vulnerabilities in existing Public Warning Systems, which fail during crises when they become choked with information, and it is not very efficient for people using basic mobile technology. The standard Short Message Service is widely accepted and in practice but lacks basic authentication, which makes this service a highly vulnerable target for Denial of Service (DoS) attacks and message spoofing attacks. This research proposes a Disaster Alert System with an advanced Cryptographic Security system over SMS notifications for authenticated and safe transfer of information. The major highlight is a security system capable of functioning under resource-constrained systems. The system utilizes a robust 4096-bit key and RSA/ECDSA encryption methods for providing a high level of integrity. This solution has proved to be resilient under simulated critical disaster situations in terms of latency performance in encryption speed. The system has undergone thorough testing and proved to possess strong reliability and stability. Furthermore, this system can be deployed with relative ease, which confirms scalability capabilities in covering a country-wide warning system. This research successfully tackled the SMS security vulnerability to present a secure and efficient model which can transform the conventional Short Message Service into a reliable public warning service platform. SN - 3070-2429 PB - Institute of Central Computation and Knowledge LA - English ER -
@article{Ejaz2026SMSBased,
author = {Emaar Ejaz and Fadia Ali Khan and Waqas Ahmed and Shaloom Shafiq},
title = {SMS-Based Disaster Alert System with Integrated Cryptographic Security},
journal = {ICCK Transactions on Information Security and Cryptography},
year = {2026},
volume = {2},
number = {2},
pages = {82-100},
doi = {10.62762/TISC.2026.121086},
url = {https://www.icck.org/article/abs/TISC.2026.121086},
abstract = {Natural disasters are on a rise all over the world, and these have pointed out vulnerabilities in existing Public Warning Systems, which fail during crises when they become choked with information, and it is not very efficient for people using basic mobile technology. The standard Short Message Service is widely accepted and in practice but lacks basic authentication, which makes this service a highly vulnerable target for Denial of Service (DoS) attacks and message spoofing attacks. This research proposes a Disaster Alert System with an advanced Cryptographic Security system over SMS notifications for authenticated and safe transfer of information. The major highlight is a security system capable of functioning under resource-constrained systems. The system utilizes a robust 4096-bit key and RSA/ECDSA encryption methods for providing a high level of integrity. This solution has proved to be resilient under simulated critical disaster situations in terms of latency performance in encryption speed. The system has undergone thorough testing and proved to possess strong reliability and stability. Furthermore, this system can be deployed with relative ease, which confirms scalability capabilities in covering a country-wide warning system. This research successfully tackled the SMS security vulnerability to present a secure and efficient model which can transform the conventional Short Message Service into a reliable public warning service platform.},
keywords = {SMS communication, RSA, secure emergency messaging, AES GCM, ECDSA, key management, SMS Channel, DoS},
issn = {3070-2429},
publisher = {Institute of Central Computation and Knowledge}
}
Article Metrics
Publisher's Note
ICCK stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and Permissions
Portico