valid points about whether or not normal users will want to use a separate application for sending normal messages to other human beings.

Exactly as Kiram said, only some users would have a compelling enough reason for security, such as top executives or government ministers who have a duty to keep certain communications confidential.

From an integration point of view, the incoming encrypted SMS messages can auto-start the application, so that the user doesn’t have to fire up the application separately to receive messages. If a mobile operator or manufacturer were to pre-install the application, it could be more tightly coupled with the phone’s UI, but we don’t assume that.

Our person to person messaging system (which is not publicly available yet) does not go via a central server – that would mean that all of your security depends on that server, which would be foolish. We use PKI with RSA to exchange keys. We get 120 characters in the first message, and 154 characters in subsequent messages.

However the main thing we use encrypted SMS for is not person to person messaging, but for application to server messages for normal retail services, such as selling train tickets, or international money transfer. The application tries to use GPRS, and if that fails, it automatically switches over to encrypted SMS (must be encrypted to protect your Credit Card Details). This means that m-commerce can be used in all sorts of situations where GPRS would not work, or for users that have no data in their call plan.

Ben.

I should have clarified above when I said most of the SMS people don’t care about encryption; I said that because the majority of texters are young folks, who don’t care.

But sure, there are some who will; government, businesses, and people with extra marital affairs LOL

ceo

But as usually with security it affects usability and most “normal” users will tend to put usability and knowing their system above security.