Secure machine-type communications in LTE networks

Chengzhe Lai, Rongxing Lu, Hui Li, Dong Zheng, Xuemin Sherman Shen
2015 Wireless Communications and Mobile Computing  
With a great variety of potential applications, machine-type communications (MTC) is gaining a tremendous interest from mobile network operators and research groups. MTC is standardized by the 3rd Generation Partnership Project (3GPP), which has been regarded as the promising solution facilitating machine-to-machine communications. In the latest standard, 3GPP proposes a novel architecture for MTC, in which the MTC server is located outside the operator domain. However, the connection between
more » ... onnection between the 3GPP core network and MTC server in this scenario is insecure; consequently, there are distrustful relationships among MTC device, core network, and MTC server. If the security issue is not well addressed, all applications involved in MTC cannot be put into the market. To address this problem, we propose an end-to-end security scheme for MTC based on the proxy-signature technique, called E 2 SEC. Specifically, both the MTC device and MTC server can establish strong trustful relationships with each other by using the proxy signatures issued by the 3GPP core network. Moreover, we present some implementation considerations of E 2 SEC and analyze the performance during authentication by comparing the operational cost of three cases that apply three different signature algorithms, that is, ElGamal, Schnorr, and DSA. Through security analysis by using Automatic Cryptographic Protocol Verifier (ProVerif), we conclude that the proposed E 2 SEC scheme can achieve the security goals and prevent various security threats. Copyright applications of M2M communications, for example, home multimedia distribution and sharing, intelligent transportation systems, and eHealthcare. Nowadays, M2M communications has become one of the most popular technologies in the standardization and industry areas. Many standards forums and organizations have actively engaged in M2M standard development, including the Communications Standards Association, oneM2M, Third Generation Partnership Project (3GPP), and 3GPP2. In release 10 of 3GPP, M2M communications is also called machine-type communication (MTC) [32], which works in the long-term evolution (LTE) networks. The scenarios of 3GPP have been regarded as the promising solution facilitating M2M communications [8] . Recently, the majority of studies on MTC have focused on congestion control, resource management, sensing, computing, and controlling technologies. [9, [20] [21] [22] 28, 34] . Indeed, cyber security is of paramount importance in MTC because all applications involved in MTC cannot be put into the market without security guarantee. In the existing literature, Lu et al. [23] point out that the existing challenges of M2M, that is, energy efficiency (green), reliability and security. Bailey [2] analyzes M2M's impact on privacy and safety. Taleb et al. [29] present some potential challenges and solutions of MTC in 3GPP networks. Our previous works [15] [16] [17] [18] also discuss the related security issues on M2M communications, for example, group access authentication and key agreement and efficient data authentication. In standardization, some security threats and candidate solutions for MTC have been introduced in 3GPP TR 33.868 [30] , including MTC device (MTCD) triggering, secure connection, security of small data transmission, and external interface security. Besides, one of the most important requirements of security is that the network operator should be able to provide efficient security protection for connection between the MTCD and MTC server (MTCS)/MTC application server. 3GPP TS 22.368
doi:10.1002/wcm.2612 fatcat:jsp652qhangwxlowtud4lvruvq