| Abstract: | With a great variety of potential applications, machine‐type communications (MTC) is gaining a tremendous interest from mobile network operators and research groups. MTC is standardized by the 3rd Generation Partnership Project (3GPP), which has been regarded as the promising solution facilitating machine‐to‐machine communications. In the latest standard, 3GPP proposes a novel architecture for MTC, in which the MTC server is located outside the operator domain. However, the connection between the 3GPP core network and MTC server in this scenario is insecure; consequently, there are distrustful relationships among MTC device, core network, and MTC server. If the security issue is not well addressed, all applications involved in MTC cannot be put into the market. To address this problem, we propose an end‐to‐end security scheme for MTC based on the proxy‐signature technique, called E2SEC. Specifically, both the MTC device and MTC server can establish strong trustful relationships with each other by using the proxy signatures issued by the 3GPP core network. Moreover, we present some implementation considerations of E2SEC and analyze the performance during authentication by comparing the operational cost of three cases that apply three different signature algorithms, that is, ElGamal, Schnorr, and DSA. Through security analysis by using Automatic Cryptographic Protocol Verifier (ProVerif), we conclude that the proposed E2SEC scheme can achieve the security goals and prevent various security threats. Copyright © 2015 John Wiley & Sons, Ltd. |
