Achieving M2M-device authentication through heterogeneous information bound with USIM card

Abstract

In the commercial launches of Long-term evolution machine type communication (LTE-M), which includes enhanced machine type communication or machine to machine (M2M) communication in the Long-term evolution (LTE), the security issues is worth the attention. Several security problems have been discovered in LTE-M. One such important problem is the non-authenticated usage of the subscriber identity module (SIM) cards. Because M2M communications are not human-centric, the common personal identification number (PIN) code verification mechanism is not suitable for the machine driven communications. In this paper, we propose two approaches to solve the non-authenticated SIM card usage problem by restricting the code in the SIM card to the specific user device. One approach, named IMEI–IMSI pairing, is an enhancement of the original authentication mechanism which performs device authentication by pairing the International Mobile Equipment Identification Number (IMEI), the device’s unique code, and the International Mobile Subscriber Identification Number (IMSI), which is the SIM card’s unique code. Besides ClockSkew-IMSI pairing, the other approach, leverages certain hardware characteristics which are difficult to alter. In particular, we make use of the clock skew, which for each device is slightly different. To evaluate our methods, we implement two approaches on OpenAirInterface, an open source 5G development platform. In comparison to the method proposed for 3rd Generation Partnership Project (3GPP), both of our approaches are more efficient in achieving secure device authentication.