Field of the Invention
The present invention relates to group based bootstrapping in machine type communication.
Related Background Art
Prior art which is related to this technical field can e.g. be found in:    [1] 3GPP TR 23.888 v1.6.0,    [2] 3GPP TR 33.868 v0.5.0,    [3] 3GPP TS 33.220 v11.1.0, and    [4] 3GPP TS 33.102 v11.1.0.
The following meanings for the abbreviations used in this specification apply:    3GPP—third generation partnership project    AKA—authentication and key agreement    AuC—authentication centre    AV—authentication vector    BSF—bootstrapping service function    GBA—generic bootstrapping architecture    HLR—home location register    HSS—home subscriber server    M2M—machine to machine    MTC—machine type communication    NAF—network application function
GBA is standardized to enable network applications and end user side building a shared session secret in order to meet the requirement of secure communication. Technical details are described in [3]. In brief, GBA describes security features and a mechanism to bootstrap authentication and key agreement for application security from 3GPP AKA mechanism described in [4].
In M2M environment, because the number of MTC devices may be in an order of 100 or 1000 of current end users of mobile phones, the MTC devices are usually grouped together for control, management or data convergence, etc. to meet the need of a variety of applications. Group based optimization techniques are described in [1] and [2].
Thus, from a network application's perspective, a shared group session key may be needed for the network application to achieve secure group communication. Moreover, for the MTC devices in one group, each may need to communicate with the network application individually, and so an independent session key for each device may be also needed.
However, GBA can not establish a session key which is shared in all group members since GBA does not support group attribute. The other problem is that even if GBA is used to establish session keys between the devices of the group and the network application individually, a plurality of messages is exchanged between them, the number of the messages depending on the number of the group members. This results in low efficiency.
There are various methods and protocols to achieve group secret agreement and distribution, for example, many group based Diffie-Hellman (DH) key exchange methods are designed to establish a shared secret within a group. The main problem of all methods based on DH is that they are vulnerable to Man-In-The-Middle (MITM) attack because of no authentication mechanism between communication parties.
Some solutions are deployed which combine PKI (Public-Key-Infrastructure)/certificate and group based key exchange methods to achieve secure group communication. The disadvantage is that the cost of deployment is relatively high. Another disadvantage is that the implementation is complex and difficult because the PKI system can only be used to authenticate end-to-end, so if supporting group features, some additional process related to a group, e.g. verification of a group member, has to be added at the application layer.