About this Journal Submit a Manuscript Table of Contents
International Journal of Distributed Sensor Networks
Volume 2013 (2013), Article ID 679450, 9 pages
Research Article

How to Authenticate a Device? Formal Authentication Models for M2M Communications Defending against Ghost Compromising Attack

1School of Computer Science, China University of Geosciences, Wuhan 430074, China
2Shandong Provincial Key Laboratory of Computer Network, Jinan 250014, China
3School of Electronic Engineering, Naval University of Engineering, Wuhan 430033, China
4Department of Computer Science, National Chiao Tung University, Hsinchu 30010, Taiwan

Received 22 August 2012; Revised 27 November 2012; Accepted 29 November 2012

Academic Editor: Liguo Zhang

Copyright © 2013 Wei Ren et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


In Machine-to-Machine (M2M) communications, authentication of a device is of upmost importance for applications of Internet of Things. As traditional authentication schemes always assume the presence of a person, most authentication technologies cannot be applied in machine-centric M2M context. In this paper, we make the first attempt to formally model the authentication in M2M. We first model four attacking adversaries that can formulate all possible attacks in M2M, which are channel eavesdropping attack, credential compromise attack, function compromise attack, and ghost compromise attack. Next, we propose four models to tackle those corresponding adversaries, namely, credential-based model, machine-metrics-based model, reference-based model, and witness-based model. We also illustrate several concrete attacking methods and authentication approaches. We proof the authentication security for all proposed models and compare them for clarity. Our models present soundness and completeness in terms of authentication security, which can guide the design and analysis of concrete authentication protocols. Particularly, we construct a uniform authentication framework for M2M context and point out all possible authentication mechanisms in M2M.