MoTH: Mobile Terminal Handover Security Protocol for HUB Switching Based on 5G and Beyond (5GB) P2MP Backhaul Environment

With the evolution of wireless technologies, 5G and Beyond (5GB) communication is paving a way for efficient, ultrareliable, low-latent, and high converging services for the Internet of Things (IoT). Along with efficient communication, the security of messages is one of the concerns that must be maintained throughout the operations. Backhaul forms an essential part of 5GB with an ability to enhance the coverage and quality of service for IoT. However, conventional wired backhaul connection would cost operators thousands of dollars in the construction of 5GB infrastructure considering the ultradense nature of IoT. As a result, wireless backhaul is quickly becoming a feasible alternative to address 5GB’s direction toward network densification without affecting its other provisions. Wireless backhaul is expected to increase the landscape, covering from islands to mountains, which were difficult to access in the existing network generation. Moreover, it can effectively respond to the situation where the data traffic tremendously increased. Despite such provisioning, the wireless backhaul poses relatively various security threats and vulnerabilities due to the characteristics of wireless technologies. Several studies have been conducted to address the security problems; however, existing protocols do not support dynamic security policy and key management in a decentralized structure as well as secure handover in a specific scenario where Terminals (TMs) are moving. Motivated by this, we proposed the Mobile Terminal Handover (MoTH) security protocol to provide secure handover of mobile terminals between hubs. To solve the problem of existing protocols, a new entity called BMF is introduced to support distributed and dynamic security policy and key management in each serving network of the 5GB backhaul environment. The proposed protocol satisfies security requirements, including authentication and key management, confidentiality, integrity, and perfect forward secrecy. Additionally, it supports policy and key update services, and optimized handover. The security and correctness of the proposed protocol are thoroughly verified using the two formal security analysis tools: 1) BAN logic and 2) Scyther. Additionally, the performance evaluation shows that the proposed protocol is efficient.