Due to the increasing demand for bandwidth and availability of multi‐homed devices, the Multipath TCP (MPTCP) is an emerging protocol that uses multiple paths simultaneously to transfer the data, seamlessly utilizing their bandwidth. The security is an important issue in a system especially the communication network system. Since there are multiple paths in MPTCP, it has many doors open to an adversary especially at the time of connection initiation. These attacks include the man‐in‐the‐middle attack (MM), denial‐of‐service (DOS) attack, and SYN flooding attack. This article proposes a new opportunistic security protocol, named as secure connection multipath TCP (SCMTCP), that uses the elliptic curve cryptography to generate the secret key. It also uses a third‐party certificate authority to ensure the authenticity of public keys exchanged between the communicating parties. The SCMTCP generates a session key at the time of initial handshake (with MP_CAPABLE option) and protects the MPTCP from the man‐in‐the‐middle attack. It generates a unique authentication key for each new subflow within the host using the session key to authenticate them and protects the MPTCP from DoS and SYN flooding attacks. This article analyzes the security complexity of the SCMTCP using the random oracle model and shows that it is not possible for an attacker to get any security key and breaks the MPTCP security.