ETRI Journal

Electronics and Telecommunications Research Institute (한국전자통신연구원)
권호 표지
DOI QR코드

DOI QR Code

A Robust Mutual Authentication Protocol for Wireless Sensor Networks

  • Chen, Tien-Ho (Department of Computer Science, National Tsing Hua University) ;
  • Shih, Wei-Kuan (Department of Computer Science, National Tsing Hua University)
  • Received : 2010.03.15
  • Accepted : 2010.08.02
  • Published : 2010.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

Authentication is an important service in wireless sensor networks (WSNs) for an unattended environment. Recently, Das proposed a hash-based authentication protocol for WSNs, which provides more security against the masquerade, stolen-verifier, replay, and guessing attacks and avoids the threat which comes with having many logged-in users with the same login-id. In this paper, we point out one security weakness of Das' protocol in mutual authentication for WSN's preservation between users, gateway-node, and sensor nodes. To remedy the problem, this paper provides a secrecy improvement over Das' protocol to ensure that a legal user can exercise a WSN in an insecure environment. Furthermore, by presenting the comparisons of security, computation and communication costs, and performances with the related protocols, the proposed protocol is shown to be suitable for higher security WSNs.

Keywords

References

  1. I.F. Akyildiz et al., "A Survey on Sensor Networks," IEEE Commun. Mag., vol. 40, no. 8, Aug. 2002, pp. 102-114. https://doi.org/10.1109/MCOM.2002.1024422
  2. IEEE Standards for 802.15.4, Part 15, Amendment 4, "Wireless Medium Access Control and Physical Layer Specifications for Low-Rate Wireless Personal Area Networks," 2003.
  3. N. Sastry and D. Wagner, "Security Considerations for IEEE 802.15.4 Networks," Proc. ACM Workshop Wireless Security, ACM Press, 2004, pp. 32-42.
  4. R. Watro et al., "C. Lynn, and P. Kruus, TinyPK: Securing Sensor Networks with Public Key Technology," Proc. ACM Workshop Security Ad Hoc Sensor Netw., 2004, pp. 59-64.
  5. K. Wong et al., "A Dynamic User Authentication Scheme for Wireless Sensor Networks," Proc. IEEE Int. Conf. Sensor Netw., Ubiquitous, Trustworthy Computing, 2006, pp. 244-251.
  6. M.L. Das, "Two-Factor User Authentication in Wireless Sensor Networks," IEEE Trans. Wireless Commun., vol. 8, no. 3, 2009, pp. 1086-1090. https://doi.org/10.1109/TWC.2008.080128
  7. H.R. Tseng, R.H. Jan, and W. Yang, "An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks," IEEE Global Telecommun. Conf., 2007, pp. 986-990.
  8. S. Tripathy and S. Nandi, "Defense Against Outside Attacks in Wireless Sensor Networks," Computer Commun., vol. 31, no. 4, 2008, pp. 818-826. https://doi.org/10.1016/j.comcom.2007.10.025
  9. B. Vaidya, M. Chen, and J. Rodrigues, "Improved Robust User Authentication Scheme for Wireless Sensor Networks," 5th IEEE Proc. Wireless Commun. Sensor Networks, 2009, pp. 1-6.
  10. X. Duan, J.W. Liu, and Q. Zhang, "Security Improvement on Chien Et Al.'s Remote User Authentication Scheme Using Smart Cards," IEEE Int. Conf. Computational Intell. Secur., 2006, pp. 1133-1135.
  11. C.H. Han and W.K. Shih, "Improvement of the Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment," Comput. Stand. Interfaces, vol. 31, no. 6, Nov. 2009, pp. 1118-1123. https://doi.org/10.1016/j.csi.2008.11.002
  12. S. Halevi and H. Krawczyk, "Public-Key Cryptography and Password Protocols," ACM Trans. Inf. Syst. Secur., vol. 2, no. 3, 1999, pp. 230-268. https://doi.org/10.1145/322510.322514
  13. G. Yang et al., "Two-Factor Mutual Authentication Based on Smart Cards and Passwords," J. Comput. Syst. Sci., vol. 74, no. 7, 2008, pp. 1160-1172. https://doi.org/10.1016/j.jcss.2008.04.002
  14. H.Y. Chien, J.K. Jan, and Y.M. Tseng, "An Efficient and Practical Solution to Remote Authentication: Smart Card," Computers & Security, vol. 21, no. 4, 2002, pp. 372-375. https://doi.org/10.1016/S0167-4048(02)00415-7
  15. D. Dolev and A.C. Yao, "On the Security of Public-Key Protocols," IEEE Trans. Inform. Theory, vol. 29, no. 2, 1983, pp. 198-208. https://doi.org/10.1109/TIT.1983.1056650
  16. Hsiang and W.K. Shih, "Weaknesses and Improvements of the Yoon-Ryu-Yoo Remote User Authentication Scheme Using Smart Cards," Computer Commun., vol. 32, no. 4, 2009, pp. 649- 652. https://doi.org/10.1016/j.comcom.2008.11.019
  17. P.C. Kocher, J. Jaffe, and B. Jun., "Differential Power Analysis," Proc. Advances Cryptology, LNCS, 1666, Springer-Verlag, 1999, pp. 388-397.
  18. T.H. Chen, H.C. Hsiang, and W.K. Shih, "Security Enhancement on an Improvement on Two Remote User Authentication Schemes Using Smart Cards," Future Gen. Comput. Syst., Accepted, doi: 10.1016/j.future.2010.08.007. 2010.

Cited by

  1. Characterization of a high-power piezoelectric energy-scavenging device based on PMN-PT piezoelectric single crystals vol.60, pp.2, 2010, https://doi.org/10.3938/jkps.60.230
  2. High-response and low-power-consumption CO micro gas sensor based on nano-powders and a micro-heater vol.60, pp.2, 2010, https://doi.org/10.3938/jkps.60.235
  3. A Security-Performance-Balanced User Authentication Scheme for Wireless Sensor Networks vol.8, pp.3, 2012, https://doi.org/10.1155/2012/382810
  4. A dynamic password-based user authentication scheme for hierarchical wireless sensor networks vol.35, pp.5, 2010, https://doi.org/10.1016/j.jnca.2012.03.011
  5. Improved Security Patch on Secure Communication among Cell Phones and Sensor Networks vol.9, pp.4, 2010, https://doi.org/10.1155/2013/348783
  6. A New User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography vol.9, pp.4, 2010, https://doi.org/10.1155/2013/730831
  7. A Performance and Usability Aware Secure Two-Factor User Authentication Scheme for Wireless Sensor Networks vol.9, pp.5, 2010, https://doi.org/10.1155/2013/543950
  8. A Strong Authentication Scheme with User Privacy for Wireless Sensor Networks vol.35, pp.5, 2010, https://doi.org/10.4218/etrij.13.0113.0103
  9. Secure and Efficient Authentication Scheme for Mobile Sink in WSNs Based on Bilinear Pairings vol.10, pp.2, 2010, https://doi.org/10.1155/2014/846901
  10. Secure and Efficient User Authentication Scheme in Ubiquitous Wireless Sensor Networks vol.10, pp.4, 2014, https://doi.org/10.1155/2014/759132
  11. The (in)adequacy of applicative use of quantum cryptography in wireless sensor networks vol.13, pp.10, 2010, https://doi.org/10.1007/s11128-014-0769-z
  12. A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks vol.82, pp.3, 2010, https://doi.org/10.1007/s11277-015-2288-3
  13. Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation vol.10, pp.4, 2010, https://doi.org/10.1371/journal.pone.0116709
  14. A Secure User Authentication Scheme against Smart-Card Loss Attack for Wireless Sensor Networks Using Symmetric Key Techniques vol.11, pp.4, 2010, https://doi.org/10.1155/2015/704502
  15. Efficient and Secure Temporal Credential-Based Authenticated Key Agreement Using Extended Chaotic Maps for Wireless Sensor Networks vol.15, pp.7, 2010, https://doi.org/10.3390/s150714960
  16. Secure random number generation in wireless sensor networks vol.27, pp.15, 2010, https://doi.org/10.1002/cpe.3311
  17. A secure user authentication protocol for sensor network in data capturing vol.4, pp.1, 2015, https://doi.org/10.1186/s13677-015-0030-z
  18. Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks vol.15, pp.12, 2010, https://doi.org/10.3390/s151229767
  19. Provably secure user authentication and key agreement scheme for wireless sensor networks vol.9, pp.16, 2010, https://doi.org/10.1002/sec.1573
  20. Secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks vol.12, pp.7, 2010, https://doi.org/10.1177/1550147716658607
  21. A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks vol.15, pp.1, 2010, https://doi.org/10.1109/twc.2015.2473165
  22. Security Improvement on Biometric Based Authentication Scheme for Wireless Sensor Networks Using Fuzzy Extraction vol.12, pp.1, 2010, https://doi.org/10.1155/2016/8572410
  23. Two‐factor mutual authentication with key agreement in wireless sensor networks vol.9, pp.2, 2010, https://doi.org/10.1002/sec.517
  24. An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks vol.16, pp.8, 2010, https://doi.org/10.3390/s16081299
  25. A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity vol.9, pp.15, 2016, https://doi.org/10.1002/sec.1214
  26. A Realistic Lightweight Anonymous Authentication Protocol for Securing Real-Time Application Data Access in Wireless Sensor Networks vol.63, pp.11, 2010, https://doi.org/10.1109/tie.2016.2585081
  27. An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks vol.76, pp.None, 2010, https://doi.org/10.1016/j.jnca.2016.10.001
  28. Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks vol.16, pp.12, 2010, https://doi.org/10.3390/s16122123
  29. A Survey of Authentication Schemes in Telecare Medicine Information Systems vol.41, pp.1, 2010, https://doi.org/10.1007/s10916-016-0658-3
  30. A Mutual Authentication Framework for Wireless Medical Sensor Networks vol.41, pp.5, 2010, https://doi.org/10.1007/s10916-017-0720-9
  31. A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security vol.8, pp.1, 2010, https://doi.org/10.1007/s12652-016-0345-8
  32. Seamless Key Agreement Framework for Mobile-Sink in IoT Based Cloud-Centric Secured Public Safety Sensor Networks vol.5, pp.None, 2010, https://doi.org/10.1109/access.2017.2766090
  33. Authentication Protocols for Internet of Things: A Comprehensive Survey vol.2017, pp.None, 2010, https://doi.org/10.1155/2017/6562953
  34. A secure and effective biometric‐based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor vol.30, pp.1, 2010, https://doi.org/10.1002/dac.2933
  35. Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks vol.17, pp.3, 2017, https://doi.org/10.3390/s17030644
  36. A privacy‐aware two‐factor authentication protocol based on elliptic curve cryptography for wireless sensor networks vol.27, pp.3, 2010, https://doi.org/10.1002/nem.1937
  37. Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks vol.17, pp.5, 2017, https://doi.org/10.3390/s17050940
  38. An Authentication Protocol for Future Sensor Networks vol.17, pp.5, 2010, https://doi.org/10.3390/s17050979
  39. A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks vol.17, pp.12, 2010, https://doi.org/10.3390/s17112681
  40. Efficient authentication protocol for secure multimedia communications in IoT-enabled wireless sensor networks vol.77, pp.14, 2010, https://doi.org/10.1007/s11042-017-5376-4
  41. An improved and provably secure three-factor user authentication scheme for wireless sensor networks vol.11, pp.1, 2018, https://doi.org/10.1007/s12083-016-0485-9
  42. Two-Factor Authenticated Key Agreement Supporting Unlinkability in 5G-Integrated Wireless Sensor Networks vol.6, pp.None, 2010, https://doi.org/10.1109/access.2018.2796539
  43. Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks vol.14, pp.9, 2010, https://doi.org/10.1109/tii.2018.2834351
  44. Cryptanalysis and Security Enhancement of Three Authentication Schemes in Wireless Sensor Networks vol.2018, pp.None, 2018, https://doi.org/10.1155/2018/8539674
  45. A Biometric-based User Authentication and Key Agreement Scheme for Heterogeneous Wireless Sensor Networks vol.12, pp.4, 2018, https://doi.org/10.3837/tiis.2018.04.021
  46. On the design of secure user authenticated key management scheme for multigateway‐based wireless sensor networks using ECC vol.31, pp.8, 2010, https://doi.org/10.1002/dac.3514
  47. Security analysis and improvement of a mutual authentication and key agreement solution for wireless sensor networks using chaotic maps vol.29, pp.6, 2010, https://doi.org/10.1002/ett.3295
  48. Breaking Three Remote user Authentication Systems for Mobile Devices vol.90, pp.8, 2010, https://doi.org/10.1007/s11265-017-1305-z
  49. Secure Authentication Protocol for Wireless Sensor Networks in Vehicular Communications vol.18, pp.10, 2010, https://doi.org/10.3390/s18103191
  50. Securing Heterogeneous Wireless Sensor Networks: Breaking and Fixing a Three-Factor Authentication Protocol vol.18, pp.11, 2010, https://doi.org/10.3390/s18113663
  51. An novel anonymous user WSN authentication for Internet of Things vol.23, pp.14, 2010, https://doi.org/10.1007/s00500-018-3226-6
  52. Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks vol.12, pp.1, 2019, https://doi.org/10.1007/s12083-017-0627-8
  53. A Systematic Literature Review of Authentication in Internet of Things for Heterogeneous Devices vol.2019, pp.None, 2010, https://doi.org/10.1155/2019/5747136
  54. Codeword Authenticated Key Exchange (CAKE) light weight secure routing protocol for WSN vol.32, pp.3, 2010, https://doi.org/10.1002/dac.3879
  55. A Novel Authenticated Key Agreement Protocol With Dynamic Credential for WSNs vol.15, pp.2, 2010, https://doi.org/10.1145/3303704
  56. A Privacy-Preserving Authentication and Key Agreement Scheme with Deniability for IoT vol.8, pp.4, 2010, https://doi.org/10.3390/electronics8040450
  57. Simple and Effective Secure Group Communications in Dynamic Wireless Sensor Networks vol.19, pp.8, 2010, https://doi.org/10.3390/s19081909
  58. A Lightweight Three-Factor Authentication and Key Agreement Scheme in Wireless Sensor Networks for Smart Homes vol.19, pp.9, 2010, https://doi.org/10.3390/s19092012
  59. An Enhanced and Secure Biometric Based User Authentication Scheme in Wireless Sensor Networks Using Smart Cards vol.107, pp.1, 2010, https://doi.org/10.1007/s11277-019-06252-x
  60. SMAC-AS: MAC Based Secure Authentication Scheme for Wireless Sensor Network vol.107, pp.2, 2010, https://doi.org/10.1007/s11277-019-06336-8
  61. Energy aware and fast authentication scheme using identity based encryption in wireless sensor networks vol.22, pp.suppl5, 2010, https://doi.org/10.1007/s10586-017-1151-6
  62. Cryptanalysis and Improvement of a Privacy-Preserving Three-Factor Authentication Protocol for Wireless Sensor Networks vol.19, pp.21, 2010, https://doi.org/10.3390/s19214625
  63. 무선 센서 네트워크 환경을 위한 보안성이 향상된 프라이버시 보호형 two-factor 인증 프로토콜 vol.15, pp.4, 2010, https://doi.org/10.17662/ksdim.2019.15.4.071
  64. Lightweight three factor scheme for real-time data access in wireless sensor networks vol.26, pp.2, 2010, https://doi.org/10.1007/s11276-018-1841-x
  65. Securing internet of medical things systems: Limitations, issues and recommendations vol.105, pp.None, 2010, https://doi.org/10.1016/j.future.2019.12.028
  66. Efficient and secure three-party mutual authentication key agreement protocol for WSNs in IoT environments vol.15, pp.4, 2020, https://doi.org/10.1371/journal.pone.0232277
  67. Wireless Sensor Network in Agriculture: Model of Cyber Security vol.20, pp.23, 2010, https://doi.org/10.3390/s20236747
  68. A Provably Secure Three-Factor Authentication Protocol for Wireless Sensor Networks vol.2021, pp.None, 2021, https://doi.org/10.1155/2021/5537018
  69. A Lightweight Three-Factor Authentication and Key Agreement Scheme for Multigateway WSNs in IoT vol.2021, pp.None, 2021, https://doi.org/10.1155/2021/3300769
  70. Improvement of a User Authentication Scheme for Wireless Sensor Networks Based on Internet of Things Security vol.116, pp.3, 2010, https://doi.org/10.1007/s11277-020-07811-3
  71. An efficient implementation of revocable functionality in authentication protocol for wireless body area network vol.42, pp.2, 2010, https://doi.org/10.1080/02522667.2019.1658417
  72. An Efficient User Authentication and Session Key Agreement in Wireless Sensor Network Using Smart Card vol.117, pp.2, 2010, https://doi.org/10.1007/s11277-020-07926-7
  73. An improved privacy preserving remote user authentication scheme for agricultural wireless sensor network vol.32, pp.3, 2010, https://doi.org/10.1002/ett.4218
  74. A secure authenticated and key exchange scheme for fog computing vol.15, pp.9, 2010, https://doi.org/10.1080/17517575.2020.1712746
  75. A Light and Anonymous Three-Factor Authentication Protocol for Wireless Sensor Networks vol.14, pp.1, 2022, https://doi.org/10.3390/sym14010046
  76. A robust authentication scheme for remote diagnosis and maintenance in 5G V2N vol.198, pp.None, 2010, https://doi.org/10.1016/j.jnca.2021.103281