Online citations, reference lists, and bibliographies.
← Back to Search

Design Of An Anonymity-preserving Three-factor Authenticated Key Exchange Protocol For Wireless Sensor Networks

R. Amin, S. H. Islam, G. Biswas, M. Khan, L. Leng, N. Kumar
Published 2016 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
Share
We observed that Farash et?al.'s authentication protocol for WSN is susceptible to many security attacks.The protocol is also unable to preserve user anonymity.We designed an anonymity preserving authentication scheme for WSN.We analyze the security of the proposed protocol using AVISPA S/W.The proposed protocol is secure against active and passive attacks and more efficient than other protocols. Recently, Farash et?al. pointed out some security weaknesses of Turkanovic et?al.'s protocol, which they extended to enhance its security. However, we found some problems with Farash et?al.'s protocol, such as a known session-specific temporary information attack, an off-line password-guessing attack using a stolen-smartcard, a new-smartcard-issue attack, and a user-impersonation attack. Additionally, their protocol cannot preserve user-anonymity, and the secret key of the gateway node is insecure. The main intention of this paper is to design an efficient and robust smartcard-based user authentication and session key agreement protocol for wireless sensor networks that use the Internet of Things. We analyze its security, proving that our protocol not only overcomes the weaknesses of Farash et?al.'s protocol, but also preserves additional security attributes, such as the identity change and smartcard revocation phases. Moreover, the results of a simulation using AVISPA show that our protocol is secure against active and passive attacks. The security and performance of our work are also compared with a number of related protocols.
This paper references
10.1007/s10916-014-0179-x
Cryptanalysis and Improvement of a User Authentication Scheme Preserving Uniqueness and Anonymity for Connected Health Care
Lili Xu (2014)
An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks
Daojing He (2010)
10.1016/j.jnca.2012.03.011
A dynamic password-based user authentication scheme for hierarchical wireless sensor networks
A. K. Das (2012)
10.3390/s110504767
A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography
Hsiu-lien Yeh (2011)
10.1145/357980.358017
A method for obtaining digital signatures and public-key cryptosystems
R. Rivest (1983)
10.1109/WIAD.2011.5983262
Cryptanalysis on two user authentication protocols using smart card for wireless sensor networks
P. Kumar (2011)
10.1016/j.csi.2008.09.006
An improved smart card based password authentication scheme with provable security
J. Xu (2009)
10.1016/j.adhoc.2015.05.014
An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment
M. Farash (2016)
10.1007/springerreference_213
Differential Power Analysis
Siva Sai Yerubandi (2002)
10.1002/SEC.900
A remote cancelable palmprint authentication protocol based on multi-directional two-dimensional PalmPhasor-fusion
L. Leng (2014)
10.1145/1641944.1641962
Robust dynamic user authentication scheme for wireless sensor networks
B. Vaidya (2009)
10.1016/j.adhoc.2015.05.020
A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks
R. Amin (2016)
10.1109/SURV.2013.110113.00249
A Survey of Recent Developments in Home M2M Networks
Min Chen (2014)
10.1007/11513988_27
The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications
A. Armando (2005)
10.1007/s10916-015-0217-3
A Novel User Authentication and Key Agreement Protocol for Accessing Multi-Medical Server Usable in TMIS
R. Amin (2015)
10.1007/s11859-010-0318-2
A biometric-based user authentication for wireless sensor networks
J. Yuan (2010)
10.1007/S13369-015-1743-5
Cryptanalysis and Design of a Three-Party Authenticated Key Exchange Protocol Using Smart Card
R. Amin (2015)
10.1145/1029102.1029113
TinyPK: securing sensor networks with public key technology
Ronald J. Watro (2004)
10.1109/TIT.1983.1056650
On the security of public key protocols
D. Dolev (1981)
10.1109/WIMOB.2010.5645004
Improved two-factor user authentication in wireless sensor networks
B. Vaidya (2010)
10.1109/TWC.2002.804190
An application-specific protocol architecture for wireless microsensor networks
W. Heinzelman (2002)
10.5755/J01.EEE.19.6.2038
An Improved Dynamic Password-based User Authentication Scheme for Hierarchical Wireless Sensor Networks
Muhamed Turkanovic (2013)
10.1109/SUTC.2006.6
A dynamic user authentication scheme for wireless sensor networks
Kirk H. M. Wong (2006)
10.3390/s130809589
An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks
C. Li (2013)
10.1117/12.482717
Two-tiered wireless sensor network architecture for structural health monitoring
Venkata Anil Kottapalli (2003)
10.1007/s10916-015-0258-7
A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity
R. Amin (2015)
10.1007/s10916-013-9980-1
A Robust Uniqueness-and-Anonymity-Preserving Remote User Authentication Scheme for Connected Health Care
F. Wen (2013)
10.1109/TPDS.2010.206
A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems
Xinyi Huang (2011)
10.1007/s11036-015-0597-0
An Efficient RFID Search Protocol Based On Clouds
D. Zhang (2015)
10.1016/j.patcog.2006.05.030
An improved BioHashing for human authentication
A. Lumini (2007)
10.1016/j.adhoc.2014.03.003
Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks
Ding Wang (2014)
10.1016/j.adhoc.2014.03.009
A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion
Muhamed Turkanovic (2014)
10.1016/j.ins.2015.02.010
A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks
D. He (2015)
10.1016/S1389-1286(01)00302-4
Wireless sensor networks: a survey
I. Akyildiz (2002)
10.1109/TC.2002.1004593
Examining Smart-Card Security under the Threat of Power Analysis Attacks
Thomas S. Messerges (2002)
10.1109/PACCS.2010.5626600
A secure and efficient user authentication protocol for two-tiered wireless sensor networks
Rong Fan (2010)
10.15866/IRECOS.V8I1.2766
A New User Authentication Scheme for Hierarchical Wireless Sensor Networks
Shuaiwen Xu (2013)
10.1016/j.jnca.2012.05.010
A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks
K. Xue (2013)
10.1016/j.csi.2010.03.008
Advanced smart card based password authentication protocol
R. Song (2010)
10.3390/s100302450
Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’
M. Khan (2010)
10.1109/GLOCOM.2007.190
An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks
Huei-Ru Tseng (2007)
10.1109/TWC.2008.080128
Two-factor user authentication in wireless sensor networks
M. Das (2009)
10.1016/j.patcog.2004.04.011
Biohashing: two factor authentication featuring fingerprint data and tokenised random number
A. Teoh (2004)
10.1007/s10916-012-9902-7
A Uniqueness-and-Anonymity-Preserving Remote User Authentication Scheme for Connected Health Care
Y. Chang (2012)
10.1016/j.patcog.2015.01.021
Alignment-free row-co-occurrence cancelable palmprint Fuzzy Vault
L. Leng (2015)



This paper is referenced by
10.3390/s19092012
A Lightweight Three-Factor Authentication and Key Agreement Scheme in Wireless Sensor Networks for Smart Homes
Sooyeon Shin (2019)
10.1088/1742-6596/1087/6/062003
Security Analysis of Improved User Authentication Schemes Using Smart Cards
Xiao Hong Yin (2018)
10.1371/journal.pone.0176250
Security enhanced multi-factor biometric authentication scheme using bio-hash function
Younsung Choi (2017)
10.1016/J.FUTURE.2019.02.020
LACO: Lightweight Three-Factor Authentication, Access Control and Ownership Transfer Scheme for E-Health Systems in IoT
Seyed Farhad Aghili (2019)
10.1016/J.PMCJ.2019.02.004
User authentication in a tactile internet based remote surgery environment: Security issues, challenges, and future research directions
M. Wazid (2019)
10.1155/2018/5432960
A Novel Multiserver Authentication Protocol with Multifactors for Cloud Service
J. Song (2018)
10.1007/978-3-030-01174-1_86
A Secure Key Management Technique Through Distributed Middleware for the Internet of Things
Tamanna Tabassum (2018)
10.1007/978-3-030-01704-0_20
A Review and Costing of Lightweight Authentication Schemes for Internet of Things (IoT): Towards Design of an Authentication Architecture for Smart Home Applications
Attlee M. Gamundani (2018)
10.3390/s17122946
An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks
Chenyu Wang (2017)
10.3390/s18113663
Securing Heterogeneous Wireless Sensor Networks: Breaking and Fixing a Three-Factor Authentication Protocol
Seyed Farhad Aghili (2018)
10.1007/s11859-019-1378-6
Scheme on Cross-Domain Identity Authentication Based on Group Signature for Cloud Computing
Yanyan Yang (2019)
10.1109/ACCESS.2017.2673239
Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks
Q. Jiang (2017)
10.1016/j.future.2017.08.042
A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks
F. Wu (2018)
10.26636/jtit.2019.134019
Multifactor Authentication and Key Management Protocol for WSN-assisted IoT Communication
Tabassum Ara (2019)
10.1007/s11265-017-1305-z
Breaking Three Remote user Authentication Systems for Mobile Devices
Wenting Li (2017)
10.5121/ijcnc.2019.11506
A Novel Security Protocol for Wireless Sensor Networks Based on Elliptic Curve Signcryption
A. K. Singh (2019)
10.1007/S11276-018-1841-X
Lightweight three factor scheme for real-time data access in wireless sensor networks
Hanguang Luo (2020)
10.1007/s11042-017-5560-6
Signature-based three-factor authenticated key exchange for internet of things applications
Xiaoying Jia (2017)
10.1007/s11042-017-5376-4
Efficient authentication protocol for secure multimedia communications in IoT-enabled wireless sensor networks
Dheerendra Mishra (2017)
10.1109/ACCESS.2018.2796539
Two-Factor Authenticated Key Agreement Supporting Unlinkability in 5G-Integrated Wireless Sensor Networks
Sooyeon Shin (2018)
10.1145/3325130
Efficient Multi-Factor User Authentication Protocol with Forward Secrecy for Real-Time Data Access in WSNs
Ding Wang (2020)
10.1109/BigDataSecurity.2017.34
Breaking Two Remote User Authentication Systems for Mobile Devices
W. Li (2017)
10.1155/2020/5686498
An Improved Anonymous Authentication Protocol for Wearable Health Monitoring Systems
Jiaqing Mo (2020)
10.1016/j.comnet.2018.05.006
Anonymous hybrid mutual authentication and key agreement scheme for wireless body area network
Aneesh M. Koya (2018)
10.3390/s19163598
A Secure Lightweight Three-Factor Authentication Scheme for IoT in Cloud Computing Environment
Sungjin Yu (2019)
10.1109/TII.2018.2834351
Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks
Ding Wang (2018)
10.1109/ACCESS.2019.2893918
An Unlinkable Authentication Scheme for Distributed IoT Application
Yousheng Zhou (2019)
10.1016/j.future.2017.06.018
A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring
R. Ali (2018)
10.1007/s11277-020-07527-4
A New Lightweight User Authentication and Key Agreement Scheme for WSN
Foroozan Ghosairi Darbandeh (2020)
10.1002/dac.4332
Secure communication in CloudIoT through design of a lightweight authentication and session key agreement scheme
Mahdi Nikooghadam (2020)
10.1109/CITS49457.2020.9232633
A Secure Authentication Mechanism for Wireless Sensor Networks
R. Ali (2020)
10.1155/2018/3048697
An Enhanced User Authentication Protocol Based on Elliptic Curve Cryptosystem in Cloud Computing Environment
Chenyu Wang (2018)
See more
Semantic Scholar Logo Some data provided by SemanticScholar