A Provably Secure Anonymous Biometrics-Based Authentication Scheme for Wireless Sensor Networks Using Chaotic Map

The rapid growth of wireless sensor networks (WSNs) has opened new doors to realize remote monitoring in various areas. However, designing authentication protocol for resource-constrained WSNs is a challenging task. Recently, Aghili et al. introduced an efficient three-factor authentication scheme for WSNs using hash function, and argued that the scheme is immune to known attacks. However, we discover that their scheme suffers from a few serious weaknesses, such as session key disclosure attack, desynchronization attack, sensor node impersonation attack, and session-specific temporary information attack, and does not provide forward secrecy. In order to overcome the deficiency of this scheme, we propose an enhanced biometric-based authentication scheme for WSNs using Chebyshev chaotic map. We demonstrate that the proposed scheme is provably secure in the random oracle model. Furthermore, Burrows–Abadi–Needham logic analysis shows that the proposed scheme achieves mutual authentication and session key agreement. The informal analysis demonstrates that the proposed scheme is resistant to various attacks and has desirable attributes, such as forward secrecy and three-factor secrecy. Finally, the security and performance comparison show that the proposed scheme is more practical.

[1]  Jian Shen,et al.  A secure chaotic map-based remote authentication scheme for telecare medicine information systems , 2017, Future Gener. Comput. Syst..

[2]  Sherali Zeadally,et al.  Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks , 2017, IEEE Access.

[3]  Daiyuan Peng,et al.  A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks , 2017, Sensors.

[4]  Dieter Hogrefe,et al.  Security analysis and improvement of a mutual authentication and key agreement solution for wireless sensor networks using chaotic maps , 2018, Trans. Emerg. Telecommun. Technol..

[5]  Lixiang Li,et al.  An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks , 2016, Sensors.

[6]  Yoney Kirsal Ever,et al.  Secure-Anonymous User Authentication Scheme for e-Healthcare Application Using Wireless Medical Sensor Networks , 2019, IEEE Syst. J..

[7]  Jian Shen,et al.  An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks , 2016, J. Netw. Comput. Appl..

[8]  Robert Simon Sherratt,et al.  Enhanced three-factor security protocol for consumer USB mass storage devices , 2014, IEEE Transactions on Consumer Electronics.

[9]  Xiong Li,et al.  A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps , 2016, Future Gener. Comput. Syst..

[10]  Dongho Won,et al.  An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks , 2016, Sensors.

[11]  Jongho Moon,et al.  Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks , 2017, Sensors.

[12]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[13]  Hamid Mala,et al.  Securing Heterogeneous Wireless Sensor Networks: Breaking and Fixing a Three-Factor Authentication Protocol , 2018, Sensors.

[14]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[15]  Naveen K. Chilamkurti,et al.  A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks , 2015, Inf. Sci..

[16]  Sherali Zeadally,et al.  Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment , 2017, Future Gener. Comput. Syst..

[17]  Athanasios V. Vasilakos,et al.  Secure Biometric-Based Authentication Scheme Using Chebyshev Chaotic Map for Multi-Server Environment , 2018, IEEE Transactions on Dependable and Secure Computing.

[18]  Kim-Kwang Raymond Choo,et al.  An untraceable and anonymous password authentication protocol for heterogeneous wireless sensor networks , 2017, J. Netw. Comput. Appl..

[19]  Chun Chen,et al.  An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks , 2010, Ad Hoc Sens. Wirel. Networks.

[20]  Maede Ashouri-Talouki,et al.  Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks , 2019, Peer-to-Peer Netw. Appl..

[21]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[22]  Elisa Bertino,et al.  Effective Key Management in Dynamic Wireless Sensor Networks , 2015, IEEE Transactions on Information Forensics and Security.

[23]  Dongho Won,et al.  Secure and Efficient Three-Factor Protocol for Wireless Sensor Networks , 2018, Sensors.

[24]  Linhua Zhang Cryptanalysis of the public key encryption based on multiple chaotic systems , 2008 .

[25]  Satish Chand,et al.  Cryptanalysis and improvement of an authentication protocol for wireless sensor networks applications like safety monitoring in coal mines , 2019, J. Ambient Intell. Humaniz. Comput..

[26]  Chuan-Ming Liu,et al.  Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks , 2015, Sensors.

[27]  Chin-Chen Chang,et al.  A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks , 2016, IEEE Transactions on Wireless Communications.

[28]  Ashok Kumar Das,et al.  A secure and effective biometric‐based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor , 2017, Int. J. Commun. Syst..

[29]  Azeddine Bilami,et al.  EDAK: An Efficient Dynamic Authentication and Key Management Mechanism for heterogeneous WSNs , 2017, Future Gener. Comput. Syst..

[30]  Mauro Conti,et al.  A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring , 2017, Future Gener. Comput. Syst..

[31]  Chee-Yee Chong,et al.  Sensor networks: evolution, opportunities, and challenges , 2003, Proc. IEEE.

[32]  Donghoon Lee,et al.  Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2014, Sensors.

[33]  Chenyu Wang,et al.  An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks , 2017, Sensors.

[34]  H. T. Mouftah,et al.  Two-factor mutual authentication with key agreement in wireless sensor networks , 2016, Secur. Commun. Networks.