Cryptanalysis of an authentication scheme for multi-gateway wireless sensor networks

Wireless sensor network has wide potential application in many fields such as military, agricultural and healthcare. However, it also has some vulnerabilities because of its openness. For this reason, many researchers have proposed various user authentication schemes for added security of wireless sensor networks. Recently, Wu et al. proposed an authentication scheme for multi-gateway wireless sensor networks in Internet of Things deployment. Wu et al. claimed that their scheme is secure against user forgery attack and session key leakage. However, we found that the scheme is vulnerable to outsider and user impersonation attacks. In this paper, we revisit Wu et al.'s scheme and analyze its vulnerabilities.

[1]  Ruhul Amin,et al.  A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks , 2016, Ad Hoc Networks.

[2]  Jian Shen,et al.  An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment , 2017, J. Netw. Comput. Appl..

[3]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[4]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).

[5]  Muhammad Khurram Khan,et al.  Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’ , 2010, Sensors.

[6]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[7]  Saru Kumari,et al.  An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment , 2016, Ad Hoc Networks.

[8]  Wei-Kuan Shih,et al.  A Robust Mutual Authentication Protocol for Wireless Sensor Networks , 2010 .

[9]  Dengguo Feng,et al.  An improved smart card based password authentication scheme with provable security , 2009, Comput. Stand. Interfaces.

[10]  Marko Hölbl,et al.  An Improved Dynamic Password-based User Authentication Scheme for Hierarchical Wireless Sensor Networks , 2013 .

[11]  Jongho Moon,et al.  Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks , 2017, Sensors.

[12]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[13]  Donghoon Lee,et al.  Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks , 2014, Sensors.

[14]  Peilin Hong,et al.  A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks , 2013, J. Netw. Comput. Appl..

[15]  H. T. Mouftah,et al.  Improved two-factor user authentication in wireless sensor networks , 2010, 2010 IEEE 6th International Conference on Wireless and Mobile Computing, Networking and Communications.

[16]  Chun Chen,et al.  An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks , 2010, Ad Hoc Sens. Wirel. Networks.

[17]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[18]  Jongho Moon,et al.  Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks , 2017, Sensors.

[19]  H. T. Mouftah,et al.  Two-factor mutual authentication with key agreement in wireless sensor networks , 2016, Secur. Commun. Networks.

[20]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[21]  Cheng-Chi Lee,et al.  An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks , 2013, Sensors.

[22]  Ronggong Song Advanced smart card based password authentication protocol , 2010, Comput. Stand. Interfaces.

[23]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.