A robust user authentication scheme with self-certificates for wireless sensor networks

User authentication is a critical part of security, along with confidentiality and integrity, for computer systems that allow legitimate users remote access over an open communication network. Recently, user authentication for wireless sensor networks (WSNs) has received considerable attention. We propose a robust user authentication scheme for WSNs. The scheme is based on elliptic-curve cryptosystems with self-certificates. The proposed scheme allows users to change their key pairs without interaction with a key distribution center (KDC). Moreover, the proposed scheme still works well even if the adversary captures t nodes out of n nodes in the WSNs. Security of the proposed scheme is modeled and analyzed with Petri nets. Our analysis shows that the proposed scheme can successfully defend some of the most notorious attacks, including replay attacks, forgery attacks, and node-capture attacks. Copyright © 2010 John Wiley & Sons, Ltd.

[1]  Hung-Yu Chien,et al.  An Efficient and Practical Solution to Remote Authentication: Smart Card , 2002, Comput. Secur..

[2]  Zinaida Benenson,et al.  Realizing Robust User Authentication in Sensor Networks , 2005 .

[3]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[4]  Alfred Menezes,et al.  The State of Elliptic Curve Cryptography , 2000, Des. Codes Cryptogr..

[5]  Wen-Shenq Juang,et al.  Efficient password authenticated key agreement using smart cards , 2004, Comput. Secur..

[6]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2009, IEEE INFOCOM 2009.

[7]  LiQun,et al.  Elliptic curve cryptography-based access control in sensor networks , 2006 .

[8]  Moni Naor,et al.  Certificate revocation and certificate update , 1998, IEEE Journal on Selected Areas in Communications.

[9]  Jiann-Fu Lin,et al.  An efficient and complete remote user authentication scheme using smart cards , 2006, Math. Comput. Model..

[10]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[11]  Bo Sheng,et al.  Elliptic curve cryptography-based access control in sensor networks , 2006, Int. J. Secur. Networks.

[12]  Zinaida Benenson,et al.  An algorithmic framework for robust access control in wireless sensor networks , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[13]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[14]  Wuu Yang,et al.  An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[15]  Byoung heon Lee Self-Certificate: PKI using Self-Certified Key , 2000 .

[16]  Chien-Lung Hsu A user friendly remote authentication scheme with smart cards against impersonation attacks , 2005, Appl. Math. Comput..

[17]  Dongho Won,et al.  Two Efficient and Secure Authentication Schemes Using Smart Cards , 2006, ICCSA.

[18]  Tadao Murata,et al.  Petri nets: Properties, analysis and applications , 1989, Proc. IEEE.

[19]  Patrick Horster,et al.  Self-certified keys — Concepts and Applications , 1997 .

[20]  Satyajit Banerjee,et al.  Symmetric key based authenticated querying in wireless sensor networks , 2006, InterSense '06.

[21]  Qun Li,et al.  Distributed User Access Control in Sensor Networks , 2006, DCOSS.

[22]  Bao Li,et al.  An Efficient Scheme for User Authentication in Wireless Sensor Networks , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[23]  Cheng-Chi Lee,et al.  A remote user authentication scheme using hash functions , 2002, OPSR.

[24]  Ashutosh Saxena,et al.  A dynamic ID-based remote user authentication scheme , 2004, IEEE Transactions on Consumer Electronics.

[25]  Zinaida Benenson,et al.  User authentication in sensor networks (extended abstract) , 2004 .

[26]  C. Petri Kommunikation mit Automaten , 1962 .

[27]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[28]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[29]  K. Lauter,et al.  The advantages of elliptic curve cryptography for wireless security , 2004, IEEE Wireless Communications.

[30]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).