Improvement of Das's Two-Factor Authentication Protocol in Wireless Sensor Networks

User authentication is essential for customized services and privileged access control in wireless sensor network. In 2009, Das proposed a novel two-factor authentication scheme for wireless sensor network, where a user must prove the possession of both a password and a smart card. His scheme is well-designed for sensor nodes which typically have limited resources in the sense that its authentication procedure requires no public key operations but it utilizes only cryptographic hash function. In this letter, we point out that Das’s protocol is vulnerable to an offline password guessing attack, and also show a countermeasure to overcome the vulnerability without sacrificing any efficiency and usability. Besides the patch, we suggest a method to protect query response messages from wireless a sensor node to a user, which is necessary in serving a user in a confidential and authentic way.

[1]  Radha Poovendran,et al.  The AES-CMAC Algorithm , 2006, RFC.

[2]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[3]  Taylor Yu The Kerberos Network Authentication Service (Version 5) , 2007 .

[4]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).