Lightweight three factor scheme for real-time data access in wireless sensor networks

Wireless sensor networks (WSNs) have rapidly increased to be applicable in many different areas due to their wireless mobile connectivity, large scale deployment and ad hoc network. However, these characteristics make WSNs usually deployed in unattended and hostile field, which may bring some new threats such as information tampering and eavesdropping attacks, etc. User authentication is one of the most important security services that allowed the legitimate user to query and collect the real-time data from a sensor node in WSN. Since the sensor nodes are resource-constrained devices which have limited storage, power and computing resource, the proposed authentication scheme should be low cost and lightweight. Recently, Gope et al. proposed a two-factor lightweight authentication scheme for real-time data access in WSN. However, according to the analysis, there still exist several drawbacks in their scheme as well as in other two-factor schemes. In this paper, we propose a novel lightweight three-factor authentication scheme for WSN to withstand such threats as well as providing higher operational efficiency than most of the recently presented schemes. Both analysis and simulation show that our scheme is more suitable for the security real-time data access in WSN.

[1]  Xiong Li,et al.  An improved and provably secure three-factor user authentication scheme for wireless sensor networks , 2018, Peer-to-Peer Netw. Appl..

[2]  Juho Kim,et al.  A Security-Performance-Balanced User Authentication Scheme for Wireless Sensor Networks , 2012, Int. J. Distributed Sens. Networks.

[3]  Mun-Kyu Lee,et al.  Improvement of Das's Two-Factor Authentication Protocol in Wireless Sensor Networks , 2009, IACR Cryptol. ePrint Arch..

[4]  Ashok Kumar Das,et al.  A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks , 2015, Wirel. Pers. Commun..

[5]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[6]  Mike Bond,et al.  Chip and Skim: Cloning EMV Cards with the Pre-play Attack , 2012, 2014 IEEE Symposium on Security and Privacy.

[7]  Thomas D. Wu The Secure Remote Password Protocol , 1998, NDSS.

[8]  Muhammad Khurram Khan,et al.  Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’ , 2010, Sensors.

[9]  Xiong Li,et al.  Applying biometrics to design three-factor remote user authentication scheme with key agreement , 2014, Secur. Commun. Networks.

[10]  David von Oheimb The High-Level Protocol Specification Language HLPSL developed in the EU project AVISPA , 2005 .

[11]  Sherali Zeadally,et al.  Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks , 2017, IEEE Access.

[12]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[13]  Ruhul Amin,et al.  A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks , 2016, Ad Hoc Networks.

[14]  Jianfeng Ma,et al.  Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy , 2016 .

[15]  Chun-Hung Liu,et al.  Enhancement of Two-Factor User Authentication in Wireless Sensor Networks , 2010, 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[16]  Wenting Li,et al.  Cryptanalysis and Security Enhancement of Three Authentication Schemes in Wireless Sensor Networks , 2018, Wirel. Commun. Mob. Comput..

[17]  Ping Wang,et al.  On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions , 2014, Comput. Networks.

[18]  H. T. Mouftah,et al.  Improved two-factor user authentication in wireless sensor networks , 2010, 2010 IEEE 6th International Conference on Wireless and Mobile Computing, Networking and Communications.

[19]  Prosanta Gope,et al.  A Realistic Lightweight Anonymous Authentication Protocol for Securing Real-Time Application Data Access in Wireless Sensor Networks , 2016, IEEE Transactions on Industrial Electronics.

[20]  Diarmid Marshall,et al.  User perceptions of security and usability of single-factor and two-factor authentication in automated telephone banking , 2011, Comput. Secur..

[21]  R. C. Mittal,et al.  Dynamic ID-based remote user password authentication schemes using smart cards: A review , 2012, J. Netw. Comput. Appl..

[22]  Ashok Kumar Das,et al.  A secure and effective biometric‐based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor , 2017, Int. J. Commun. Syst..

[23]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[24]  Chin-Chen Chang,et al.  Remote password authentication with smart cards , 1991 .

[25]  Muhammad Khurram Khan,et al.  Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks , 2016, Comput. Networks.

[26]  Ping Wang,et al.  Two Birds with One Stone: Two-Factor Authentication with Security Beyond Conventional Bound , 2018, IEEE Transactions on Dependable and Secure Computing.

[27]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[28]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[29]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).

[30]  Rafail Ostrovsky,et al.  Efficient and secure authenticated key exchange using weak passwords , 2009, JACM.

[31]  Ashok Kumar Das,et al.  A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks , 2016, Peer-to-Peer Netw. Appl..

[32]  Chenyu Wang,et al.  An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks , 2017, Sensors.

[33]  WangDing,et al.  On the anonymity of two-factor authentication schemes for wireless sensor networks , 2014 .

[34]  Chun Chen,et al.  An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks , 2010, Ad Hoc Sens. Wirel. Networks.

[35]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[36]  Jianfeng Ma,et al.  A privacy preserving three-factor authentication protocol for e-Health clouds , 2016, The Journal of Supercomputing.

[37]  Wei-Kuan Shih,et al.  A Robust Mutual Authentication Protocol for Wireless Sensor Networks , 2010 .

[38]  Saru Kumari,et al.  An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment , 2016, Ad Hoc Networks.

[39]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[40]  Rong Fan,et al.  A secure and efficient user authentication protocol for two-tiered wireless sensor networks , 2010, 2010 Second Pacific-Asia Conference on Circuits, Communications and System.

[41]  Da-Zhi Sun,et al.  On the security and improvement of a two-factor user authentication scheme in wireless sensor networks , 2012, Personal and Ubiquitous Computing.

[42]  Daiyuan Peng,et al.  A Lightweight Anonymous Authentication Protocol with Perfect Forward Secrecy for Wireless Sensor Networks , 2017, Sensors.

[43]  Debiao He,et al.  Robust Biometrics-Based Authentication Scheme for Multiserver Environment , 2015, IEEE Systems Journal.