A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps

Spread of wireless network technology has opened new doors to utilize sensor technology in various areas via Wireless Sensor Networks (WSNs). Many authentication protocols for among the service seeker users, sensing component sensor nodes (SNs) and the service provider base-station or gateway node (GWN) are available to realize services from WSNs efficiently and without any fear of deceit. Recently, Li et al. and He et al. independently proposed mutual authentication and key agreement schemes for WSNs. We find that both the schemes achieve mutual authentication, establish session key and resist many known attacks but still have security weaknesses. We show the applicability of stolen verifier, user impersonation, password guessing and smart card loss attacks on Li et al.'s scheme. Although their scheme employs the feature of dynamic identity, an attacker can reveal and guess the identity of a registered user. We demonstrate the susceptibility of He et al.'s scheme to password guessing attack. In both the schemes, the security of the session key established between user and SNs is imperfect due to lack of forward secrecy and session-specific temporary information leakage attack. In addition both the schemes impose extra computational load on resource scanty sensor-nodes and are not user friendly due to absence of user anonymity and lack of password change facility. To handle these drawbacks, we design a mutual authentication and key agreement scheme for WSN using chaotic maps. To the best of our knowledge, we are the first to propose an authentication scheme for WSN based on chaotic maps. We show the superiority of the proposed scheme over its predecessor schemes by means of detailed security analysis and comparative evaluation. We also formally analyze our scheme using BAN logic. We examine recently proposed Li et al.'s and He et al.'s schemes for WSN.We show security weaknesses in both schemes.We propose an improved scheme for WSN using Chebyshev chaotic maps.Formal security proof using BAN logic and conventional analysis assure the security of our scheme.Comparative evaluation shows the superiority of our scheme over related schemes.

[1]  Changjun Jiang,et al.  A biometric-based user authentication for wireless sensor networks , 2010, Wuhan University Journal of Natural Sciences.

[2]  Jianfeng Ma,et al.  An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks , 2015, Peer-to-Peer Netw. Appl..

[3]  Xingyuan Wang,et al.  Cryptanalysis of an image encryption algorithm using Chebyshev generator , 2014, Digit. Signal Process..

[4]  Muhammad Khurram Khan,et al.  Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’ , 2010, Sensors.

[5]  Wei Liang,et al.  A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity , 2016, Secur. Commun. Networks.

[6]  Tsern-Huei Lee,et al.  Simple Dynamic User Authentication Protocols for Wireless Sensor Networks , 2008, 2008 Second International Conference on Sensor Technologies and Applications (sensorcomm 2008).

[7]  Zuowen Tan,et al.  A chaotic maps-based authenticated key agreement protocol with strong anonymity , 2013, Nonlinear Dynamics.

[8]  Mitsuji Matsumoto,et al.  A Single Mobile Target Tracking in Voronoi-based Clustered Wireless Sensor Network , 2011, J. Inf. Process. Syst..

[9]  Song Han,et al.  Chaotic map based key agreement with/out clock synchronization , 2009 .

[10]  Xingyuan Wang,et al.  An anonymous key agreement protocol based on chaotic maps , 2011 .

[11]  X. Liao,et al.  An extended method for obtaining S-boxes based on three-dimensional chaotic Baker maps , 2007 .

[12]  Jong Hyuk Park,et al.  User authentication schemes with pseudonymity for ubiquitous sensor network in NGN , 2010, Int. J. Commun. Syst..

[13]  William R. Claycomb,et al.  A novel node level security policy framework for wireless sensor networks , 2011, J. Netw. Comput. Appl..

[14]  Muhammad Khurram Khan,et al.  Cryptanalysis and improvement of ‘a robust smart‐card‐based remote user password authentication scheme’ , 2014, Int. J. Commun. Syst..

[15]  Bai Li,et al.  Using mobile agents to recover from node and database compromise in path-based DoS attacks in wireless sensor networks , 2009, J. Netw. Comput. Appl..

[16]  Wen-Chung Kuo,et al.  A new digital signature scheme based on chaotic maps , 2013, Nonlinear dynamics.

[17]  Di Xiao,et al.  Analysis and improvement of a chaos-based Hash function construction , 2010 .

[18]  Alfredo De Santis,et al.  Security of public-key cryptosystems based on Chebyshev polynomials , 2004, IEEE Transactions on Circuits and Systems I: Regular Papers.

[19]  Tian-Fu Lee,et al.  Provably Secure Anonymous Single-Sign-On Authentication Mechanisms Using Extended Chebyshev Chaotic Maps for Distributed Computer Networks , 2018, IEEE Systems Journal.

[20]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[21]  Chun-Hung Liu,et al.  Enhancement of Two-Factor User Authentication in Wireless Sensor Networks , 2010, 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[22]  Anup Kumar,et al.  Lifetime-aware geographic routing under a realistic link layer model in wireless sensor networks , 2011, Int. J. Inf. Technol. Commun. Convergence.

[23]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[24]  Xingyuan Wang,et al.  Color image encryption using spatial bit-level permutation and high-dimension chaotic system , 2011 .

[25]  Manoj Kumar,et al.  Cryptanalysis and security enhancement of Chen et al.’s remote user authentication scheme using smart card , 2012, Central European Journal of Computer Science.

[26]  Cheng-Chi Lee,et al.  An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks , 2013, Sensors.

[27]  Ma,et al.  Security Enhancement of Robust User Authentication Framework for Wireless Sensor Networks , 2012 .

[28]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[29]  Wuu Yang,et al.  An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[30]  Xiong Li,et al.  An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement , 2014, Secur. Commun. Networks.

[31]  T. J. Rivlin The Chebyshev polynomials , 1974 .

[32]  John Anderson,et al.  Wireless sensor networks for habitat monitoring , 2002, WSNA '02.

[33]  Sk Hafizul Islam,et al.  Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps , 2014 .

[34]  Donghoon Lee,et al.  Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2014, Sensors.

[35]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[36]  Lee-Chun Ko,et al.  A novel dynamic user authentication scheme for wireless sensor networks , 2008, 2008 IEEE International Symposium on Wireless Communication Systems.

[37]  Xing-Yuan Wang,et al.  A symmetric image encryption algorithm based on mixed linear-nonlinear coupled map lattice , 2014, Inf. Sci..

[38]  Linhua Zhang Cryptanalysis of the public key encryption based on multiple chaotic systems , 2008 .

[39]  Wang Xing-Yuan,et al.  A secure key agreement protocol based on chaotic maps , 2013 .

[40]  Jianfeng Ma,et al.  Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy , 2016 .

[41]  Debiao He,et al.  Robust Biometrics-Based Authentication Scheme for Multiserver Environment , 2015, IEEE Systems Journal.

[42]  Xing-yuan Wang,et al.  A switch-modulated method for chaos digital secure communication based on user-defined protocol , 2010 .

[43]  Xing-yuan Wang,et al.  A chaotic image encryption algorithm based on perceptron model , 2010 .

[44]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[45]  Xing-yuan Wang,et al.  An improved key agreement protocol based on chaos , 2010 .

[46]  Jianfeng Ma,et al.  An Efficient Ticket Based Authentication Protocol with Unlinkability for Wireless Access Networks , 2014, Wireless Personal Communications.

[47]  Muhammad Khurram Khan,et al.  More secure smart card-based remote user password authentication scheme with user anonymity , 2014, Secur. Commun. Networks.

[48]  Peilin Hong,et al.  A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks , 2013, J. Netw. Comput. Appl..

[49]  Naveen K. Chilamkurti,et al.  A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks , 2015, Inf. Sci..

[50]  Yiu-ming Cheung,et al.  Security of public key encryption technique based on multiple chaotic systems , 2005, nlin/0510017.

[51]  Eunjun Yoon,et al.  An efficient and secure Diffie–Hellman key agreement protocol based on Chebyshev chaotic map , 2011 .

[52]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[53]  Ljupco Kocarev,et al.  Public-key encryption based on Chebyshev maps , 2003, Proceedings of the 2003 International Symposium on Circuits and Systems, 2003. ISCAS '03..

[54]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[55]  Wei Liang,et al.  Cryptanalysis of a dynamic identity‐based remote user authentication scheme with verifiable password update , 2015, Int. J. Commun. Syst..

[56]  C. Chui,et al.  A symmetric image encryption scheme based on 3D chaotic cat maps , 2004 .

[57]  Aboul Ella Hassanien,et al.  A Fast and Secure One-Way Hash Function , 2011, FGIT-SecTech.

[58]  Jorge Sá Silva,et al.  Robust dynamic user authentication scheme for wireless sensor networks , 2009, Q2SWinet '09.

[59]  Kuldip Singh,et al.  An improvement of Liao et al.'s authentication scheme using smart cards , 2010, 2010 IEEE 2nd International Advance Computing Conference (IACC).

[60]  Yuanyuan Zhang,et al.  Cryptanalysis and Improvement of an Anonymous Authentication Protocol for Wireless Access Networks , 2013, Wireless Personal Communications.

[61]  Peilin Hong,et al.  Security improvement on an anonymous key agreement protocol based on chaotic maps , 2012 .

[62]  Cheng-Chi Lee,et al.  Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks , 2013, Multimedia Systems.

[63]  Luminita Vasiu,et al.  On The Indistinguishability-Based Security Model of Key Agreement Protocols-Simple Cases , 2005, IACR Cryptol. ePrint Arch..

[64]  Richard Han,et al.  Rapid prototyping of mobile input devices using wireless sensor nodes , 2003, 2003 Proceedings Fifth IEEE Workshop on Mobile Computing Systems and Applications.

[65]  R. B. Patel,et al.  Multi-hop communication routing (MCR) protocol for heterogeneous wireless sensor networks , 2011, Int. J. Inf. Technol. Commun. Convergence.

[66]  Chun Chen,et al.  An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks , 2010, Ad Hoc Sens. Wirel. Networks.

[67]  Cheng-Chi Lee,et al.  A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps , 2012, Nonlinear Dynamics.

[68]  Edgar H. Callaway,et al.  Wireless Sensor Networks: Architectures and Protocols , 2003 .

[69]  X. Liao,et al.  One-way Hash function construction based on the chaotic map with changeable-parameter , 2005 .

[70]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[71]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).

[72]  Tian-Fu Lee,et al.  Enhancing the security of password authenticated key agreement protocols based on chaotic maps , 2015, Inf. Sci..

[73]  Cheng-Chi Lee,et al.  An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments , 2013, Nonlinear Dynamics.

[74]  Xiaofeng Liao,et al.  A novel key agreement protocol based on chaotic maps , 2007, Inf. Sci..

[75]  SK Hafizul Islam,et al.  Design and analysis of a three party password-based authenticated key exchange protocol using extended chaotic maps , 2015, Inf. Sci..

[76]  Xiaofeng Liao,et al.  A chaos-based hash function with both modification detection and localization capabilities , 2010 .

[77]  Muhammad Khurram Khan,et al.  Cryptanalysis and Improvement of "An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems" , 2014, Secur. Commun. Networks.

[78]  David Starobinski,et al.  Rateless Deluge: Over-the-Air Programming of Wireless Sensor Networks Using Random Linear Codes , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).

[79]  Xiaofeng Liao,et al.  Using time-stamp to improve the security of a chaotic maps-based key agreement protocol , 2008, Inf. Sci..

[80]  Pardeep Kumar,et al.  E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks , 2012, Sensors.

[81]  Aleksandar Milenkovic,et al.  System architecture of a wireless body area sensor network for ubiquitous health monitoring , 2005 .

[82]  Debiao He,et al.  Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol , 2012, Nonlinear Dynamics.