Secure Lightweight User Authentication and Key Agreement Scheme for Wireless Sensor Networks Tailored for the Internet of Things Environment

In a wireless sensor networks (WSNs), there is a need of constant information access from the nodes, as the real-time data might never again be accessed. Thus, users are allowed to access the nodes in the real-time as and when required. The user authentication plays an indispensable part in this communication. Recently, Farash et al. proposed an efficient user authentication scheme for WSNs. Though their scheme is very efficient, we identify that their scheme is vulnerable to off-line password guessing attack, off-line identity guessing attack, stolen smart card attack and user impersonation attack. As a result, we feel that there is a great need to improve Farash et al.’s scheme to present a secure communication protocol. In this paper, we propose a secure and lightweight user authentication and key agreement scheme for distributed WSN, which will also be handy in taking care of the Internet of Things (IoT). The lightweight property of our proposed scheme can be useful in resource-constrained architecture of WSNs. In addition, our scheme has merit to change dynamically the user’s password locally without the help of the base station or gateway node. Furthermore, our scheme supports dynamic nodes addition, after the initial deployment of nodes in the existing sensor network. We prove the authentication property of our scheme using Burrows-Abadi-Needham (BAN) logic. The simulation results using the automated validation of internet security protocols and applications (AVISPA) tool shows the security of the proposed scheme against replay and man-in-the middle attacks.

[1]  Chun Chen,et al.  An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks , 2010, Ad Hoc Sens. Wirel. Networks.

[2]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[3]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).

[4]  Chin-Chen Chang,et al.  A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks , 2016, IEEE Transactions on Wireless Communications.

[5]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[6]  Marko Hölbl,et al.  An Improved Dynamic Password-based User Authentication Scheme for Hierarchical Wireless Sensor Networks , 2013 .

[7]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[8]  Ashok Kumar Das,et al.  A dynamic password-based user authentication scheme for hierarchical wireless sensor networks , 2012, J. Netw. Comput. Appl..

[9]  Saru Kumari,et al.  An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment , 2016, Ad Hoc Networks.

[10]  Peilin Hong,et al.  A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks , 2013, J. Netw. Comput. Appl..

[11]  H. T. Mouftah,et al.  Improved two-factor user authentication in wireless sensor networks , 2010, 2010 IEEE 6th International Conference on Wireless and Mobile Computing, Networking and Communications.

[12]  Ian F. Akyildiz,et al.  Wireless sensor networks: a survey , 2002, Comput. Networks.

[13]  David von Oheimb The High-Level Protocol Specification Language HLPSL developed in the EU project AVISPA , 2005 .

[14]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[15]  Chun-Hung Liu,et al.  Enhancement of Two-Factor User Authentication in Wireless Sensor Networks , 2010, 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[16]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[17]  Sourav Mukhopadhyay,et al.  Cryptanalysis of Pairing-Free Identity-Based Authenticated Key Agreement Protocols , 2013, ICISS.

[18]  Wei-Kuan Shih,et al.  A Robust Mutual Authentication Protocol for Wireless Sensor Networks , 2010 .

[19]  Muhammad Khurram Khan,et al.  Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’ , 2010, Sensors.