Rong Fan,Dao-jing He,Xue-zeng Pan,Ling-di Ping

DOI: https://doi.org/10.1631/jzus.c1000377

2011-01-01

Abstract:Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints. Considering that most large-scale WSNs follow a two-tiered architecture, we propose an efficient and denial-of-service (DoS)-resistant user authentication scheme for two-tiered WSNs. The proposed approach reduces the computational load, since it performs only simple operations, such as exclusive-OR and a one-way hash function. This feature is more suitable for the resource-limited sensor nodes and mobile devices. And it is unnecessary for master nodes to forward login request messages to the base station, or maintain a long user list. In addition, pseudonym identity is introduced to preserve user anonymity. Through clever design, our proposed scheme can prevent smart card breaches. Finally, security and performance analysis demonstrates the effectiveness and robustness of the proposed scheme.

Rong Fan,Lingdi Ping,JianQing Fu,Xuezeng Pan

DOI: https://doi.org/10.1109/PACCS.2010.5626600

2010-01-01

Abstract:As wireless sensor networks (WSNs) are susceptible to attacks and sensor nodes have limited resources, designing a secure and efficient user authentication protocol for WSNs is a difficult task. Considering that most future large-scale WSNs follow a two-tiered architecture, we propose an efficient and Denial-of-Service resistant user authentication scheme for two-tiered WSNs, which imposes very light computational load and requires simple operations such as one-way hash function and exclusive-OR operations. In addition, there is a growing requirement for preserving user anonymity recently. Thus we introduce pseudonym identity for each user which is concealed in login messages. And through clever design, our proposed scheme can prevent from smart card breach. Moreover, the security analysis on this scheme demonstrates that our proposed scheme enjoys security attributes such as preventing the various kinds of attacks and user anonymity. Finally, performance analysis shows that our proposed scheme is simple and efficient.

Fan Wu,Lili Xu,Saru Kumari,Xiong Li

DOI: https://doi.org/10.1007/s12083-016-0485-9

IF: 3.488

2016-01-01

Peer-to-Peer Networking and Applications

Abstract:In wireless sensor networks(WSNs), the process that a legal user retrieving the information in real-time from the sensor nodes should be based on mutual authentication among the user, the sensors and the gateway. So security issues have attracted researchers. In 2014, A. K. Das proposed a new three-factor user authentication scheme for WSNs to overcome the disadvantages in Jiang et al.'s two-factor user authentication scheme. However, we find that the scheme has several weaknesses including susceptibility to the off-line guessing attack and the de-synchronization attack and destitution of strong forward security. We also find weaknesses in two three-factor user authentication schemes for WSNs presented by A. K. Das in 2015, containing under the off-line password guessing attack and the user forgery attack. Also, the two schemes lack user anonymity and strong forward security. Then we give an improved three-factor remote authentication scheme for WSNs to eliminate the above weaknesses. To illustrate the security of our scheme, we give a standard formal proof in the random oracle model, a formal verification with ProVerif and the informal analysis of security properties. The results demonstrate that our scheme is robust enough to keep away from various security vulnerabilities. Through the comparison with some other recent schemes, ours is suitable for the application.

Daojing He,Yi Gao,Sammy Chan,Chun Chen,Jiajun Bu

2010-01-01

Abstract:Designing a user authentication protocol for wireless sensor networks is a difficult task because wireless networks are susceptible to attacks and sensor node has limited energy, processing and storage resources. Recently, several authentication schemes have been proposed. This short paper shows some security problems and design weaknesses in those schemes. Furthermore, an enhanced two-factor user authentication protocol is presented. The proposed scheme only uses hash function, and a successful user authentication just requires three message exchanges. Security and performance analyses demonstrate that compared to the well-known authentication schemes, our proposal is more secure and efficient.

jing ying zhao,hai guo,wei wei

DOI: https://doi.org/10.4028/www.scientific.net/AMM.147.320

2012-01-01

Applied Mechanics and Materials

Abstract:Nowadays, Wireless sensor networks (WSNs) are appeared to be new and promising solutions for next generation real-time wireless monitoring applications. These WSNs could become a threat if suitable security is not considered before the deployment. However, if there is any loophole in security, that might opens the door to attackers and hence, endanger for the applications. So, user authentication is one of the core requirements to protect WSNs data access from the unauthorized users. In this regard, we propose an efficient two-factor user authentication for WSNs, which is based on password and smart card (two-factors). Our scheme provides mutual authentication, enables the user to choose and change their password frequently. Moreover, they provides strong protection against different kind of attacks at reasonable computation cost.

Ashok Kumar Das,Anil Kumar Sutrala,Saru Kumari,Vanga Odelu,Mohammad Wazid,Xiong Li

DOI: https://doi.org/10.1002/sec.1464

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:User authentication in wireless sensor network WSN plays a very important role in which a legal registered user is allowed to access the real-time sensing information from the sensor nodes inside WSN. To allow such access, a user needs to be authenticated by the accessed sensor nodes as well as gateway nodes inside WSNs. Because of resource limitations and vulnerability to physical capture of some sensor nodes by an attacker, design of a secure user authentication in WSN continues to be an important and challenging research area in recent years. In this paper, we propose a new three-factor user authentication scheme based on the multi-gateway WSN architecture. Through the widely-accepted Burrows-Abadi-Needham logic, we prove that our scheme provides the secure mutual authentication. We then present the formal security verification of our proposed scheme using AVISPA tool, which is a powerful validation tool for network security applications, and show that our scheme is secure. In addition, the rigorous informal security analysis shows that our scheme is also secure against possible other known attacks including the sensor node capture attack. Furthermore, we present the additional functionality features that our scheme offers, which are efficient in communication and computation. Copyright © 2016 John Wiley & Sons, Ltd.

Wenting Li,Bin Li,Yiming Zhao,Ping Wang,Fushan Wei

DOI: https://doi.org/10.1155/2018/8539674

2018-01-01

Abstract:Nowadays wireless sensor networks (WSNs) have drawn great attention from both industrial world and academic community. To facilitate real-time data access for external users from the sensor nodes directly, password-based authentication has become the prevalent authentication mechanism in the past decades. In this work, we investigate three foremost protocols in the area of password-based user authentication scheme for WSNs. Firstly, we analyze an efficient and anonymous protocol and demonstrate that though this protocol is equipped with a formal proof, it actually has several security loopholes been overlooked, such that it cannot resist against smart card loss attack and violate forward secrecy. Secondly, we scrutinize a lightweight protocol and point out that it cannot achieve the claimed security goal of forward secrecy, as well as suffering from user anonymity violation attack and offline password guessing attack. Thirdly, we find that an anonymous scheme fails to preserve two critical properties of forward secrecy and user friendliness. In addition, by adopting the "perfect forward secrecy (PFS)" principle, we provide several effective countermeasures to remedy the identified weaknesses. To test the necessity and effectiveness of our suggestions, we conduct a comparison of 10 representative schemes in terms of the underlying cryptographic primitives used for realizing forward secrecy.

Hanguang Luo,Guangjun Wen,Jian Su

DOI: https://doi.org/10.1007/s11276-018-1841-x

IF: 2.701

2018-01-01

Wireless Networks

Abstract:Wireless sensor networks (WSNs) have rapidly increased to be applicable in many different areas due to their wireless mobile connectivity, large scale deployment and ad hoc network. However, these characteristics make WSNs usually deployed in unattended and hostile field, which may bring some new threats such as information tampering and eavesdropping attacks, etc. User authentication is one of the most important security services that allowed the legitimate user to query and collect the real-time data from a sensor node in WSN. Since the sensor nodes are resource-constrained devices which have limited storage, power and computing resource, the proposed authentication scheme should be low cost and lightweight. Recently, Gope et al. proposed a two-factor lightweight authentication scheme for real-time data access in WSN. However, according to the analysis, there still exist several drawbacks in their scheme as well as in other two-factor schemes. In this paper, we propose a novel lightweight three-factor authentication scheme for WSN to withstand such threats as well as providing higher operational efficiency than most of the recently presented schemes. Both analysis and simulation show that our scheme is more suitable for the security real-time data access in WSN.

Debiao He,Yuanyuan Zhang,Jianhua Chen

2015-01-01

Abstract:Wireless sensor networks (WSNs) are applied widely a variety of areas such as realtime traffic monitoring, measurement of seismic activity, wildlife monitoring and so on. User authentication in WSNs is a critical security issue due to their unattended and hostile deployment in the field. In 2010, Yuan et al. proposed the first biometric-based user authentication scheme for WSNs. However, Yoon et al. pointed out that Yuan et al.’s scheme is vulnerable to the insider attack, user impersonation attack, GW-node impersonation attack and sensor node impersonate attack. To improve security, Yoon et al.’s proposed an improved scheme and claimed their scheme could withstand various attacks. Unfortunately, we will show Yoon et al.’s scheme is vulnerable to the denial-of-service attack (DoS) and the sensor node impersonation attack. To overcome the weaknesses in Yoon et al.’s scheme, we propose a new biometric-based user authentication scheme for WSNs. The analysis shows our scheme is more suitable for practical applications.

Jiaqing Mo,Hang Chen

DOI: https://doi.org/10.1155/2019/2136506

IF: 1.968

2019-01-01

Security and Communication Networks

Abstract:Wireless sensor networks (WSNs) have great potential for numerous domains of application because of their ability to sense and understand unattended environments. However, a WSN is subject to various attacks due to the openness of the public wireless channel. Therefore, a secure authentication mechanism is vital to enable secure communication within WSNs, and many studies on authentication techniques have been presented to build robust WSNs. Recently, Lu et al. analyzed the security defects of the previous ones and proposed an anonymous three-factor authenticated key agreement protocol for WSNs. However, we found that their protocol is vulnerable to some security weaknesses, such as the offline password guessing attack, known session-specific temporary information attack, and no session key backward secrecy. We propose a lightweight security-improved three-factor authentication scheme for WSNs to overcome the previously stated weaknesses. In addition, the improved scheme is proven to be secure under the random oracle model, and a formal verification is conducted by ProVerif to reveal that the proposal achieves the required security features. Moreover, the theoretical analysis indicates that the proposal can resist known attacks. A comparison with related works demonstrates that the proposed scheme is superior due to its reasonable performance and additional security features.

Saru Kumari,Ashok Kumar Das,Mohammad Wazid,Xiong Li,Fan Wu,Kim-Kwang Raymond Choo,Muhammad Khurram Khan

DOI: https://doi.org/10.1002/cpe.3930

2017-01-01

Abstract:A wireless sensor network (WSN) typically consists of a large number of resource-constrained sensor nodes and several control or gateway nodes. Ensuring the security of the asymmetric nature of WSN is challenging, and designing secure and efficient user authentication and key agreement schemes for WSNs is an active research area. For example, in 2016, Farash et al. proposed a user authentication and key agreement scheme for WSNs. However, we reveal previously unpublished vulnerabilities in their scheme, which allow an attacker to carry out sensor node spoofing, password guessing, user/sensor node anonymity, and user impersonation attacks. We then present a scheme, which does not suffer from the identified vulnerabilities. To demonstrate the practicality of the scheme, we evaluate the scheme using NS-2 simulator. We then prove the scheme secure using Burrows-Abadi-Needham logic. Copyright (c) 2016 John Wiley & Sons, Ltd.

Xiancun Zhou,Yan Xiong

DOI: https://doi.org/10.1007/978-3-642-25255-6_34

2011-01-01

Abstract:As wireless sensor networks(WSNs) are susceptible to attacks and sensor nodes have limited resources, it is necessary to design a secure and lightweight user authentication protocol for WSNs. Over the past few years, a few user authentication schemes for WSNs were proposed, in which the concept of timestamps were employed without exception. Analysis shows that it brings new security flaws. An efficient and lightweight user authentication scheme for WSNs is proposed in this paper. In proposed scheme, we employ one-way hash function with a secret key. With the help of smart card, mutual authentication is performed using a challenge-response handshake between user and gateway node in both directions, and it avoids the problem of time synchronization between smart card and the gateway node. An analysis of the scheme is presented and it shows its resilience against classical types of attacks, and it adds less computational overhead than other schemes.

Ding Wang,Ping Wang

DOI: https://doi.org/10.1016/j.comnet.2014.07.010

IF: 5.493

2014-01-01

Computer Networks

Abstract:•We demonstrate privacy breaches into two password authentication schemes for WSNs.•Public-key techniques are indispensible to achieve user untraceability.•Our principle is applicable to two-factor authentication for universal environments.•We discuss the viable solutions to practical realization of user anonymity.•Experimental timings of related public-key operations on small devices are reported.

Hao Feng,Bowen Cai

DOI: https://doi.org/10.3390/electronics13214289

IF: 2.9

2024-11-01

Electronics

Abstract:Wireless Sensor Networks (WSNs) are rapidly being integrated into various fields, significantly impacting and facilitating many aspects of human life. However, the increasingly prominent security issues associated with WSNs have become a significant challenge. This paper provides an in-depth analysis of the security challenges faced by WSNs in resource constrained and open communication environments. As a key component of the Internet of Things (IoT), a WSN can perceive, collect and transmit physical environmental data in real-time, and is widely used in military, medical, agricultural and other fields. However, the insecurity of communication channels and unauthorized user access pose severe threats to network security and data integrity. To address these challenges, this paper proposes a provably secure two-factor authentication protocol. This protocol utilizes a Chebyshev chaotic map and a two-factor authentication mechanism, which not only enhances security in WSNs but also improves authentication efficiency. The protocol is validated through security proof and performance experiments, demonstrating excellent security, functionality and efficiency. This provides strong support for secure and efficient communication in WSNs across various application scenarios.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ding Wang,Ping Wang

DOI: https://doi.org/10.1016/j.adhoc.2014.03.003

IF: 4.816

2014-01-01

Ad Hoc Networks

Abstract:•We show various security flaws in two password authentication schemes for HWSN.•We put forward three general principles to explicate repeated security failures.•Public-key techniques are indispensible to achieve truly two-factor security.•We take the first step toward investigating into the rationales of design choices.

Ding Wang,Ping Wang,Chenyu Wang

DOI: https://doi.org/10.1145/3325130

2020-01-01

ACM Transactions on Cyber-Physical Systems

Abstract:It is challenging to design a secure and efficient multi-factor authentication scheme for real-time data access in wireless sensor networks. On the one hand, such real-time applications are generally security critical, and various security goals need to be met. On the other hand, sensor nodes and users’ mobile devices are typically of a resource-constrained nature, and expensive cryptographic primitives cannot be used. In this work, we first revisit four foremost multi-factor authentication schemes (i.e., those of Amin et al. (JNCA’18), Srinivas et al. (IEEE TDSC’18), Li et al. (JNCA’18), and Li et al. (IEEE TII’18)) and use them as case studies to reveal the difficulties and challenges in designing a multi-factor authentication scheme for wireless sensor networks correctly. We identify the root causes for their failures in achieving truly multi-factor security and forward secrecy. We further propose a robust multi-factor authentication scheme that makes use of the imbalanced computational nature of the RSA cryptosystem, particularly suitable for scenarios where sensor nodes (but not the user’s device) are the main energy bottleneck. Comparison results demonstrate the superiority of our scheme. As far as we know, it is the first two-factor authentication scheme for real-time data access in WSNs that can satisfy all 12 criteria of the state-of-the-art evaluation metric under the harshest adversary model so far.

Binod N. Vaidya,Min Chen,Joel José Puga Coelho Rodrigues

DOI: https://doi.org/10.1109/WCSN.2009.5434810

2009-01-01

Abstract:Wireless sensor networks (WSNs) have been widely used in a wide variety of applications. Deploying WSNs in unattended environments can cause various security threats. In these scenarios, provisioning user authentication is a critical issue. In this paper, we propose improved robust user authentication scheme for WSNs, which is a variation of strong-password based solution. We have analyzed security properties of the proposed scheme and compared with the previous schemes in terms of overhead cost. We have also conducted formal verification of the proposed scheme. ©2009 IEEE.

Hanguang Luo,Guangjun Wen,Jian Su

DOI: https://doi.org/10.1007/978-3-030-00021-9_4

2018-01-01

Abstract:Wireless Sensor Networks (WSNs) have rapidly increased to be applicable in many different areas due to their wireless mobile connectivity, large scale deployment and ad hoc network. However, these characteristics make WSNs usually deployed in unattended and hostile field, which may bring some new threats such as information tampering and eavesdropping attacks, etc. User authentication is one of the most important security services that allowed the legitimate user to query and collect the real-time data from a sensor node in WSN. Since the sensor nodes are resource-constrained devices which have limited storage, power and computing resource, the proposed authentication scheme must be low cost and lightweight. Recently, Gope et al. proposed a realistic lightweight authentication for real-time data access in WSN. Unfortunately, through our analysis we identified several flaws exist in their scheme as well as exist in other two-factor schemes. In order to withstand these threats, in this paper, we proposed some solutions to withstand the problems in Gope et al.' s and other schemes. Our solutions provide an important reference for security data access in WSN.

Fan Wu,Lili Xu,Saru Kumari,Xiong Li

DOI: https://doi.org/10.1007/s12083-015-0404-5

IF: 3.488

2015-01-01

Peer-to-Peer Networking and Applications

Abstract:Wireless sensor network(WSN) contains many specially distributed sensors which collect information for people to analyze appointed objects in real-time. WSN is deployed widely in many fields, such as fire detection and remote health care monitoring. User authentication is an important part for the communication of WSN. In 2014, Jiang et al. and Choi et al. proposed their authentication schemes for WSN, respectively. However, we find some weaknesses in them. Jiang et al.'s scheme cannot resist the De-Synchronization attack, the off-line guessing attack and the user forgery attack. Besides, it does not keep the character of strong forward security. Choi et al.'s scheme is under the off-line password guessing attack and the user impersonation attack without user anonymity. We present an improved authentication scheme and prove it to be secure with the formal security model. Also, we analyze the concrete secure characters and the performance of our scheme. Through comparison with some recent schemes, our scheme is more practical and fit for applications.

WangDing,WangPing

IF: 5.493

2014-01-01

Computer Networks

Abstract:Display Omitted We demonstrate privacy breaches into two password authentication schemes for WSNs.Public-key techniques are indispensible to achieve user untraceability.Our principle is applicable ...