Rong Fan,Dao-jing He,Xue-zeng Pan,Ling-di Ping

DOI: https://doi.org/10.1631/jzus.c1000377

2011-01-01

Abstract:Wireless sensor networks (WSNs) are vulnerable to security attacks due to their deployment and resource constraints. Considering that most large-scale WSNs follow a two-tiered architecture, we propose an efficient and denial-of-service (DoS)-resistant user authentication scheme for two-tiered WSNs. The proposed approach reduces the computational load, since it performs only simple operations, such as exclusive-OR and a one-way hash function. This feature is more suitable for the resource-limited sensor nodes and mobile devices. And it is unnecessary for master nodes to forward login request messages to the base station, or maintain a long user list. In addition, pseudonym identity is introduced to preserve user anonymity. Through clever design, our proposed scheme can prevent smart card breaches. Finally, security and performance analysis demonstrates the effectiveness and robustness of the proposed scheme.

Rong Fan,Lingdi Ping,JianQing Fu,Xuezeng Pan

DOI: https://doi.org/10.1109/PACCS.2010.5626600

2010-01-01

Abstract:As wireless sensor networks (WSNs) are susceptible to attacks and sensor nodes have limited resources, designing a secure and efficient user authentication protocol for WSNs is a difficult task. Considering that most future large-scale WSNs follow a two-tiered architecture, we propose an efficient and Denial-of-Service resistant user authentication scheme for two-tiered WSNs, which imposes very light computational load and requires simple operations such as one-way hash function and exclusive-OR operations. In addition, there is a growing requirement for preserving user anonymity recently. Thus we introduce pseudonym identity for each user which is concealed in login messages. And through clever design, our proposed scheme can prevent from smart card breach. Moreover, the security analysis on this scheme demonstrates that our proposed scheme enjoys security attributes such as preventing the various kinds of attacks and user anonymity. Finally, performance analysis shows that our proposed scheme is simple and efficient.

Jun-fang XIAO,Jian LIAO,Gui-hua ZENG

2012-01-01

Abstract:Compared with traditional network,the wireless sensor nodes are limited in the storage,mobility,computation,energy,and so on.A threshold ring signature scheme suitable for wireless sensor networks based on bilinear pairings was proposed.Assuming the abstrusity of computational Diffie-Hellman problem,the secure proof was shown in the model of random oracles using the reduction to the contravention.Proposed scheme also had other characteristics,such as robustness,multi-signature and parallel computation.

Huang Lu,Jie Li,Hisao Kameda

DOI: https://doi.org/10.1109/glocom.2010.5683084

2010-01-01

Abstract:In this paper, we study the secure routing for cluster-based sensor networks where clusters are formed dynamically and periodically. We point out the deficiency in the secure routing protocols with symmetric key pairing. Along with the investigation of ID-based cryptography for security in WSNs, we propose a new secure routing protocol with ID-based signature scheme for cluster-based WSNs, in which the security relies on the hardness of the Diffie-Hellman problem in the random oracle model. Because of the communication overhead for security, we provide analysis and simulation results in details to illustrate how various parameters act between security and energy efficiency.

Chen Yulei,Chen Jianhua

DOI: https://doi.org/10.1007/s11227-021-03820-6

IF: 3.3

2021-01-01

The Journal of Supercomputing

Abstract:Wireless sensor networks (WSNs) are usually deployed in hostile or unattended areas, and users need to obtain real-time data from WSNs. The data collected by sensor nodes are usually relatively private and sensitive, so users must pass the identity authentication before obtaining the information perceived by sensor nodes. In order to enhance the security of wireless sensor networks and prevent illegal users from accessing sensor nodes, this paper designs an efficient and secure identity authentication protocol for wireless sensor networks. The proposed protocol makes full use of the advantages of lightweight cryptographic primitives such as physical unclonable function, one-way hash function and bitwise exclusive operation. Moreover, users only need to use biometrics (such as fingerprints, iris) to access the remote systems and do not need to rely on any password, which avoids the trouble of memorizing and losing password. To prove the scheme's security, the well-known formal security proof with random oracle model and traditional heuristic discussion are given. Additionally, the performance comparison results show that our scheme has less communication overhead and computation complexity, and is effective for the resource constrained sensor devices in WSNs.

Junfang Xiao,Guihua Zeng,Jian Liao,Peiwei Huang

DOI: https://doi.org/10.1109/WiCOM.2006.230

2006-01-01

Abstract:A number of peer to peer (P2P) systems as well as mobile ad-hoc networks (MANETS) fall into the category of ad hoc groups. Their needs for security have been widely recognized, so some signature schemes had been introduced for ad hoc group. On the based of analyzing those schemes, we propose a threshold ring signature from bilinear pairings for ad hoc group. On the base of analyzing proposed scheme, we conclude that our scheme meet with the three requirement Of threshold ring signature: correctness, anonymity and secure against adaptively chosen message attacks in the random oracle model assuming the Computational Diffie-Hellman problem (CDH problem) is hard to solve. Moreover, Small size on the signature, robustness, multi-signature and distributed computing, which characteristics proposed scheme has, are useful for ad hoc notes to save communication overhead, memory size, computation, energy consumption and safety from widely known attacks.

Fan Wu,Lili Xu,Saru Kumari,Xiong Li

DOI: https://doi.org/10.1007/s12083-015-0404-5

IF: 3.488

2015-01-01

Peer-to-Peer Networking and Applications

Abstract:Wireless sensor network(WSN) contains many specially distributed sensors which collect information for people to analyze appointed objects in real-time. WSN is deployed widely in many fields, such as fire detection and remote health care monitoring. User authentication is an important part for the communication of WSN. In 2014, Jiang et al. and Choi et al. proposed their authentication schemes for WSN, respectively. However, we find some weaknesses in them. Jiang et al.'s scheme cannot resist the De-Synchronization attack, the off-line guessing attack and the user forgery attack. Besides, it does not keep the character of strong forward security. Choi et al.'s scheme is under the off-line password guessing attack and the user impersonation attack without user anonymity. We present an improved authentication scheme and prove it to be secure with the formal security model. Also, we analyze the concrete secure characters and the performance of our scheme. Through comparison with some recent schemes, our scheme is more practical and fit for applications.

Fagen Li,Di Zhong,Tsuyoshi Takagi

DOI: https://doi.org/10.1109/wcl.2012.091312.120488

IF: 6.3

2012-01-01

IEEE Wireless Communications Letters

Abstract:Authentication is an important security requirement for wireless sensor networks. Digital signature plays a crucial role to provide integrity, authentication and non-repudiation of data. In this letter, we propose a practical identity-based online/offline signature scheme for wireless sensor networks. Our scheme splits the signature generation into two phases: offline phase and online phase. In the offline part, most heavy computations are done without the knowledge of a message. In the online stage, only light computations are done when the message is known. As compared with the existing four pairing-based identity-based online/offline signature schemes, our scheme has the lowest computational cost.

Saru Kumari,Ashok Kumar Das,Mohammad Wazid,Xiong Li,Fan Wu,Kim-Kwang Raymond Choo,Muhammad Khurram Khan

DOI: https://doi.org/10.1002/cpe.3930

2017-01-01

Abstract:A wireless sensor network (WSN) typically consists of a large number of resource-constrained sensor nodes and several control or gateway nodes. Ensuring the security of the asymmetric nature of WSN is challenging, and designing secure and efficient user authentication and key agreement schemes for WSNs is an active research area. For example, in 2016, Farash et al. proposed a user authentication and key agreement scheme for WSNs. However, we reveal previously unpublished vulnerabilities in their scheme, which allow an attacker to carry out sensor node spoofing, password guessing, user/sensor node anonymity, and user impersonation attacks. We then present a scheme, which does not suffer from the identified vulnerabilities. To demonstrate the practicality of the scheme, we evaluate the scheme using NS-2 simulator. We then prove the scheme secure using Burrows-Abadi-Needham logic. Copyright (c) 2016 John Wiley & Sons, Ltd.

Yang ZHAO,Feng YUE,Hu XIONG,Zhi-guang QIN

DOI: https://doi.org/10.3969/j.issn.1671-1122.2015.10.002

2015-01-01

Abstract:The designated verifier signature specifies a verifier to check the validity of the signature; any third party can not check it because the designated verifier is able to generate an indistinguishable signature from the signer’s signature. In ring signature scheme, the signer can sign the message on behalf of the ring anonymously, the veriifer can check the validity of the signature, but it cannot recognize which member of the ring has signed it. In order to ensure the signer’s identity privacy and that only the designated veriifer can check the authenticity of the signature, Wu propose a strong designated veriifer ID-based ring signature scheme through combining the designated veriifer signature and the ring signature. The scheme allows the signer to designate a veriifer and generate a designated veriifer ring signature. Through the analysis on Wu’s scheme, we ifgure out the scheme does not satisfy the attribute of non-delegatability in designated verifier signature scheme and describe the attack method in this paper. For the sake of avoiding the lfaw, this paper improves Wu’s scheme and makes it provably secure. In addition, according to the improved scheme, we propose a strong designated veriifer ring signcryption scheme providing authentication and conifdentiality simultaneously.

Chen Yulei,Chen Jianhua

DOI: https://doi.org/10.1007/s11042-020-10259-z

IF: 2.577

2021-01-01

Multimedia Tools and Applications

Abstract:The rapid development of wireless sensor networks (WSNs) has brought great convenience to people's lives, as well as huge security challenges. Recently, Kaur et al. proposed an improved user authentication protocol for WSNs. However, we find that their protocol cannot provide user untraceability and perfect forward security, and it fails to resist the privileged insider attack because it only uses lightweight cryptographic primitive to ensure the security of the scheme. To overcome the weaknesses in Kaur et al.'s protocol, we propose a secure anonymous authentication with key agreement protocol for WSNs. It uses self-certified public key cryptography to guarantee confidentiality, security and availability in public channels. Additionally, through formal and informal security proofs, we demonstrate that the proposed scheme can achieve the expected security properties. By comparing with other related protocols on execution time and communication cost, we find that our protocol is more secure and efficient.

Junfang Xiao,Guihua Zeng

DOI: https://doi.org/10.1109/CHINACOM.2007.4469385

2007-01-01

Abstract:A number of peer to peer (P2P) systems as well as mobile ad-hoc networks (MANETs) fall into the category of ad hoc groups. Their needs for security have been widely recognized. Following this line, some signature schemes had introduced for ad hoc group. On the based of analyzing those scheme, we propose a threshold ring signature from bilinear pairings for ad hoc group. On the base of analyzing our scheme, we conclude that our scheme meet with the three requirement of threshold ring signature: correctness, anonymity and secure against adaptively chosen message attacks in the random oracle model assuming the Computational Diffie-Hellman problem (CDH problem) is hard to solve. We presented detailed secure proof against widely known attacks in the paper. And then we give out the analysis on efficiency compared with Bresson's signature schemes [6].

Fagen Li,Hu Xiong,Yong Yu

DOI: https://doi.org/10.1109/icccas.2008.4657819

2008-01-01

Abstract:Signcryption is a cryptographic primitive that performs digital signature and public key encryption simultaneously, at lower computational costs and communication overheads than the signature-then-encryption approach. In 2005, Huang et al. proposed an identity-based ring signcryption scheme by combining the concepts of identity-based ring signature and signcryption together. However, their scheme is computationally inefficient, since the number of pairing computations grows linearly with the group size. In this paper, we propose an efficient identity-based ring signcryption scheme. Our scheme only needs four pairing computations for any group size. We then prove that the proposed scheme is secure against adaptive ciphertext attacks in the random oracle model assuming the Decisional Bilinear Diffie-Hellman problem is computationally hard.

Kaiping Xue,Changsha Ma,Peilin Hong,Rong Ding

DOI: https://doi.org/10.1016/j.jnca.2012.05.010

IF: 7.574

2012-01-01

Journal of Network and Computer Applications

Abstract:Wireless sensor network (WSN) can be deployed in any unattended environment. With the new developed IoT (Internet of Things) technology, remote authorized users are allowed to access reliable sensor nodes to obtain data and even are allowed to send commands to the nodes in the WSN. Because of the resource constrained nature of sensor nodes, it is important to design a secure, effective and lightweight authentication and key agreement scheme. The gateway node (GWN) plays a crucial role in the WSN as all data transmitted to the outside network must pass through it. We propose a temporal-credential-based mutual authentication scheme among the user, GWN and the sensor node. With the help of the password-based authentication, GWN can issue a temporal credential to each user and sensor node. For a user, his/her temporal credential can be securely protected and stored openly in a smart card. For a sensor node, its temporal credential is related to its identity and must privately stored in its storage medium. Furthermore, with the help of GWN, a lightweight key agreement scheme is proposed to embed into our protocol. The protocol only needs hash and XOR computations. The results of security and performance analysis demonstrate that the proposed scheme provides relatively more security features and high security level without increasing too much overhead of communication, computation and storage. It is realistic and well adapted for resource-constrained wireless sensor networks.

Xin Liu,Zhenbin Guo,Jun Ma,Yuchen Song

DOI: https://doi.org/10.1109/jiot.2021.3097996

IF: 10.6

2022-03-01

IEEE Internet of Things Journal

Abstract:Wireless sensor networks (WSNs) are widely implemented in military, intelligent medical, intelligent transportation, space exploration, and other fields. However, the authentication and communication of WSNs are carried out in the harsh external environment via a public channel, which is more vulnerable to various attacks than the traditional networks. Authentication is the key technology of security measures, but a common authentication scheme is not suitable for WSNs due to limitations of memory, computing, and energy consumption. Therefore, designing a secure and efficient authentication scheme is essential in WSNs. In recent years, several studies proved that the dynamic authentication credential (DAC) is efficient for enhancing the security of the authentication scheme. This article designs a secure authentication scheme for WSNs based on DAC and Intel software guard extensions (SGX). Compared with other DAC authentication schemes, our scheme provides the confirmation action of DAC rotation, which can effectively prevent the asynchronous update problem caused by packet loss. In order to resist the privileged user attack and the authentication table leakage attack, we choose the SGX, which can protect the data in use, as the trusted execution environment in the gateway node, and we adopt SGX to store the master key for protecting the authentication table. Finally, the security of our authentication scheme is verified by BAN logic, the simulation tool AVISPA, and informal security analysis. Through the consumption overhead analysis, the NS3 simulation result, and detailed comparison with other recent schemes, we conclude that our scheme is practical and achieves better security with less overhead.

computer science, information systems,telecommunications,engineering, electrical & electronic

Qing Fan,Jianhua Chen,Feng Xu,Li,Min Luo

DOI: https://doi.org/10.1002/cpe.6178

2022-01-01

Abstract:SummaryWireless sensor networks (WSNs) are widespreadly applicable for information acquisition and processing in various fields such as military, healthcare, envrionment monitoring, and so on. WSNs have three main components: sensors, gateways, and users. The sensing information from sensors is transmitted to users through gateways. However, the public wireless networks are vulnerable to malicious active and passive attacks, which could bring security and privacy issues. Numerous two‐factor based authentication and key agreement (AKA) protocols have been proposed to solve these issues, whereas these schemes still have some deficiencies. Three‐factor based authentication method can make up for the drawbacks of two‐factor based schemes. Kumari and Renuka put forward a biometrics‐based AKA for WSNs with elliptic curve cryptography (ECC). But their scheme cannot maintain anonymity and resist to impersonality attack, replay attack, and DoS attack. In this article, we propose a biometrics‐based anonymous AKA scheme, which is equipped with the covered security requirements of WSNs. Meanwhile, the proposed scheme are provably secure in the three‐party AKA security model. Performance analysis demonstrates that our scheme has better security properties, communication cost, and computational cost compared with five recent and related schemes.

Fan Wu,Lili Xu,Saru Kumari,Xiong Li,Jian Shen,Kim-Kwang Raymond Choo,Mohammad Wazid,Ashok Kumar Das

DOI: https://doi.org/10.1016/j.jnca.2016.12.008

IF: 7.574

2016-01-01

Journal of Network and Computer Applications

Abstract:Wireless sensor networks (WSNs) for Internet of Things (IoT) can be deployed in a wide range of industries such as agriculture and military. However, designing a secure and reliable authentication scheme for WSNs that can be deployed in IoT remains a research and operational challenge. For example, recently in 2016, Amin and Biswas showed that the Turcanovic et al.'s scheme is vulnerable to smart card loss attack, user impersonation attack, etc. They then proposed a new authentication scheme for WSNs with multi-gateway. In this paper, we revisit the scheme of Amin and Biswas and reveal previously unknown vulnerabilities in the scheme (i.e. sensor capture attack, user forgery attack, gateway forgery attack, sensor forgery attack and off-line guessing attack). In addition, we demonstrate that the user in the scheme can be tracked due to the use of a constant pseudo-identity and previously established session keys can be calculated by the attacker. Rather than attempting to fix a broken scheme, we present a novel authentication scheme for multi-gateway based WSNs. We then demonstrate the security of the proposed scheme using Proverif, as well as evaluating the good performance of the scheme using NS-2 simulation.

Yan Xu,Liusheng Huang,Miaomiao Tian,Hong Zhong

DOI: https://doi.org/10.6633/ijns.201609.18(5).19

2016-01-01

Abstract:The ring signature scheme is a simplified group signature scheme for no manager while preserving unconditionally anonymous of the signer. Certificateless cryptography is introduced for eliminating the use of certificates in Public Key Infrastructure and solving the key-escrow problem in ID-based cryptogratography. Recently, Qin et al. proposed the first RSA-based certificateless ring signature scheme which was proved unforgeable in random oracle model. In this paper, we demonstrated that this scheme was not secure against the Type I adversary.

Fagen Li,Yanan Han,Chunhua Jin

DOI: https://doi.org/10.1007/s11277-016-3327-4

IF: 2.017

2016-01-01

Wireless Personal Communications

Abstract:Secure communication is an important task for wireless sensor networks (WSNs). Signcryption is a good choice to guarantee the security of resource-constrained WSNs since it simultaneously achieves confidentiality, authentication, integrity and non-repudiation at a low cost. In this paper, we propose a heterogeneous signcryption scheme for secure communication from the WSNs to an Internet server. In our scheme, the WSNs belong to the certificateless cryptosystem (CLC) and the server belongs to the public key infrastructure (PKI). The CLC has neither key escrow problem nor public key certificates and is very suitable for the WSNs. The PKI is also suitable for the server since the PKI technique has been widely adopted in the Internet security. We prove that our scheme has the existential unforgeability against adaptive chosen message attack under q-strong Diffie---Hellman and modified inverse computational Diffie---Hellman problems and indistinguishability against adaptive chosen ciphertext attack under bilinear Diffie---Hellman inversion problem in the random oracle model. As compared with the existing three certificateless signcryption schemes (i.e., YL, BF and WC), our scheme respectively costs a 28.4, 58.3, and 68.2 % less in computational time and a 26.9, 56.6, and 67.3 % saving in energy consumption (the length of transmitted message is 100 bits).

Qihong Yu,Jiguo Li,Jian Shen

DOI: https://doi.org/10.3390/sym15010179

2023-01-08

Symmetry

Abstract:The security of the signature scheme is destroyed because its secret information of the signature system is leaked due to the side channel attack. Ring signature has good application value, which can provide more flexibility and complete anonymity. It can be used in some systems such as anonymous authentication in ad hoc networks, electronic voting and crypto coin based on blockchain. Because of the side channel attack, the private key of the ring signature system may be exposed, which may cause insecurity. We present a ring signature system against continuous side channel attack. Because of the symmetry of the ring, the user's identity has good privacy protection. The proposed scheme is completely secure without a random oracle model and the private key disclosure rate is close to 1/3. Through the dual system technique, the existential unforgeability and unconditional anonymity of the scheme are proved in the composite order group based on the subgroup decision assumption.