Abstract
Two-factor authenticated key exchange (TFAKE) protocols are critical tools for ensuring identity authentication and secure data transmission in wireless sensor networks (WSNs). Until now, numerous TFAKE protocols based on smart cards and passwords are proposed for WSNs. Unfortunately, most of them are found insecure against various attacks. Researchers focus on cryptanalysis of these protocols and then fixing the loopholes. Little attention has been paid to design rationales and formal security models of these protocols. In this paper, we first put forward a formal security model for TFAKE protocols in WSNs. We then present an efficient TFAKE protocol for WSNs without using expensive asymmetric cryptology mechanisms. Our protocol can be proven secure in the random oracle model and achieves user anonymity. Compared with other TFAKE protocols, our protocol is more efficient and enjoys provable security.
F.Wei—This work is supported by the National Natural Science Foundation of China (Nos. 61309016, 61379150, 61501515), Postdoctoral Science Foundation of China (Grant No. 2014M562493), Postdoctoral Science Foundation of Shanxi Province, and Key Scientific Technological Project of Henan Province (Grant Nos. 122102210126, 092101210502).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Guo, P., Wang, J., Li, B., Lee, S.: A variable threshold-value authentication architecture for wireless mesh networks. J. Internet Technol. 15(6), 929–936 (2014)
Shen, J., Tan, H., Wang, J., Wang, J., Lee, S.: A novel routing protocol providing good transmission reliability in underwater sensor networks. J. Internet Technol. 16(1), 171–178 (2015)
Xie, S., Wang, Y.: Construction of tree network with limited delivery latency in homogeneous wireless sensor networks. wirel. Pers. Commun. 78(1), 231–246 (2014)
He, D.B., Kumar, N., Chen, J.H., et al.: Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Syst. 21(1), 49–60 (2015)
Das, M.L.: Two-factor user authentication in wireless sensor networks. IEEE Trans. Wirel. Commun. 8(3), 1086–1090 (2009)
Nyang, D.H., Lee, M.K.: Improvement of Das’s two-factor authentication protocol in wireless sensor networks. Cryptology, ePrint archive. http://eprint.iacr.org/2009/631.pdf
Chen, T.H., Shih, K.K.: A robust mutual authentication protocol for wireless sensor networks. ETRI J. 32(5), 704–712 (2010)
He, D.J., Gao, Y., Chan, S.: An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc Sens. Wirel. Netw. 10(4), 1–11 (2010)
Khan, M.K., Alghathbar, K.: Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks. Sensors 10(3), 2450–2459 (2010)
Sun, D.Z., Li, J.X., Feng, Z.Y.: On the security and improvement of a two-factor user authentication scheme in wireless sensor networks. Pers. Ubiquit. Comput. 17(5), 895–905 (2013)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Yuan, J.J.: An enhanced two-factor user authentication in wireless sensor networks. Telecommun. Syst. 55(1), 105–113 (2014)
Gong, L., Needham, R., Yahalom, R.: Reasoning about belief in cryptographic protocols. In: Proceedings of 1990 IEEE Computer Society Symposium Research in Security and Privacy, pp. 234–246 (2009)
Wei, F.S., Ma, J.F., Jiang, Q., et al.: Cryptanalysis and improvement of an enhanced two-factor user authentication scheme in wireless sensor networks. Inf. Technol. Control 45(1), 62–70 (2016)
Nam, J., Kim, M., Paik, J., et al.: A provably-secure ECC-based authentication scheme for wireless sensor networks. Sensors 14(11), 21023–21044 (2014)
Pointcheval, D., Zimmer, S.: Multi-factor authenticated key exchange. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 277–295. Springer, Heidelberg (2008)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000). doi:10.1007/3-540-45539-6_11
Alsaleh, M., Mannan, M., Van Oorschot, P.C.: Revisiting defenses against large-scale online password guessing attacks. IEEE Trans. Dependable Secure Comput. 9(1), 128–141 (2012)
Wang, D., He, D., Wang, P., et al.: Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans. Dependable Secure Comput. 12(4), 428–442 (2015)
Hoang, V.T., Krovetz, T., Rogaway, P.: Robust authenticated-encryption AEZ and the problem that it solves. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 15–44. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46800-5_2
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Wei, F., Zhang, R., Ma, C. (2016). Two Factor Authenticated Key Exchange Protocol for Wireless Sensor Networks: Formal Model and Secure Construction. In: Sun, X., Liu, A., Chao, HC., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2016. Lecture Notes in Computer Science(), vol 10039. Springer, Cham. https://doi.org/10.1007/978-3-319-48671-0_34
Download citation
DOI: https://doi.org/10.1007/978-3-319-48671-0_34
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48670-3
Online ISBN: 978-3-319-48671-0
eBook Packages: Computer ScienceComputer Science (R0)