Skip to main content
SpringerLink
Log in

Formal Security Verification of a Dynamic Password-Based User Authentication Scheme for Hierarchical Wireless Sensor Networks

  • Conference paper
Security in Computing and Communications (SSCC 2013)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 377))

Included in the following conference series:

Abstract

In 2012, Das et al. proposed a new password-based user authentication scheme in hierarchical wireless sensor networks [Journal of Network and Computer Applications 35(5) (2012) 1646-1656]. The proposed scheme achieves better security and efficiency as compared to those for other existing password-based user authentication schemes proposed in the literature. This scheme supports to change dynamically the user’s password locally at any time without contacting the base station or gateway node. This scheme also supports dynamic node addition after the initial deployment of nodes in the existing sensor network. In this paper, we simulate this proposed scheme for formal security verification using the widely-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. AVISPA tool ensures that whether a protocol is insecure against possible passive and active attacks, including the replay and man-in-the-middle attacks. Using the AVISPA model checkers, we show that Das et al.’s scheme is secure against possible passive and active attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Advanced Encryption Standard (AES), FIPS PUB 197, National Institute of Standards and Technology (NIST), U.S. Department of Commerce (November 2001), http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

  2. Automated Validation of Internet Security Protocols and Applications, Avispa Tool Documentation, http://www.avispa-project.org/package/user-manual.pdf (accessed on March 2013)

  3. Automated validation of internet security protocols and applications, AVISPA Web Tool, http://www.avispa-project.org/web-interface/expert.php/ (accessed on January 2013)

  4. Secure Hash Standard, FIPS PUB 180-1, National Institute of Standards and Technology (NIST), U.S. Department of Commerce (April 1995)

    Google Scholar 

  5. Wireless Sensor Networks, Crossbow Technology Inc., http://www.xbow.com (accessed on September 2011)

  6. Akyildiz, I.F., Su, W., Sankarasubramaniam, Y., Cayirci, E.: Wireless sensor networks: A Survey. Computer Networks 38(4), 393–422 (2002)

    Article  Google Scholar 

  7. Armando, A., et al.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  8. Basin, D., Modersheim, S., Vigano, L.: OFMC: A symbolic model checker for security protocols. International Journal of Information Security 4(3), 181–208 (2005)

    Article  Google Scholar 

  9. Chatterjee, S., Das, A.K., Sing, J.K.: An Enhanced Access Control Scheme in Wireless Sensor Networks. Ad Hoc & Sensor Wireless Networks (in presss, 2013)

    Google Scholar 

  10. Das, A.K.: An unconditionally secure key management scheme for large-scale heterogeneous wireless sensor networks. In: First IEEE International Conference on Communication Systems and Networks (COMSNETS 2009), pp. 1–10 (2009)

    Google Scholar 

  11. Das, A.K.: A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications. Networking Science 2(1-2), 12–27 (2013)

    Article  Google Scholar 

  12. Das, A.K., Chatterjee, S., Sing, J.K.: A novel efficient access control scheme for large-scale distributed wireless sensor networks. International Journal of Foundations of Computer Science (in press, 2013)

    Google Scholar 

  13. Das, A.K., Massand, A., Patil, S.: A novel proxy signature scheme based on user hierarchical access control policy. Journal of King Saud University - Computer and Information Sciences (2013), http://dx.doi.org/10.1016/j.jksuci.2012.12.001

  14. Das, A.K., Sengupta, I.: An effective group-based key establishment scheme for large-scale wireless sensor networks using bivariate polynomials. In: 3rd IEEE International Conference on Communication Systems Software and Middleware (COMSWARE 2008), pp. 9–16 (2008)

    Google Scholar 

  15. Das, A.K., Sharma, P., Chatterjee, S., Sing, J.K.: A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications 35(5), 1646–1656 (2012)

    Article  Google Scholar 

  16. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)

    Article  MathSciNet  MATH  Google Scholar 

  17. von Oheimb, D.: The high-level protocol specification language hlpsl developed in the eu project avispa. In: Proceedings of APPSEM Workshop (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, 500 032, India

    Ashok Kumar Das

  2. Defence Research and Development Organization, Research Center Imarat, Hyderabad, 500 069, India

    Santanu Chatterjee

  3. Department of Computer Science and Engineering, Jadavpur University, Kolkata, 700 032, India

    Jamuna Kanta Sing

Authors
  1. Ashok Kumar Das
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Santanu Chatterjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jamuna Kanta Sing
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Indian Institute of Information Technology and Management, Technopark Campus, 695581, Trivandrum, Kerala, India

    Sabu M. Thampi

  2. Department of Applied Computer Science, The University of Winnipeg, 515 Portage Avenue, R3B 2E9, Winnipeg, MB, Canada

    Pradeep K. Atrey

  3. Electrical and Computer Science Engineering Building, National Sun Yat-sen University, Kaohsiung, Taiwan R.O.C.

    Chun-I Fan

  4. Facultad de Informatica, Campus de Espinardo, s/n, 30.100, Murcia, Spain

    Gregorio Martinez Perez

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Das, A.K., Chatterjee, S., Sing, J.K. (2013). Formal Security Verification of a Dynamic Password-Based User Authentication Scheme for Hierarchical Wireless Sensor Networks. In: Thampi, S.M., Atrey, P.K., Fan, CI., Perez, G.M. (eds) Security in Computing and Communications. SSCC 2013. Communications in Computer and Information Science, vol 377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40576-1_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-40576-1_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-40575-4

  • Online ISBN: 978-3-642-40576-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation