Skip to main content
SpringerLink
Log in

An Efficient User Authentication and Session Key Agreement in Wireless Sensor Network Using Smart Card

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Securely accessing the information from sensor nodes is the premier need and becomes the challenging area in wireless sensor networks (WSNs) and internet of things environment (IoT). Consequently, keeping up the protection of shared information, authentication assumes a vital role. Where after the mutual authentication, it makes the agreement of the session key among the participants. In this regard, Kalra et al.’s proposed a mechanism for client authentication and session key agreement, and guaranteed, their scheme is highly secured against many possible and well-known threats. However, in this paper, it has been demonstrated that their scheme can suffer from sensor node capturing attack, leakage of gateway node’s secret key and also impractical for session key agreement. Further, an improved scheme has been proposed to conquer the security flaws of Kalra et al.’s scheme. In addition, to check the security properties and to prove the mutual authentication among the participant, the proposed scheme has been verified by ProVerif protocol verification tools. Finally, a comparative study with the other related schemes has also been defined to prove the efficiency of the proposed scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig.9
Fig.10
Fig. 11
Fig.12

Similar content being viewed by others

References

  1. Wong, K. H. M., Zheng, Y., Cao. J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (vol. 1, p. 8).

  2. Watro, R., Kong, D., Cuti, S.-F., Gardiner, C., Lynn, C., & Kruus, P. (2004). TinyPK: securing sensor networks with public key technology. In Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks (pp. 59–64).

  3. Cheng, H., Geng, Y., Wang, J., & Huang, X. (2006). An authenticated identity-based key establishment and encryption scheme for wireless sensor networks. The Journal of China Universities of Posts and Telecommunications, 13(2), 31–38.

    Article  Google Scholar 

  4. Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.

    Article  Google Scholar 

  5. Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks. Sensors, 10(3), 2450–2459.

    Article  Google Scholar 

  6. Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.

    Article  Google Scholar 

  7. Ruan, Z., Sun, X., & Liang, W. (2013). Securing sensor data storage and query based on k-out-of-n coding. International Journal of Communication Systems, 26(5), 549–566.

    Article  Google Scholar 

  8. Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authenticnation and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks, 20, 96–112.

    Article  Google Scholar 

  9. Kalra, S., & Sood, S. K. (2015). Advanced password-based authentication scheme for wireless sensor networks. Journal of Information Security and Applications, 20, 37–46.

    Article  Google Scholar 

  10. Chuang, M. C., & Chen, M. C. (2014). An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Systems with Applications, 41(4), 1411–1418.

    Article  Google Scholar 

  11. Li, C. T., Lee, C. C., Chen, H. H., Syu, M. J., & Wang, C. C. (2015).Cryptanalysis of an anonymous multi-server authenticated key agreement scheme using smart cards and biometrics. In International Conference on Information Networking (ICOIN) (pp. 498–502).

  12. Farash, M. S., Turkanović, M., Kumari, S., & Hölbl, M. (2016). An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment. Ad Hoc Networks, 36, 152–176.

    Article  Google Scholar 

  13. Amin, R., & Biswas, G. P. (2016). A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Networks, 36, 58–80.

    Article  Google Scholar 

  14. Lin, Y., Wang, K., Zhang, B., Liu, Y., & Li, X. (2016). An enhanced biometric-based three factors user authentication scheme for multi-server environments. International Journal of Security and its Applications, 10(1), 315–328.

    Article  Google Scholar 

  15. Challa, S., Das, A. K., Odelu, V., Kumar, N., Kumari, S., Khan, M. K., & Vasilakos, A. V. (2018). An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Computers & Electrical Engineering, 69, 534–554.

    Article  Google Scholar 

  16. Barman, S., Das, A. K., Samanta, D., Chattopadhyay, S., Rodrigues, J. J., & Park, Y. (2018). “Provably secure multi-server authentication protocol using fuzzy commitment. Institute of Electrical and Electronics Engineers (IEEE) Access, 6, 38578–38594.

    Google Scholar 

  17. Sharif, A. O., Arshad, H., Nikooghadam, M., & Abbasinezhad-Mood, D. (2019). Three party secure data transmission in IoT networks through design of a lightweight authenticated key agreement scheme. Future Generation Computer Systems, 100, 882–892.

    Article  Google Scholar 

  18. Amin, R., Islam, S. H., Biswas, G. P., Khan, M. K., Leng, L., & Kumar, N. (2016). Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Computer Networks, 101, 42–62.

    Article  Google Scholar 

  19. Koya, A. M., & Deepthi, P. P. (2018). Anonymous hybrid mutual authentication and key agreement scheme for wireless body area network. Computer Networks, 140, 138–151.

    Article  Google Scholar 

  20. Li, X., Ibrahim, M. H., Kumari, S., Sangaiah, A. K., Gupta, V., & Choo, K. K. R. (2017). Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Computer Networks, 129, 429–443.

    Article  Google Scholar 

  21. Gupta, A., Tripathi, M., & Sharma, A. (2020). A provably secure and efficient anonymous mutual authentication and key agreement protocol for wearable devices in WBAN. Computer Communications, 160, 311–325.

    Article  Google Scholar 

  22. Fan, W., Xu, L., Kumari, S., & Li, X. (2015). A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client–server networks. Computers & Electrical Engineering, 45, 274–285.

    Article  Google Scholar 

  23. Palash, S. (2010). A simple and generic construction of authenticated encryption with associated data. ACM Transactions on Information and System Security (TISSEC), 13(4), 33.

    Google Scholar 

  24. Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transaction on Computers, 51(5), 541–552.

    Article  MathSciNet  Google Scholar 

  25. Kocher, P., Joshua, J., & Jun, B. (1999). Differential power analysis. Annual International Cryptology Conference, 1666, 388–397.

    MATH  Google Scholar 

  26. Jokhio, S. H., Jokhio, I. A., & Kemp, A. H. (2012). Node capture attack detection and defence in wireless sensor networks. IET Wireless Sensor Systems, 2(3), 161–169.

    Article  Google Scholar 

  27. Blanchet, B. (2001). An efficient cryptographic protocol verifier based on prolog rules. In IEEE csfw (pp.82–96).

  28. Abadi, M., Blanchet, B., & Hubert, C. L. (2009). Models and proofs of protocol security: A progress report. In International Conference on Computer Aided Verification (pp. 35–49). Berlin, Heidelberg: Springer.

  29. Abadi, M., & Fournet, C. (2001). Mobile values, new names, and secure communication. In ACM Sigplan Notices (vol. 36, no. 3, pp. 104–115).

  30. He, D., Gao, Y., Chan, S., Chen, Ch., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc & Sensor Wireless Networks, 10(4), 361–371.

    Google Scholar 

  31. Song, R. (2010). Advanced smart card based password authentication protocol. Computer Standards & Interfaces, 32(5–6), 321–325.

    Article  Google Scholar 

  32. Yeh, H. L., Chen, T. H., Liu, P. C., Kim, T. H., & Wei, H. W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.

    Article  Google Scholar 

  33. Chen, T. H., & Shih, W. K. (2010). A robust mutual authentication protocol for wireless sensor networks. ETRI Journal, 32(5), 704–712.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Institute of Technology, Naharlagun, Arunachal Pradesh, India

    Chukhu Chunka, Subhasish Banerjee & Rajat Subhra Goswami

Authors
  1. Chukhu Chunka
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Subhasish Banerjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rajat Subhra Goswami
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chukhu Chunka.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chunka, C., Banerjee, S. & Goswami, R.S. An Efficient User Authentication and Session Key Agreement in Wireless Sensor Network Using Smart Card. Wireless Pers Commun 117, 1361–1385 (2021). https://doi.org/10.1007/s11277-020-07926-7

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07926-7

Keywords

Search

Navigation