Abstract
Wireless sensor network(WSN) contains many specially distributed sensors which collect information for people to analyze appointed objects in real-time. WSN is deployed widely in many fields, such as fire detection and remote health care monitoring. User authentication is an important part for the communication of WSN. In 2014, Jiang et al. and Choi et al. proposed their authentication schemes for WSN, respectively. However, we find some weaknesses in them. Jiang et al.’s scheme cannot resist the De-Synchronization attack, the off-line guessing attack and the user forgery attack. Besides, it does not keep the character of strong forward security. Choi et al.’s scheme is under the off-line password guessing attack and the user impersonation attack without user anonymity. We present an improved authentication scheme and prove it to be secure with the formal security model. Also, we analyze the concrete secure characters and the performance of our scheme. Through comparison with some recent schemes, our scheme is more practical and fit for applications.
Similar content being viewed by others
References
Abdalla M, Izabachene M, Pointcheval D (2008) Anonymous and transparent gateway-based password-authenticated key exchange. Cryptology and Network Security. Springer, pp 133–148
Bresson E, Chevassut O, Pointcheval D (2003) Security proofs for an efficient password-based key exchange. In: Proceedings of the 10th ACM conference on Computer and communications security, pp 241–250. ACM
Chen TH, Shih WK (2010) A robust mutual authentication protocol for wireless sensor networks. Etri Journal 32(5):704–712
Chiou SY (2013) Authenticated blind issuing of symmetric keys for mobile access control system without trusted parties. Math Probl Eng 2013, Article ID 858579
Choi Y, Lee D, Kim J, Jung J, Nam J, Won D (2014) Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6):10, 081–10,106
Das ML (2009) Two-factor user authentication in wireless sensor networks. IEEE T Wirel Commun 8 (3):1086–1090
Fan R, He Dj, Pan Xz (2011) An efficient and dos-resistant user authentication scheme for two-tiered wireless sensor networks. J Zhejiang Univ Sci C 12(7):550–560
Han W (2011) Weakness of a secured authentication protocol for wireless sensor networks using elliptic curves cryptography. IACR Cryptology ePrint Archive 2011:293
He D, Chen C, Chan S, Bu J, Yang LT (2013) Security analysis and improvement of a secure and distributed reprogramming protocol for wireless sensor networks. IEEE Trans Ind Electron 60(11):5348–5354
He D, Gao Y, Chan S, Chen C, Bu J (2010) An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc Sensor Wirel Netw 10(4):361–371
He D, Kumar N, Chen J, Lee CC, Chilamkurti N, Yeo SS (2013) Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimed Syst. doi:10.1007/s00530-013-0346-9
Jiang Q, Ma J, Lu X, Tian Y (2015) An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Netw Appl 8(6):1070–1081. doi:10.1007/s12083-014-0285-z
Khan MK, Alghathbar K (2010) Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks. Sensors 10(3):2450–2459
Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in Cryptology-CRYPTO99, pp 388–397. Springer
Kumari S, Khan MK, Atiquzzaman M (2015) User authentication schemes for wireless sensor networks: A review. Ad Hoc Netw 27:159–194. doi:10.1016/j.adhoc.2014.11.018
Mangard S, Oswald E, Standaert FX (2011) One for allcall for one: unifying standard differential power analysis attacks. IET Inform Secur 5(2):100–110
Menezes AJ, Van Oorschot PC, Vanstone SA (1996) Handbook of applied cryptography. CRC press
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE T Comput 51(5):541–552
Shi W, Gong P (2013) A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. Int J Distribu Sens Netw 2013, Article ID 730831
Stallings W (2010) Cryptography and network security, principles and practices, 5th edition. Practice Hall
Sun DZ, Li JX, Feng ZY, Cao ZF, Xu GQ (2013) On the security and improvement of a two-factor user authentication scheme in wireless sensor networks. Pers Ubiquit Comput 17(5):895– 905
Vaidya B, Makrakis D, Mouftah HT (2010) Improved two-factor user authentication in wireless sensor networks. In: Wireless and Mobile Computing, Networking and Communications (WiMob), 2010 IEEE 6th International Conference on, pp 600–606. IEEE
Wang D, Wang P (2014) Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Netw 20:1– 15
Watro R, Kong D (2004) Cuti, S.f., Gardiner, C., Lynn, C., Kruus, P.: Tinypk: securing sensor networks with public key technology. In: Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks, pp 59–64. ACM
Wu F, Xu L, Kumari S, Li X (2015) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile clientcserver networks. Comput Electr Eng 45:316–327. doi:10.1016/j.compeleceng.2015.02.015
Xu L, Wu F (2015) Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. J Med Syst 39(2), Article no. 179. doi:10.1007/s10916-014-0179-x
Xu L, Wu F (2015) An improved and provable remote user authentication scheme based on elliptic curve cryptosystem with user anonymity. Secur Commun Netw 8(2):245–260
Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316– 323
Yeh HL, Chen TH, Liu PC, Kim TH, Wei HW (2011) A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5):4767–4779
Yoo SG, Park KY, Kim J (2012) A security-performance-balanced user authentication scheme for wireless sensor networks. Int J Distribu Sens Netw 2012, Article ID 382810
Acknowledgments
This research is supported by Fujian Education and Scientific Research Program for Young and Middle-aged Teachers under Grant No. JA14369, National Natural Science Foundation of China under Grant No. 61300220, and it is also supported by PAPD and CICAEET.
Conflict of interests
The authors declare that they have no conflict of interest.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wu, F., Xu, L., Kumari, S. et al. A new and secure authentication scheme for wireless sensor networks with formal proof. Peer-to-Peer Netw. Appl. 10, 16–30 (2017). https://doi.org/10.1007/s12083-015-0404-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-015-0404-5