Skip to main content
SpringerLink
Log in

Cryptanalysis and Improvement in User Authentication and Key Agreement Scheme for Wireless Sensor Network

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Turkanovic et al. (Ad Hoc Netw 20:96–112, 2014) proposed a user authentication and key agreement scheme based on the notion of the ‘internet of things’ for wireless sensor network. Authors claimed that their scheme is safe against various attacks. We found that this scheme fails against session key recovery attack. If an attacker has stolen the smartcard, he can easily obtain the session key generated between user and sensor node. In this paper, we shows that the attacker is able to compute the secret parameter \( K_{{GW - U_{i}}} \), which is the used by a gateway during communication with others. Now the attacker can modify the first message that was send by the user to the sensor node. Finally, he breaks the complete system. We also provide few other insecurities and vulnerability to many attacks like offline password guessing attack, replay attack and impersonate attack etc. To remedy this, an enhanced scheme is also proposed to remove the flaws of the Turkanovic et al. scheme. The result and performance analysis of our proposed scheme shows that the new enhanced scheme provides high security with low computation, communication and storage overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks, 20, 96–112.

    Article  Google Scholar 

  2. Watro, R., Kong, D., Cuti, S.-F., Gardiner, C., Lynn, C., & Kruus, P. (2004). Tiny PK: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks (pp. 59–64). Washington: ACM.

  3. Wong, K. H. M., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, vol. 1, (SUTC’06). (Vol. 01, pp. 244–251). IEEE Computer Society.

  4. Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8, 1086–1090.

    Article  Google Scholar 

  5. Huang, H. -F., Chang, Y. -F., & Liu, C.-H. (2010). Enhancement of two-factor user authentication in wireless sensor networks. In Proceedings of the 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing (pp. 27–30). IEEE Computer Society.

  6. He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 10, 361–371.

    Google Scholar 

  7. Nyang, D., & Lee, M.-K. (2009). Improvement of Das’s two-factor authentication protocol in wireless sensor networks. In CORD Conference Proceedings, 2009.

  8. Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10, 2450–2459.

    Article  Google Scholar 

  9. Yeh, H. L., Chen, T. H., Liu, P. C., Kim, T. H., & Wei, H. W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11, 4767–4779.

    Article  Google Scholar 

  10. Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36, 316–323.

    Article  Google Scholar 

  11. Messerges, T. S., Ezzat, A. D., & Robert, H. S. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.

    Article  MathSciNet  Google Scholar 

  12. Potlapally, N. R., Ravi, S., Raghunathan, A., & Jha, N. K. (2003). Analyzing the energy consumption of security protocols. In ISLPED’03, August 25–27, 2003, Seoul, Korea.

  13. Adams, J. T. (2006). An introduction to IEEE STD 802.15.4. In IEEE Aerospace conference, Big Sky, MT.

  14. Iqbal, M. S., & Al- Raweshidy, H. S. (2013). Performance evaluation of IEEE 802.15.4 standard for low data rate ad hoc wireless sensor networks. In 2013 International Conference on Control, Automation and Information Sciences (ICCAIS) (pp. 300–304).

Download references

Author information

Authors and Affiliations

  1. Gautam Buddha University, Greater Noida, India

    Akansha Singh & Amit K. Awasthi

  2. Jawaharlal Nehru University, Delhi, India

    Karan Singh

Authors
  1. Akansha Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amit K. Awasthi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Karan Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amit K. Awasthi.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Singh, A., Awasthi, A.K. & Singh, K. Cryptanalysis and Improvement in User Authentication and Key Agreement Scheme for Wireless Sensor Network. Wireless Pers Commun 94, 1881–1898 (2017). https://doi.org/10.1007/s11277-016-3717-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-016-3717-7

Keywords

Search

Navigation