Abstract
Over the last two decades, several researchers have recommended many remote user authentication schemes, following since introducing the concept way back in 1981. Researchers are continuously trying to enhance the security in authentication protocols by incorporating the several features into their work. A few years back, Turkanovic et al. (Ad Hoc Netw 20:96–112, 2014) have presented a novel work for authenticating users in IOT environment using smart cards for wireless sensor networks. In this paper, we have demonstrated that their scheme doesn’t resist many possible security threats and have numerous flaws, and also proposed an enhanced and secure biometric-based user authentication technique to overcome their weaknesses. The stated protocol not only overcome from the flaws of Turkanovic et al.’s scheme but also reduce the computation overhead as well. Later, to proving the mutual authentication among the entities and session key secrecy of the proposed scheme has also been verified by ProVerif (2.0) simulation tool.
Similar content being viewed by others
References
Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Computer Networks, 54(15), 2787–2805.
Prabhu, B., Pradeep, M., & Gajendran, E. (2017). Enhanced battlefield surveillance methodology using wireless sensor network. A Multidisciplinary Journal of Scientific Research and Education, 3(1), 185–190.
Al Ameen, M., Liu, J., & Kwak, K. (2012). Security and privacy issues in wireless sensor networks for healthcare applications. Journal of Medical Systems, 36(1), 93–101.
Hou, L., & Bergmann, N. W. (2011). Induction motor fault diagnosis using industrial wireless sensor networks and Dempster-Shafer classifier fusion. In IECON 2011-37th annual conference on IEEE industrial electronics society (pp. 2992–2997). IEEE.
Bottero, M., Dalla Chiara, B., & Deflorio, F. P. (2013). Wireless sensor networks for traffic monitoring in a logistic centre. Transportation Research Part C: Emerging Technologies, 26, 99–124.
Ramesh, M. V. (2014). Design, development, and deployment of a wireless sensor network for detection of landslides. Ad Hoc Networks, 13, 2–18.
Dong, X., Vuran, M. C., & Irmak, S. (2013). Autonomous precision agriculture through integration of wireless underground sensor networks with center pivot irrigation systems. Ad Hoc Networks, 11(7), 1975–1987.
Bindu, C. S., Reddy, P. C. S., & Satyanarayana, B. (2008). Improved remote user authentication scheme preserving user anonymity. International Journal of Computer Science and Network Security, 8(3), 62–66.
Lin, C. W., Tsai, C. S., & Hwang, M. S. (2006). A new strong-password authentication scheme using one-way hash functions. Journal of Computer and Systems Sciences International, 45(4), 623–626.
Das, M. L., Saxena, A., & Gulati, V. P. (2004). A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2), 629–631.
Das, A. K. (2011). Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Information Security, 5(3), 145–151.
Chang, C. C., Chang, S. C., & Lai, Y. W. (2010). An improved biometrics-based user authentication scheme without concurrency system. International Journal of Intelligent Information Processing, 1(1), 41–49.
An, Y. (2012). Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards. BioMed Research International, 2012, 1–6.
Perrig, A., Stankovic, J., & Wagner, D. (2004). Security in wireless sensor networks. Communications of the ACM, 47(6), 53–57.
Biswas, S., & Adhikari, S. (2015). A survey of security attacks, defenses and security mechanisms in wireless sensor network. International Journal of Computer Applications, 131(17), 28–35.
Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks, 20, 96–112.
Ngai, E. C. H., Liu, J., & Michael, R. L. (2017). An efficient intruder detection algorithm against sinkhole attacks in wireless sensor networks. Computer Communication, 30(11–12), 2353–2364.
Fayoumi, M. A., Ahmad, Y., & Tari, U. (2016). A heterogeneous framework to detect intruder attacks in wireless sensor networks. International Journal of Advanced Computer Science and Applications, 7(12), 52–58.
Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.
Kocher, P., Jaffe, J., Jun, B., & Rohatgi, P. (2011). Introduction to differential power analysis. Journal of Cryptographic Engineering, 1(1), 5–27.
Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.
Mrdovic, S., & Perunicic, B. (2008). Kerckhoffs’ principle for intrusion detection. In Telecommunications network strategy and planning symposium, 2008. Networks 2008. The 13th international (pp. 1–8). IEEE.
Naor, M., & Yung, M. (1989). Universal one-way hash functions and their cryptographic applications. In Proceedings of the 21st annual ACM symposium on theory of computing (pp. 33–43). ACM.
Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition, 37(11), 2245–2255.
Watro, R., Kong, D., Cuti, S.F., Gardiner, C., Lynn, C., & Kruus, P. (2004). TinyPK: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks (pp. 59–64). ACM.
Wong, K. H., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In IEEE international conference on sensor networks, ubiquitous, and trustworthy computing (pp. 318–327). ACM.
Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.
He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 10(4), 361–371.
Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.
Chen, T. H., & Shih, W. K. (2010). A robust mutual authentication protocol for wireless sensor networks. ETRI Journal, 32(5), 704–712.
Yeh, H. L., Chen, T. H., Liu, P. C., Kim, T. H., & Wei, H. W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.
Xue, K., Ma, C., Hong, P., & Ding, R. (2012). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.
Ruan, Z., Sun, X., & Liang, W. (2013). Securing sensor data storage and query based on k-out-of-n coding. International Journal of Communication Systems, 26(5), 549–566.
He, D., & Wang, D. (2015). Robust biometrics-based authentication scheme for multiserver environment. IEEE Systems Journal, 9(3), 816–823.
Odelu, V., Das, A. K., & Goswami, A. (2015). A secure biometrics-based multi-Server authentication protocol using smart cards. IEEE Transactions on Information Forensics and Security, 10(9), 1953–1966.
Li, X., Niu, J., Kumari, S., et al. (2015). An enhancement of a smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 80(1), 175–192.
Blanchet, B. (2001). An efficient cryptographic protocol verifier based on prolog rules. In Proceedings of IEEE Computer Society Foundation (CSFW) (pp. 82–96).
Das, A. K., Sharma, P., Chatterjee, S., & Sing, J. K. (2012). A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications, 35(5), 1646–1656.
Wireless Measurement System. Crossbow: EOL, Crossbow technology, I. MICA 2.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Banerjee, S., Chunka, C., Sen, S. et al. An Enhanced and Secure Biometric Based User Authentication Scheme in Wireless Sensor Networks Using Smart Cards. Wireless Pers Commun 107, 243–270 (2019). https://doi.org/10.1007/s11277-019-06252-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-019-06252-x