Skip to main content
SpringerLink
Log in

A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security

  • Original Research
  • Published:
Journal of Ambient Intelligence and Humanized Computing Aims and scope Submit manuscript

Abstract

The notion Internet of Things (IoT) means all things in the global network can be interconnected and accessed. Wireless sensor network (WSN) is one of the most important applications of the notion and is widely used in nearly all scopes. In 2014, Hsieh et al. presented an improved authentication scheme for WSNs. But it has several weaknesses, including no session key, lack of mutual authentication and under the insider attack, the off-line guessing attack, the user forgery attack and the sensor capture attack. To avoid the weaknesses, we present a new authentication scheme which is also for WSNs. Then we employ the random oracle model to show the formal proof, and use the protocol analyzing tool Proverif to list the formal verification process. Compared with some recent schemes for WSNs via the aspects of security properties, the proposed scheme overcomes the common problems and fits for the security properties of IoT.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  • Bresson E, Chevassut O, Pointcheval D (2003) Security proofs for an efficient password-based key exchange. In: Proceedings of the 10th ACM conference on Computer and communications security, ACM, p 241–250

  • Chang CC, Le HD (2015) A provably secure, efficient and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wirel Commun. doi:10.1109/TWC.2015.2473165

  • Chen TH, Shih WK (2010) A robust mutual authentication protocol for wireless sensor networks. Etri J 32(5):704–712

    Article  Google Scholar 

  • Choi Y, Lee D, Kim J, Jung J, Nam J, Won D (2014) ecurity enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6):10,081–10,106

    Article  Google Scholar 

  • Das ML (2009) Two-factor user authentication in wireless sensor networks. Wirel Commun IEEE Trans 8(3):1086–1090

    Article  Google Scholar 

  • Fan R, Dj He, Xz Pan (2011) An efficient and dos-resistant user authentication scheme for two-tiered wireless sensor networks. J Zhejiang Univ Sci C 12(7):550–560

    Article  Google Scholar 

  • Fantacci R, Pecorella T, Viti R, Carlini C (2014) A network architecture solution for efficient iot wsn backhauling: challenges and opportunities. IEEE Trans Wirel Commun 21(4):113–119

    Article  Google Scholar 

  • Farash MS, Turkanović M, Kumari S, Hölbl M (2015) An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Netw. doi:10.1016/j.adhoc.2015.05.014

  • Guo P, Wang J, Geng XH, Kim CS, Kim JU (2014) A variable threshold-value authentication architecture for wireless mesh networks. J Internet Technol 15(6):929–935

    Google Scholar 

  • Han W (2011) Weakness of a secured authentication protocol for wireless sensor networks using elliptic curves cryptography. IACR Cryptol ePrint Arch 2011:293

    Google Scholar 

  • Hankerson D, Vanstone S, Menezes AJ (2004) Guide to elliptic curve cryptography. Springer Science & Business Media

  • Hayouni H, Hamdi M, Kim TH (2014) A survey on encryption schemes in wireless sensor networks. In: Advanced Software Engineering and Its Applications (ASEA), 2014 7th International Conference on, p 39–43

  • He D, Gao Y, Chan S, Chen C, Bu J (2010) An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc Sens Wirel Netw 10(4):361–371

    Google Scholar 

  • He D, Kumar N, Chen J, Lee CC, Chilamkurti N, Yeo SS (2015) Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimed Syst 21(1):49–60. doi:10.1007/s00530-013-0346-9

    Article  Google Scholar 

  • Hsieh WB, Leu JS (2014) A robust user authentication scheme using dynamic identity in wireless sensor networks. Wirel Pers Commun 77(2):979–989

    Article  Google Scholar 

  • Khan MK, Alghathbar K (2010) Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks. Sensors 10(3):2450–2459

    Article  Google Scholar 

  • Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Advances in Cryptology-CRYPTO 99, Springer, p 388–397

  • Kumar P, Lee HJ (2011) Cryptanalysis on two user authentication protocols using smart card for wireless sensor networks. In: Wireless Advanced (WiAd), IEEE, p 241–245

  • Li X, Ma J, Wang W, Xiong Y, Zhang J (2013a) A novel smart card and dynamic id based remote user authentication scheme for multi-server environments. Math Comput Model 58(1):85–95

    Article  Google Scholar 

  • Li X, Niu J, Khan MK, Liao J (2013b) An enhanced smart card based remote user password authentication scheme. J Netw Comput Appl 36(5):1365–1371

    Article  Google Scholar 

  • Liu Z, Wenger E, Gro\(\beta \) schä dl J (2014) Mote-ecc: energy-scalable elliptic curve cryptography for wireless-sensor-networks. In: Boureanu I, Owesarski P, Vaudenay S (eds) Applied Cryptography and Network Security, Lecture Notes in Computer Science, vol 8479, Springer International Publishing, p 361–379, DOI 10.1007/978-3-319-07536-5\_22

  • Nguyen KT, Laurent M, Oualha N (2015) Survey on secure communication protocols for the internet of things. Ad Hoc Netw 32:17–31

  • Ren Y, Shen J, Wang J, Han J, Lee S (2015) Mutual verifiable provable data auditing in public cloud storage. J Internet Technol 16(2):317–323

    Google Scholar 

  • Shi W, Gong P (2013) A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. Int J Distrib Sens Netw 2013:730831. doi:10.1155/2013/730831

  • Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Netw 20:96–112

    Article  Google Scholar 

  • Vaidya B, Makrakis D, Mouftah HT (2010) Improved two-factor user authentication in wireless sensor networks. In: Wireless and Mobile Computing, Networking and Communications (WiMob), 2010 IEEE 6th International Conference on, IEEE, p 600–606

  • Wang D, Wang P (2014) Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Netw 20:1–15

    Article  Google Scholar 

  • Watro R, Kong D, Cuti Sf, Gardiner C, Lynn C, Kruus P (2004) Tinypk: securing sensor networks with public key technology. In: Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks, ACM, p 59–64

  • Wu F, Xu L (2015) An improved and provable self-certified digital signature scheme with message recovery. Int J Commun Syst 28(2):344–357

    Article  Google Scholar 

  • Wu F, Xu L, Kumari S, Li X (2015a) A new and secure authentication scheme for wireless sensor networks with formal proof. Peer-to-Peer Netw Appl. doi:10.1007/s12083-015-0404-5

  • Wu F, Xu L, Kumari S, Li X (2015b) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput Electr Eng 45:274–285

    Article  Google Scholar 

  • Wu F, Xu L, Kumari S, Li X, Alelaiwi A (2015c) A new authenticated key agreement scheme based on smart cards providing user anonymity with formal proof. Secur Commun Netw 8(18):3847–3863

    Article  Google Scholar 

  • Xu L, Wu F (2015a) Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. J Med Syst 39(2):1–9

    Article  Google Scholar 

  • Xu L, Wu F (2015b) An improved and provable remote user authentication scheme based on elliptic curve cryptosystem with user anonymity. Secur Commun Netw 8(2):245–260

    Article  MathSciNet  Google Scholar 

  • Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323

    Article  Google Scholar 

  • Yeh HL, Chen TH, Liu PC, Kim TH, Wei HW (2011) A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5):4767–4779

    Article  Google Scholar 

  • Yoo SG, Park KY, Kim J (2012) A security-performance-balanced user authentication scheme for wireless sensor networks. Int J Distrib Sens Netw 2012:382810. doi:10.1155/2012/382810

Download references

Acknowledgments

The authors thank the anonymous reviewers for their valuable comments. This research is supported by Fujian Education and Scientific Research Program for Young and Middle-aged Teachers under Grant No. JA14369, the National Natural Science Foundation of China under Grant No. 61300220, and it is also supported by PAPD and CICAEET.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Xiamen Institute of Technology, Xiamen, 361021, China

    Fan Wu

  2. School of Information Science and Technology, Xiamen University, Xiamen, 361005, China

    Lili Xu

  3. Department of Mathematics, Ch. Charan Singh University, Meerut, 250005, Uttar Pradesh, India

    Saru Kumari

  4. School of Computer Science and Engineering, Hunan University of Science and Technology, Xiangtan, 411201, China

    Xiong Li

  5. Nanjing University of Information Science and Technology, Nanjing, 210044, China

    Xiong Li

Authors
  1. Fan Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lili Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Saru Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xiong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Fan Wu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wu, F., Xu, L., Kumari, S. et al. A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security. J Ambient Intell Human Comput 8, 101–116 (2017). https://doi.org/10.1007/s12652-016-0345-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12652-016-0345-8

Keywords

Search

Navigation