Journal of Korea Society of Digital Industry and Information Management (디지털산업정보학회논문지)

Korea Society of Digital Industry and Information Management (디지털산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

Security Analysis to an Biometric Authentication Protocol for Wireless Sensor Networks

WSN 환경에서 Biometric 정보를 이용한 사용자 인증 스킴의 안전성 분석

  • 이영숙 (호원대학교 사이버수사 경찰학부)
  • Received : 2015.01.24
  • Accepted : 2015.02.16
  • Published : 2015.03.30
Download PDF
⟨ Previous Next ⟩

Abstract

A novel authentication mechanism is biometric authentication where users are identified by their measurable human characteristics, such as fingerprint, voiceprint, and iris scan. The technology of biometrics is becoming a popular method for engineers to design a more secure user authentication scheme. In terms of physiological and behavioral human characteristics, biometrics is used as a form of identity access management and access control, and it services to identity individuals in groups that are under surveillance. In this article, we review the biometric-based authentication protocol by Althobati et al. and provide a security analysis on the scheme. Our analysis shows that Althobati et al.'s scheme does not guarantee server-to-user authentication. The contribution of the current work is to demonstrate this by mounting threat of data integrity and bypassing the gateway node on Althobati et al.'s scheme. In addition, we analysis the security vulnerabilities of Althobati et al.'s protocol.

Keywords

References

  1. Rathod, V., Mehta, M., "Security in wireless sensor network: a survey," GANPAT Univ. J. Eng. Technol. 1(1), 2011, pp.35-44.
  2. Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., Cayirci, E., "A survey on sensor networks," IEEE Commun. Mag, 40(8), 102-114. https://doi.org/10.1109/MCOM.2002.1024422
  3. Youngsook Lee, Jeeyeon Kim and Dongho Won, "Weakness of Tan's Two-Factor User Authentication Scheme in Wireless Sensor Networks Lecture Notes in Electrical Engineering," 203, 2012, pp.707-714. https://doi.org/10.1007/978-94-007-5699-1_72
  4. Das, M. L. "Two-factor user authentication in wireless sensor networks," IEEE Trans Wirel. Comm, 8, 2009, pp.1086-1090. https://doi.org/10.1109/TWC.2008.080128
  5. Ku, W. -C., Chang, S. -T., Chiang, M. -H., "Weaknesses of a remote user authentication scheme using smart cards for multi-server architecture," IEICE Trans. Commun, E88-B(8), 2005, pp.3451-3454. https://doi.org/10.1093/ietcom/e88-b.8.3451
  6. Li, L. -H., Lin, I. -C., Hwang, M. -S., "A remote password authentication scheme for multiserver architecture using neural networks," IEEE Trans. Neural Netw, 12(6), 2001, pp.1498-1504. https://doi.org/10.1109/72.963786
  7. Y. Lee, J. Kim, and D. Won, "Security Improvement to a Remote User Authentication Scheme for Multi-Server Environment," The Korea-Society of Digital Industry& Information Management, 7(4), 2011, pp.23-30.
  8. Tsai, J. -L., "Efficient multi-server authentication scheme based on one-way hash function without verification table," Comput. Secur, 27, 2008, pp.115-121. https://doi.org/10.1016/j.cose.2008.04.001
  9. Tsuar, W. -J., "An enhanced user authentication scheme for multi-server internet services," Appl. Math. Comput, 170, 2005, pp.258-266. https://doi.org/10.1016/j.amc.2004.11.033
  10. Tsuar, W. -J., Wu, C--. C., Lee, W. -B., "A flexible user authentication for multi-server internet services," Networking-JCN, LNCS 2093, 2001, pp.174-183.
  11. O. Althobaiti, M. Al-Rodhaan, and A. Al-Dhelaan, "An Efficient Biometric Authentication Protocol for Wireless Sensor Networks," International Journal of Distributed Sensor Networks, Volume 2013, Article ID 407971, 13 pages.
  12. Z. Cheng, Y. Lee, C. Chang, C. L, "A novel biometric-based remote user authentication scheme using Quadratic Residues," International Journal of Information and Electronics Engineering, 3(4), 2013, pp.419-422.
  13. J. Yuan, C. Jiang, and Z. Jiang, "A biometric-based User Authentication for wireless Sensor Networks," Wuhan university journal of national sciences, 5(3), 2010, pp.272-276.
  14. E. -J. Yoon, K. Y. Yoo, "A new biometric-based user authentication scheme without using password for wireless sensor networks," Proceedings of 2011 IEEE International workshops of enabling technologies: Infrastructure for collaborative enterprises, 2011, pp.279-284.
  15. Y. Lee, "Security Analysis of a Biometric-Based User Authentication Scheme," 10(1), 2014, pp.81-87.
  16. A. Al-Hussain and I. Al-Rassan, "Abiometric-based authentication system for web services mobile user," in Proceedings of the 8th International Conference on Advances in Mobile Computing and Multimedia (MoMM'10), 2010, pp.447-452.
  17. P. Kocher, J. Jaffe, B. Jun, "Differential power analysis," in Advances in Cryptology-CRYPTO99, 1999, pp.388-397.
  18. T. S. Messergers, E. A. Dabbish, R. H. Sloan, "Examining smart card security under the threat of power analysis attacks," IEEE Trans. Comput, 51(5), 2002, pp.541-552. https://doi.org/10.1109/TC.2002.1004593

Cited by

  1. Security Enhancement of Lightweight User Authentication Scheme Using Smartcard vol.20, pp.4, 2015, https://doi.org/10.33778/kcsa.2020.20.4.209