Browse > Article
http://dx.doi.org/10.17662/ksdim.2015.11.1.059

Security Analysis to an Biometric Authentication Protocol for Wireless Sensor Networks  

Lee, Youngsook (호원대학교 사이버수사 경찰학부)
Publication Information
Journal of Korea Society of Digital Industry and Information Management / v.11, no.1, 2015 , pp. 59-67 More about this Journal
Abstract
A novel authentication mechanism is biometric authentication where users are identified by their measurable human characteristics, such as fingerprint, voiceprint, and iris scan. The technology of biometrics is becoming a popular method for engineers to design a more secure user authentication scheme. In terms of physiological and behavioral human characteristics, biometrics is used as a form of identity access management and access control, and it services to identity individuals in groups that are under surveillance. In this article, we review the biometric-based authentication protocol by Althobati et al. and provide a security analysis on the scheme. Our analysis shows that Althobati et al.'s scheme does not guarantee server-to-user authentication. The contribution of the current work is to demonstrate this by mounting threat of data integrity and bypassing the gateway node on Althobati et al.'s scheme. In addition, we analysis the security vulnerabilities of Althobati et al.'s protocol.
Keywords
Biometric-based Authentication Scheme; Wireless Sensor Network; Smart Card; Data Integrity; Bypassing; User Authentication;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Rathod, V., Mehta, M., "Security in wireless sensor network: a survey," GANPAT Univ. J. Eng. Technol. 1(1), 2011, pp.35-44.
2 Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., Cayirci, E., "A survey on sensor networks," IEEE Commun. Mag, 40(8), 102-114.   DOI
3 Youngsook Lee, Jeeyeon Kim and Dongho Won, "Weakness of Tan's Two-Factor User Authentication Scheme in Wireless Sensor Networks Lecture Notes in Electrical Engineering," 203, 2012, pp.707-714.   DOI
4 Das, M. L. "Two-factor user authentication in wireless sensor networks," IEEE Trans Wirel. Comm, 8, 2009, pp.1086-1090.   DOI   ScienceOn
5 Ku, W. -C., Chang, S. -T., Chiang, M. -H., "Weaknesses of a remote user authentication scheme using smart cards for multi-server architecture," IEICE Trans. Commun, E88-B(8), 2005, pp.3451-3454.   DOI
6 Li, L. -H., Lin, I. -C., Hwang, M. -S., "A remote password authentication scheme for multiserver architecture using neural networks," IEEE Trans. Neural Netw, 12(6), 2001, pp.1498-1504.   DOI   ScienceOn
7 Y. Lee, J. Kim, and D. Won, "Security Improvement to a Remote User Authentication Scheme for Multi-Server Environment," The Korea-Society of Digital Industry& Information Management, 7(4), 2011, pp.23-30.
8 Tsai, J. -L., "Efficient multi-server authentication scheme based on one-way hash function without verification table," Comput. Secur, 27, 2008, pp.115-121.   DOI   ScienceOn
9 Tsuar, W. -J., "An enhanced user authentication scheme for multi-server internet services," Appl. Math. Comput, 170, 2005, pp.258-266.   DOI   ScienceOn
10 Tsuar, W. -J., Wu, C--. C., Lee, W. -B., "A flexible user authentication for multi-server internet services," Networking-JCN, LNCS 2093, 2001, pp.174-183.
11 O. Althobaiti, M. Al-Rodhaan, and A. Al-Dhelaan, "An Efficient Biometric Authentication Protocol for Wireless Sensor Networks," International Journal of Distributed Sensor Networks, Volume 2013, Article ID 407971, 13 pages.
12 Z. Cheng, Y. Lee, C. Chang, C. L, "A novel biometric-based remote user authentication scheme using Quadratic Residues," International Journal of Information and Electronics Engineering, 3(4), 2013, pp.419-422.
13 J. Yuan, C. Jiang, and Z. Jiang, "A biometric-based User Authentication for wireless Sensor Networks," Wuhan university journal of national sciences, 5(3), 2010, pp.272-276.
14 E. -J. Yoon, K. Y. Yoo, "A new biometric-based user authentication scheme without using password for wireless sensor networks," Proceedings of 2011 IEEE International workshops of enabling technologies: Infrastructure for collaborative enterprises, 2011, pp.279-284.
15 Y. Lee, "Security Analysis of a Biometric-Based User Authentication Scheme," 10(1), 2014, pp.81-87.
16 T. S. Messergers, E. A. Dabbish, R. H. Sloan, "Examining smart card security under the threat of power analysis attacks," IEEE Trans. Comput, 51(5), 2002, pp.541-552.   DOI   ScienceOn
17 A. Al-Hussain and I. Al-Rassan, "Abiometric-based authentication system for web services mobile user," in Proceedings of the 8th International Conference on Advances in Mobile Computing and Multimedia (MoMM'10), 2010, pp.447-452.
18 P. Kocher, J. Jaffe, B. Jun, "Differential power analysis," in Advances in Cryptology-CRYPTO99, 1999, pp.388-397.