Browse > Article
http://dx.doi.org/10.4218/etrij.13.0113.0103

A Strong Authentication Scheme with User Privacy for Wireless Sensor Networks  

Kumar, Pardeep (Centre for Wireless Communication, University of Oulu)
Gurtov, Andrei (Helsinki Institute for Information Technology (HIIT))
Ylianttila, Mika (Centre for Wireless Communication, University of Oulu)
Lee, Sang-Gon (Division of Computer & Information Engineering, Dongseo University)
Lee, HoonJae (Division of Computer & Information Engineering, Dongseo University)
Publication Information
ETRI Journal / v.35, no.5, 2013 , pp. 889-899 More about this Journal
Abstract
Wireless sensor networks (WSNs) are used for many real-time applications. User authentication is an important security service for WSNs to ensure only legitimate users can access the sensor data within the network. In 2012, Yoo and others proposed a security-performance-balanced user authentication scheme for WSNs, which is an enhancement of existing schemes. In this paper, we show that Yoo and others' scheme has security flaws, and it is not efficient for real WSNs. In addition, this paper proposes a new strong authentication scheme with user privacy for WSNs. The proposed scheme not only achieves end-party mutual authentication (that is, between the user and the sensor node) but also establishes a dynamic session key. The proposed scheme preserves the security features of Yoo and others' scheme and other existing schemes and provides more practical security services. Additionally, the efficiency of the proposed scheme is more appropriate for real-world WSNs applications.
Keywords
Wireless sensor network; authentication; confidentiality; user privacy; session-key establishment;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 K.H.M. Wong et al., "A Dynamic User Authentication Scheme for Wireless Sensor Networks," Proc. IEEE Int. Conf. Sensor Netw., Ubiquitous, Trustworthy Comput., Taichung, Taiwan, 2006.
2 MICAz Datasheet, accessed 21 Dec. 2012. Available: http://www.openautomation.net/uploadsproductos/micaz_datasheet.pdf
3 D. He et al., "An Enhanced Two-Factor User Authentication Scheme in Wireless Sensor Networks," Ad Hoc Sensor Wireless Netw., vol. 0, 2010, pp. 1-11.
4 TelosB Datasheet. http://www.willow.co.uk/TelosB_Datasheet.pdf
5 M.L. Das, "Two-Factor User Authentication in Wireless Sensor Networks," IEEE Trans. Wireless Commun., vol. 8, no. 3, 2009, pp. 1086-1090.   DOI   ScienceOn
6 T.-H. Chen and W.-K. Shih, "A Robust Mutual Authentication Protocol for Wireless Sensor Networks," ETRI J., vol. 32, no. 5, Oct. 2010, pp. 704-712.   DOI   ScienceOn
7 M.K. Khan and K. Alghathbar, "Cryptanalysis and Security Improvement of Two-Factor User Authentication in Wireless Sensor Networks," Sensors, 2010, pp. 2450-2459.
8 S.-G. Yoo, K.-Y. Park, and J. Kim, "A Security-Performance- Balanced User Authentication Scheme for Wireless Sensor Networks," Int. J. Distr. Sensor Netw., 2012, Article ID 382810.
9 D. Nyang and M. Lee, "Improvement of Das's Two-Factor Authentication Protocol in Wireless Sensor Networks," Cryptology ePrint Archive 2009/631, accessed 21 Apr. 2012. http://eprint.iacr.org/2009 /631.pdf
10 H.F. Huang, Y.F. Chang, and C.H. Liu, "Enhancement of Two-Factor User Authentication in Wireless Sensor Networks," Proc. 6th Int. Conf. Intell. Inf. Hiding Multimedia Signal Process., Darmstadt, Germany, 2010, pp. 27-30.
11 P. Kumar et al., "RUASN: A Robust User Authentication Framework for Wireless Sensor Networks," Sensors, vol. 11, 2011, pp. 5020-5046.   DOI
12 H. Lee et al., "Security Weaknesses of Dynamic ID-Based Remote User Authentication Protocol," World Academy Sci., Eng., Technol., vol. 59, no. 35, 2009, pp. 190-193.
13 H.R. Tseng, R.H. Jan, and W. Yang, "An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks," IEEE GLOBECOM, Washington, DC, 2007, pp. 986-990.
14 T.H. Lee, "Simple Dynamic User Authentication Protocols for Wireless Sensor Networks," Proc. 2nd Int. Conf. Sensor Technol. Appl., Cap Esterel, France, 2008, pp. 657- 660.
15 E.-J. Yoon and K.-Y. Yoo, "Cryptanalysis of Robust Mutual Authentication Protocol for Wireless Sensor Networks," Proc. 10th IEEE Int. Conf. Cog. Inf. Cog. Comput., Banff, Alberta, Canada, 2011, pp. 392-396.
16 L.-C. Ko, "A Novel Dynamic User Authentication Scheme for Wireless Sensor Networks," Proc. IEEE ISWCS, Reykjavik, Iceland, 2008, pp. 608-612.
17 T.-H. Chen, H.-C. Hsiang, and W.-K. Shih, "Security Enhancement on Two Remote User Authentication Schemes Using Smart Cards," Future Generation Comput. Syst., vol. 27 Apr. 2011, pp. 377-380.   DOI   ScienceOn
18 Z. Benenson, N. Gedicke, and O. Raivio, "Realizing Robust User Authentication in Sensor Networks," Workshop Real-World Wireless Sensor Netw., Stockholm, Sweden, 2005.
19 B. Vaidya, J.J.P.C. Rodrigues, and J.H. Park, "User Authentication Schemes with Pseudonymity for Ubiquitous Sensor Network in NGN," Int. J. Commun. Syst., vol. 23, issue 9-10, Sept.-Oct. 2010, pp. 1201-1222.   DOI   ScienceOn
20 P. Kumar and H.-J. Lee, "Cryptanalysis on Two User Authentication Protocols Using Smartcard for Wireless Sensor Networks," Proc. 7th IEEE Conf. Wireless Adv., King's College, London, U.K., June 2011, pp. 241-245.
21 D. Wang and C. Ma, "On the (In)security of Some Smart-Card-Based Password Authentication Schemes for WSN." Available: https://eprint.iacr.org/2012/581.pdf
22 Crossbow Stargate Datasheet, accessed 21 Dec. 2012. Available: http://platformx.sourceforge.net/home.html
23 G. Manes et al., "A Wireless Sensor Network for Precise Volatile Organic Compound Monitoring," Int. J. Distr. Sensor Netw., 2012, Article ID 820716.
24 X. Lin et al., "SAGE: A Strong Privacy-Preserving Scheme against Global Eavesdropping for eHealth Systems," IEEE J. Sel. Areas Commun., vol. 27, no. 4, May 2009, pp. 365-378.   DOI   ScienceOn
25 L. Krishnamurthy et al., "Design and Deployment of Industrial Sensor Networks: Experiences from a Semiconductor Plant and the North Sea," Proc. SenSys, San Diego, CA, USA, 2-4 Nov. 2005, pp. 64-75.
26 Y. Zhang et al., "A Secure Hierarchical Key Management Scheme in Wireless Sensor Networks," Int. J. Distr. Sensor Netw., 2012, Article ID547471.
27 A. Koubaa and M. Alves, "A Two-tiered Architecture for Real-Time Communications in Large-Scale Wireless Sensor Networks: Research Challenges," Technical Report (TR-050701), v. 1.0, July 2005, accessed 18 Jan. 2013. Available: http://www.open-zb.net/publications/tr-hurray-050701.pdf
28 C. Karlor, N. Sastry, and D. Wagner, "TinySec: A Link Layer Security Architecture for Wireless Sensor Networks," Proc. ACM SenSys, Baltimore, MD, USA, Nov. 3-5, 2004, pp. 162-175.
29 H.-R. Tseng, R.-H. Jan, and W. Yang, "A Robust Password-based Authentication Scheme for Heterogeneous Sensor Networks," Commun. Institute Inf. Comput. Mach., vol. 11, no. 3, 2008, pp. 1-13.   DOI
30 A. Gurtov, M. Komu, and R. Moskowitz, "Host Identity Protocol: Identifier/Locator Split for Host Mobility Identity and Multihoming," Internet Protocol J., vol. 12, no. 1, Mar. 2009, pp. 27-32.
31 C. Chen et al., "Lightweight and Provably Secure User Authentication with Anonymity for the Global Mobility Networks," Int. J. Commun. Syst., vol. 24, no. 3, 2011, pp. 347-362.   DOI   ScienceOn
32 P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Proc. Adv. Cryptology, Santa Barbara, CA, USA, Aug. 1999, pp. 388-397.
33 T.S. Messerges, E.A. Dabbish, and R.H. Sloan, "Examining Smart-Card Security Under the Threat of Power Analysis Attack," IEEE Trans. Comput., vol. 51, no. 5, May 2002, pp. 541-552.   DOI   ScienceOn