Cryptanalysis and Improvement of the Robust User Authentication Scheme for Wireless Sensor Networks

Yung-Cheng Lee; Hsin-Yu Lai; Pei-Ju Lee

Authors

Yung-Cheng Lee
Hsin-Yu Lai
Pei-Ju Lee

Keywords:

wireless sensor networks, authentication, guessing attack, impersonation attack

Abstract

Wireless sensor networks are widely used in industrial process control, human health care, environmental control, vehicular tracking and battlefield surveillance, etc. A wireless sensor network consists of lots of sensor nodes and a gateway node. The sensor node usually communicates with the gateway node and users over an ad hoc wireless network. However, due to the open environments, the wireless sensor networks are vulnerable to variety of security threats. Thus, it is a critical issue to adopt a suitable authentication mechanism for wireless sensor networks to enhance security. In 2009, Vaidya et al. proposed a robust user authentication schemes for wireless sensor networks. In this article, we will show that their scheme is vulnerable to the guessing attack and the impersonation attack. Since it needs a secure channel for communications in password changing phase, their scheme is also inconvenient and expensive for users to update passwords. We also propose an improved scheme to remedy the flaws. The improved scheme withstands the replay attack and off-line guessing attack, and the users can freely update their passwords via public channels.

References

I.F. Akyildiz, W. Su, Y. Sankarasubramaniam and E. Cayirci, “Wireless sensor networks: A survey,” Computer Networks, vol.38, pp.393-422, 2002.

Z. Benenson, N. Gedicke and O. Raivio, “Realizing robust user authentication in sensor networks,” Workshop on Real-World Wireless Sensor Networks (REALWSN 2005), 2005.

C.Y Chong, S. Kumar, “Sensor networks: evolution, opportunities, and challenges,” Proceedings of the IEEE, vol.91, pp.1247-1256, 2003.

M.L. Das, “Two-factor user authentication in wireless sensor network,” IEEE Transaction on Wireless Communications, vol.8, pp.1086-1090, 2009.

L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, vol.24, pp.770-772, 1981.

I. E. Liao, C. C. Lee and M. S. Hwang, “Security enhancement for a dynamic ID-based remote user authentication scheme,” Proceedings of the IEEE International Conference on Next Generation Web Services Practices (NWeSP 2005), 2005, pp.22-26.

K. Martinez, J.K. Hart, R. Ong, “Environmental sensor networks,” IEEE Computer, vol.37, pp.50-56, 2004.

Z. Tan, “Cryptanalysis of a two-factor user authentication scheme in wireless sensor networks,” Advances in Information Sciences and Service Sciences, vol.3, pp.117-126, 2011.

H.-R. Tseng, R.-H. Jan and W. Yang, “An improved dynamic user authentication scheme for wireless sensor networks,” Proceedings of the IEEE Global Telecommunications Conference, GLOBECOM '07, 2007, pp.986-990. [10] B. Vaidya, M. Chen and J.J.P.C. Rodrigues, "Improved robust user authentication scheme for wireless sensor networks," 2009 Fifth IEEE Conference on Wireless Communication and Sensor Networks (WCSN), 2009, pp.1-6.

B Vaidya, J.S. Silva, J.J. Rodrigues, “Robust dynamic user authentication scheme for wireless sensor networks,” Proceedings of the 5th ACM Symposium on QoS and Security for wireless and mobile networks (Q2SWinet 2009), Tenerife, Spain, 2009, pp.88-91.

K.H.M. Wong, Y. Zheng, J. Cao, and S. Wang, “A dynamic user authentication scheme for wireless sensor networks,” Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC’06), vol.1, 2006, pp.318-327.

Cryptanalysis and Improvement of the Robust User Authentication Scheme for Wireless Sensor Networks

Authors

Keywords:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Make a Submission

scopus-citescore

counter