Cryptanalysis and Improvement of the Robust User Authentication Scheme for Wireless Sensor Networks
Keywords:wireless sensor networks, authentication, guessing attack, impersonation attack
AbstractWireless sensor networks are widely used in industrial process control, human health care, environmental control, vehicular tracking and battlefield surveillance, etc. A wireless sensor network consists of lots of sensor nodes and a gateway node. The sensor node usually communicates with the gateway node and users over an ad hoc wireless network. However, due to the open environments, the wireless sensor networks are vulnerable to variety of security threats. Thus, it is a critical issue to adopt a suitable authentication mechanism for wireless sensor networks to enhance security. In 2009, Vaidya et al. proposed a robust user authentication schemes for wireless sensor networks. In this article, we will show that their scheme is vulnerable to the guessing attack and the impersonation attack. Since it needs a secure channel for communications in password changing phase, their scheme is also inconvenient and expensive for users to update passwords. We also propose an improved scheme to remedy the flaws. The improved scheme withstands the replay attack and off-line guessing attack, and the users can freely update their passwords via public channels.
I.F. Akyildiz, W. Su, Y. Sankarasubramaniam and E. Cayirci, “Wireless sensor networks: A survey,” Computer Networks, vol.38, pp.393-422, 2002.
Z. Benenson, N. Gedicke and O. Raivio, “Realizing robust user authentication in sensor networks,” Workshop on Real-World Wireless Sensor Networks (REALWSN 2005), 2005.
C.Y Chong, S. Kumar, “Sensor networks: evolution, opportunities, and challenges,” Proceedings of the IEEE, vol.91, pp.1247-1256, 2003.
M.L. Das, “Two-factor user authentication in wireless sensor network,” IEEE Transaction on Wireless Communications, vol.8, pp.1086-1090, 2009.
L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, vol.24, pp.770-772, 1981.
I. E. Liao, C. C. Lee and M. S. Hwang, “Security enhancement for a dynamic ID-based remote user authentication scheme,” Proceedings of the IEEE International Conference on Next Generation Web Services Practices (NWeSP 2005), 2005, pp.22-26.
K. Martinez, J.K. Hart, R. Ong, “Environmental sensor networks,” IEEE Computer, vol.37, pp.50-56, 2004.
Z. Tan, “Cryptanalysis of a two-factor user authentication scheme in wireless sensor networks,” Advances in Information Sciences and Service Sciences, vol.3, pp.117-126, 2011.
H.-R. Tseng, R.-H. Jan and W. Yang, “An improved dynamic user authentication scheme for wireless sensor networks,” Proceedings of the IEEE Global Telecommunications Conference, GLOBECOM '07, 2007, pp.986-990.  B. Vaidya, M. Chen and J.J.P.C. Rodrigues, "Improved robust user authentication scheme for wireless sensor networks," 2009 Fifth IEEE Conference on Wireless Communication and Sensor Networks (WCSN), 2009, pp.1-6.
B Vaidya, J.S. Silva, J.J. Rodrigues, “Robust dynamic user authentication scheme for wireless sensor networks,” Proceedings of the 5th ACM Symposium on QoS and Security for wireless and mobile networks (Q2SWinet 2009), Tenerife, Spain, 2009, pp.88-91.
K.H.M. Wong, Y. Zheng, J. Cao, and S. Wang, “A dynamic user authentication scheme for wireless sensor networks,” Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC’06), vol.1, 2006, pp.318-327.
How to Cite
Submission of a manuscript implies: that the work described has not been published before that it is not under consideration for publication elsewhere; that if and when the manuscript is accepted for publication. Authors can retain copyright in their articles with no restrictions. Also, author can post the final, peer-reviewed manuscript version (postprint) to any repository or website.
Since Jan. 01, 2019, IJETI will publish new articles with Creative Commons Attribution Non-Commercial License, under Creative Commons Attribution Non-Commercial 4.0 International (CC BY-NC 4.0) License.
The Creative Commons Attribution Non-Commercial (CC-BY-NC) License permits use, distribution and reproduction in any medium, provided the original work is properly cited and is not used for commercial purposes.