Skip to main content
Erschienen in: Wireless Personal Communications 3/2017

04.02.2017

Improving Security of Lightweight Authentication Technique for Heterogeneous Wireless Sensor Networks

verfasst von: Chandra Sekhar Vorugunti, Bharavi Mishra, Ruhul Amin, Rakesh P. Badoni, Mrudula Sarvabhatla, Dheerendra Mishra

Erschienen in: Wireless Personal Communications | Ausgabe 3/2017

Einloggen

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

One of the great application of user authentication and key agreement protocol is to access sensor information securely over the insecure networks. Recently, Kalra and Sood proposed an efficient smart card based authentication protocol to exchange confidential information securely between the user and sensor node. We review the security of Kalra and Sood scheme and observe that their scheme is vulnerable to stolen smart card attack, stolen verifier attack and impersonation attack. The entire analysis indicates that there is a need of secure and user-friendly authentication mechanism for wireless sensor networks (WSNs). To ensure secure communication in WSNs, we improve the security of the authentication mechanism for WSNs. The main intention of this paper is to confiscate the mentioned security attacks by proposing an efficient authentication protocol using smart card. To validate security attributes, we have used well-popular AVISPA simulation tool whose results shows that the proposed protocol is SAFE under OFMC and CL-AtSe models. Further, the performance analysis shows its efficiency.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Amin, R., & Biswas, G. P. (2016). A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Networks, 36, 58–80. Amin, R., & Biswas, G. P. (2016). A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Networks,  36, 58–80. 
2.
Zurück zum Zitat Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., Drielsma, P. H., Héam, P.-C., Kouchnarenko, O., & Mantovani, J., et al. (2005). The avispa tool for the automated validation of internet security protocols and applications. In Computer Aided Verification. Springer, pp. 281–285. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., Drielsma, P. H., Héam, P.-C., Kouchnarenko, O., & Mantovani, J., et al. (2005). The avispa tool for the automated validation of internet security protocols and applications. In Computer Aided Verification. Springer, pp. 281–285.
4.
Zurück zum Zitat Basin, D., Mödersheim, S., & Vigano, L. (2005). Ofmc: A symbolic model checker for security protocols. International Journal of Information Security, 4(3), 181–208.CrossRef Basin, D., Mödersheim, S., & Vigano, L. (2005). Ofmc: A symbolic model checker for security protocols. International Journal of Information Security, 4(3), 181–208.CrossRef
5.
Zurück zum Zitat Boyd, C., & Mathuria, A. (2003). Protocols for authentication and key establishment. Berlin: Springer.CrossRefMATH Boyd, C., & Mathuria, A. (2003). Protocols for authentication and key establishment. Berlin: Springer.CrossRefMATH
6.
Zurück zum Zitat Chen, T.-H., & Shih, W.-K. (2010). A robust mutual authentication protocol for wireless sensor networks. Etri Journal, 32(5), 704–712.CrossRef Chen, T.-H., & Shih, W.-K. (2010). A robust mutual authentication protocol for wireless sensor networks. Etri Journal, 32(5), 704–712.CrossRef
7.
Zurück zum Zitat Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.MathSciNetCrossRef Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.MathSciNetCrossRef
8.
Zurück zum Zitat Dolev, D., & Yao, A. C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.MathSciNetCrossRefMATH Dolev, D., & Yao, A. C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.MathSciNetCrossRefMATH
9.
Zurück zum Zitat Eisenbarth, T. Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., & Shalmani, M. T. M. (2008). On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In Advances in Cryptology-CRYPTO. Springer, 2008, pp. 203–220. Eisenbarth, T. Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., & Shalmani, M. T. M. (2008). On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In Advances in Cryptology-CRYPTO. Springer, 2008, pp. 203–220.
11.
Zurück zum Zitat He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 10(4), 361–371. He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 10(4), 361–371.
12.
Zurück zum Zitat He, D., Zhang, Y., & Chen, J. (2014). Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wireless Personal Communications, 74(2), 229–243.CrossRef He, D., Zhang, Y., & Chen, J. (2014). Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wireless Personal Communications, 74(2), 229–243.CrossRef
13.
Zurück zum Zitat Huang, B., Khan, M., Wu, L., Muhaya, F., & He, D. (2015). An efficient remote user authentication with key agreement scheme using elliptic curve cryptography. Wireless Personal Communications. doi:10.1007/s11277-015-2735-1. Huang, B., Khan, M., Wu, L., Muhaya, F., & He, D. (2015). An efficient remote user authentication with key agreement scheme using elliptic curve cryptography. Wireless Personal Communications. doi:10.​1007/​s11277-015-2735-1.
14.
Zurück zum Zitat Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition, 37(11), 2245–2255.CrossRef Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition, 37(11), 2245–2255.CrossRef
15.
Zurück zum Zitat Kalra, S., & Sood, S. K. (2015). Advanced password based authentication scheme for wireless sensor networks. Journal of Information Security and Applications, 20, 37–46.CrossRef Kalra, S., & Sood, S. K. (2015). Advanced password based authentication scheme for wireless sensor networks. Journal of Information Security and Applications, 20, 37–46.CrossRef
16.
Zurück zum Zitat Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.CrossRef Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.CrossRef
17.
Zurück zum Zitat Kocher, K., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Advances in Cryptology CRYPTO’99. Springer, pp. 388–397. Kocher, K., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Advances in Cryptology CRYPTO’99. Springer, pp. 388–397.
18.
Zurück zum Zitat Maitra, T., Amin, R., Giri, D., & Srivastava, P. D. (2016). An efficient and robust user authentication scheme for hierarchical wireless sensor networks without tamper-proof smart card. International Journal of Network Security, 18(1), 553–564. Maitra, T., Amin, R., Giri, D., & Srivastava, P. D. (2016). An efficient and robust user authentication scheme for hierarchical wireless sensor networks without tamper-proof smart card. International Journal of Network Security, 18(1), 553–564.
19.
Zurück zum Zitat Messerges, T. S., Dabbish, E., Sloan, R. H., et al. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.MathSciNetCrossRef Messerges, T. S., Dabbish, E., Sloan, R. H., et al. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.MathSciNetCrossRef
20.
Zurück zum Zitat Mishra, D. (2015). On the security flaws in id-based password authentication schemes for telecare medical information systems. Journal of Medical Systems, 39(1), 1–16.MathSciNetCrossRef Mishra, D. (2015). On the security flaws in id-based password authentication schemes for telecare medical information systems. Journal of Medical Systems, 39(1), 1–16.MathSciNetCrossRef
22.
Zurück zum Zitat Mishra, D., Das, A. K., & Mukhopadhyay, S. (2014). A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Systems with Applications, 41(18), 8129–8143.CrossRef Mishra, D., Das, A. K., & Mukhopadhyay, S. (2014). A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Systems with Applications, 41(18), 8129–8143.CrossRef
23.
Zurück zum Zitat Nanni, L., Brahnam, S., & Lumini, A. (2011). Biohashing applied to orientation-based minutia descriptor for secure fingerprint authentication system. Electronics Letters, 47(15), 851–853.CrossRef Nanni, L., Brahnam, S., & Lumini, A. (2011). Biohashing applied to orientation-based minutia descriptor for secure fingerprint authentication system. Electronics Letters, 47(15), 851–853.CrossRef
24.
Zurück zum Zitat Nanni, L., & Lumini, A. (2008). Random subspace for an improved biohashing for face authentication. Pattern Recognition Letters, 29(3), 295–300.CrossRefMATH Nanni, L., & Lumini, A. (2008). Random subspace for an improved biohashing for face authentication. Pattern Recognition Letters, 29(3), 295–300.CrossRefMATH
25.
Zurück zum Zitat Ning, H., & Hu, S. (2012). Technology classification, industry, and education for future internet of things. International Journal of Communication Systems, 25(9), 1230–1241.CrossRef Ning, H., & Hu, S. (2012). Technology classification, industry, and education for future internet of things. International Journal of Communication Systems, 25(9), 1230–1241.CrossRef
26.
Zurück zum Zitat Song, R. (2010). Advanced smart card based password authentication protocol. Computer Standards and Interfaces, 32(5), 321–325.CrossRef Song, R. (2010). Advanced smart card based password authentication protocol. Computer Standards and Interfaces, 32(5), 321–325.CrossRef
27.
Zurück zum Zitat Wander, A. S., Gura, N., Eberle, H., Gupta, V., & Shantz, S. C. (2005). Energy analysis of public-key cryptography for wireless sensor networks. In Third IEEE international conference on pervasive computing and communications, 2005. PerCom 2005, IEEE, pp. 324–328. Wander, A. S., Gura, N., Eberle, H., Gupta, V., & Shantz, S. C. (2005). Energy analysis of public-key cryptography for wireless sensor networks. In Third IEEE international conference on pervasive computing and communications, 2005. PerCom 2005, IEEE, pp. 324–328.
28.
Zurück zum Zitat Watro, R., Kong, D., Cuti, S. -F., Gardiner, C., Lynn, C., & Kruus, P. (2004). Tinypk: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks, ACM, pp. 59–64. Watro, R., Kong, D., Cuti, S. -F., Gardiner, C., Lynn, C., & Kruus, P. (2004). Tinypk: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks, ACM, pp. 59–64.
29.
Zurück zum Zitat Wong, K. H., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, 2006, IEEE, Vol. 1, p. 8. Wong, K. H., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, 2006, IEEE, Vol. 1, p. 8.
30.
Zurück zum Zitat Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.CrossRef Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.CrossRef
31.
Zurück zum Zitat Xu, J., Zhu, W.-T., & Feng, D.-G. (2009). An improved smart card based password authentication scheme with provable security. Computer Standards and Interfaces, 31(4), 723–728.CrossRef Xu, J., Zhu, W.-T., & Feng, D.-G. (2009). An improved smart card based password authentication scheme with provable security. Computer Standards and Interfaces, 31(4), 723–728.CrossRef
32.
Zurück zum Zitat Yeh, H.-L., Chen, T.-H., Liu, P.-C., Kim, T.-H., & Wei, H.-W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.CrossRef Yeh, H.-L., Chen, T.-H., Liu, P.-C., Kim, T.-H., & Wei, H.-W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.CrossRef
33.
Zurück zum Zitat Yick, J., Mukherjee, B., & Ghosal, D. (2008). Wireless sensor network survey. Computer Networks, 52(12), 2292–2330.CrossRef Yick, J., Mukherjee, B., & Ghosal, D. (2008). Wireless sensor network survey. Computer Networks, 52(12), 2292–2330.CrossRef
Metadaten
Titel
Improving Security of Lightweight Authentication Technique for Heterogeneous Wireless Sensor Networks
verfasst von
Chandra Sekhar Vorugunti
Bharavi Mishra
Ruhul Amin
Rakesh P. Badoni
Mrudula Sarvabhatla
Dheerendra Mishra
Publikationsdatum
04.02.2017
Verlag
Springer US
Erschienen in
Wireless Personal Communications / Ausgabe 3/2017
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI
https://doi.org/10.1007/s11277-017-3988-7

Weitere Artikel der Ausgabe 3/2017

Wireless Personal Communications 3/2017 Zur Ausgabe

Neuer Inhalt