nach oben

Wireless Networks

Erschienen in:

03.11.2017

Anonymous three-factor authenticated key agreement for wireless sensor networks

verfasst von: Yanrong Lu, Guangquan Xu, Lixiang Li, Yixian Yang

Erschienen in: Wireless Networks | Ausgabe 4/2019

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Secure information exchange in wireless sensor networks (WSN) is a continuing issue since the resource-constrained sensors generally deployed over an unattended environment. To access the real-time data from the sensors, user authentication and key agreement as an important tool for secure communications in WSN plays a vital role. Recently, Das proposed an efficient biometrics based security scheme by only using lightweight symmetric-key primitives. Their scheme is efficient in computation, but we find the scheme of Das is not actually achieve the three-factor security, thus failing to prevent the user impersonation attack. Additionally, the failure of user anonymity also gives an opportunity for the adversary to mount impersonation attacks. With the purpose of mitigating all the problems in Das’s scheme, we present an anonymous three-factor key agreement using Elliptic Curve Cryptography. Using the Burrows–Abadi–Needham logic to ensure the mutual authentication properties. Through the rigorous security analysis, we show that the proposed scheme withstands various attacks. In addition, Automated Validation of Internet Security Protocols and Applications (AVIPSA) tool is used to verify its security.

Vorheriger Artikel Secure and efficient binding updates in host-based distributed mobility management

Nächster Artikel Power allocation policy and performance analysis of secure and reliable communication in cognitive radio networks

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Hayajneh, T., Doomun, R., Al-Mashaqbeh, G., & Mohd, B. J. (2014). An energy efficient and security aware route selection protocol for wireless sensor networks. Security and Communication Networks, 7(11), 2015–2038.CrossRef

Mainwaring, A., Polastre, J., Szewczyk, R., Culler, D., & Anderson, J. (2002). Wireless sensor networks for habitat monitoring. In Proceedings of the 1st ACM international workshop on wireless sensor networks and applications (pp. 88–97).

Otto, C., Milenkovic, A., Sanders, C., & Jovanov, E. (2006). System architecture of a wireless body area sensor network for ubiquitous health monitoring. Journal of Mobile Multimedia, 1(4), 307–326.

Hayajneh, T., Mohd, B. J., Imran, M., Almashaqbeh, G., & Vasilakos, A. V. (2016). Secure authentication for remote patient monitoring with wireless medical sensor networks. Sensors, 16(4), 424.CrossRef

ARGUS, U. A. F. (2009). Advanced remote ground unattended sensor systems. Department of Defense. http://www.globalsecurity.org/intell/systems/arguss.htm.

Carlson, J., Han, R., Lao, S., Narayan, C., & Ghani, S. (2003). Rapid prototyping of mobile input devices using wireless sensor nodes. In Proceedings of the 5th IEEE workshop on mobile computing systems and applications (WMCSA ’03) (pp. 21–29).

Chen, J., Salim, M., & Matsumoto, M. (2011). A single mobile target tracking in voronoi-based clustered wireless sensor network. Journal of Information Processing Systems, 7(1), 17–28.CrossRef

Akhtar, R., Leng, S., Memon, I., Ali, M., & Zhang, L. (2015). Architecture of hybrid mobile social networks for efficient content delivery. Wireless Personal Communications, 80(1), 85–96.CrossRef

Claycomb, W., & Shin, D. (2011). A novel node level security policy framework for wireless sensor networks. Journal of Network and Computer Applications, 34, 418–428.CrossRef

10.

Memon, I., Ali, Q., Zubedi, A., & Mangi, F. A. (2017). DPMM: Dynamic pseudonym-based multiple mix-zones generation for mobile traveler. Multimedia Tools and Applications, 76(22), 24359–24388.CrossRef

11.

Sastry, N., & Wagner, D. (2004). Security considerations for IEEE 802.15.4 networks. In Proceedings of the ACM workshop wireless security (pp. 32–42). ACM Press.

12.

Perrig, A., Szewczyk, R., Wen, V., Culler, D., & Tygar, D. (2002). SPINS: Security protocols for sensor networks. ACM Wireless Networks, 8(5), 521–534.MATHCrossRef

13.

He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc & Sensor Wireless Networks, 10(4), 361–371.

14.

He, D., Bu, J., Zhu, S., Chan, S., & Chen, C. (2011). Distributed access control with privacy support in wireless sensor networks. IEEE Transactions on Wireless Communications, 10(10), 3472–3481.CrossRef

15.

Xia, Z. H., Wang, X. H., Zhang, L. G., Qin, X., Sun, X. M., & Ren, K. (2016). A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Transactions on Information Forensics and Security, 11(11), 2594–2608. https://doi.org/10.1109/TIFS.2016.2590944.CrossRef

16.

Fu, Z., Ren, K., Shu, J., et al. (2016). Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Transactions on Parallel and Distributed Systems, 27(9), 2546–2559.CrossRef

17.

Memon, I., Mohammed, M. R., Akhtar, R., Memon, H., Memon, M. H., & Shaikh, R. A. (2014). Design and implementation to authentication over a GSM system using certificate-less public key cryptography (CL-PKC). Wireless Personal Communications, 79(1), 661–686.CrossRef

18.

Jiang, Q., Ma, J. F., Yang, C., Ma, X. D., Shen, J., & Chaudhry, S. A. (2017). Efficient end-to-and authentication protocol for wearable health monitoring systems. Computers & Electrical Engineering. https://doi.org/10.1016/j.compeleceng.2017.03.016.CrossRef

19.

Memon, I. (2015). A secure and efficient communication scheme with authenticated key establishment protocol for road networks. Wireless Personal Communications, 85(3), 1167–1191.CrossRef

20.

Arain, Q. A., Zhongliang, D., Memon, I., Arain, S., Shaikh, F. K., Zubedi, A., et al. (2017). Privacy preserving dynamic pseudonym-based multiple mix-zones authentication protocol over road networks. Wireless Personal Communications, 95(2), 505–521.CrossRef

21.

Memon, I., Arain, Q. A., Memon, H., & Mangi, F. A. (2017). Efficient user based authentication protocol for location based services discovery over road networks. Wireless Personal Communications, 95(4), 3713–3732.CrossRef

22.

Chen, C., Huang, H., Liu, C., & Lai, C. (2014). User authentication with anonymity fore roaming service with smart cards in global mobility networks. Ad-Hoc & Sensor Wireless Networks, 20(1–2), 5–19.

23.

Memon, I. (2015). Authentication user’s privacy: An integrating location privacy protection algorithm for secure moving objects in location based services. Wireless Personal Communications, 82(3), 1585–1600.CrossRef

24.

Memon, I., Hussain, I., Akhtar, R., & Chen, G. (2015). Enhanced privacy and authentication: An efficient and secure anonymous communication for location based service using asymmetric cryptography scheme. Wireless Personal Communications, 84(2), 1487–1508.CrossRef

25.

Kamenyi, D. M., Wang, Y., Zhang, F., Memon, I., & Gustav, Y. H. (2013). Authenticated privacy preserving for continuous query in location based services. Journal of Computational Information Systems, 9(24), 9857–9864.

26.

Das, M. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.CrossRef

27.

Xie, Q., Wong, D. S., Wang, G., Tan, X., Chen, K. F., & Fang, L. M. (2017). Provably secure dynamic ID-based anonymous two-factor authenticated key exchange protocol with extended security model. IEEE Transactions on Information Forensics & Security, 12(6), 1382–1392.CrossRef

28.

Wang, D., & Wang, P. (2016). Two birds with one stone: two-factor authentication with security beyond conventional bound. IEEE Trans. on Dependable and Secure Computing. https://doi.org/10.1109/TDSC.2016.2605087.

29.

Wang, D., He, D. B., Wang, P., & Chu, C. H. (2015). Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment. IEEE Transactions on Dependable and Secure Computing, 12(4), 228–442.CrossRef

30.

Nyang, D. H., & Lee, M. K. (2009). Improvement of Das’s two-factor authentication protocol in wireless sensor networks. In Cryptology ePrint Archive, 631.

31.

Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.CrossRef

32.

Yuan, J. (2014). An enhanced two-factor user authentication in wireless sensor networks. Telecommunication Systems, 55(1), 105–113.CrossRef

33.

Wang, D., & Wang, P. (2014). Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Networks, 20, 1–15. https://doi.org/10.1016/j.adhoc.2014.03.003.CrossRef

34.

Xie, Q., Dong, N., Wong, D. S., & Hu, B. (2016). Cryptanalysis and security enhancement of a two-factor authentication and key agreement protocol. International Journal of Communication Systems, 29(3), 478–487.CrossRef

35.

Sun, D., Li, J., Feng, Z., Cao, Z., & Xu, G. (2013). On the security and improvement of a two-factor user authentication scheme in wireless sensor networks. Personal and Ubiquitous Computing, 17(5), 895–905.CrossRef

36.

Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks, 20, 96–112.CrossRef

37.

Jiang, Q., Zeadally, S., Ma, J. F., & He, D. B. (2017). Lightweight three-factor authentication and key agreement protocol for Internet-integrated wireless sensor networks. IEEE Access, 5(1), 3376–3392.CrossRef

38.

Xue, K., Ma, C., Hong, P., et al. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.CrossRef

39.

Xie, Q., Tang, Z. X., & Chen, K. F. (2017). Cryptanalysis and improvement on anonymous three-factor authentication scheme for mobile networks. Computers and Electrical Engineering, 59, 218–230.CrossRef

40.

Das, A. (2015). A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks. Wireless Personal Communications, 82(3), 1377–1404.CrossRef

41.

Yuan, C. S., Sun, X. M., & Lv, R. (2016). Fingerprint liveness detection based on multi-scale LPQ and PCA. China Communications, 13(7), 60–65. https://doi.org/10.1109/CC.2016.7559076.CrossRef

42.

Wang, D., Cheng, H. B., Wang, P., Huang, X. Y., & Jian, G. P. (2017). Zipf’s law in passwords. IEEE Transactions on Information Forensics and Security, 12(11), 2776–2791.CrossRef

43.

Li, C., & Hwang, M. (2010). An efficient biometric-based remote authentication scheme using smart cards. Journal of Network and Computer Applications, 33(1), 1–5.CrossRef

44.

Jiang, Q., Chen, Z., Li, B., et al. (2017). Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems. Journal of Ambient Intelligence and Humanized Computing. https://doi.org/10.1007/s12652-017-0516-2.CrossRef

45.

Dodis, Y., Reyzin, L., Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. Advances in cryptology-Eurocrypt, 523–540.

46.

He, D., & Wang, D. (2014). Robust biometrics-based authentication scheme for multiserver environment. IEEE Systems Journal, 9(3), 816–823.CrossRef

47.

Li, X., Niu, J., Kumari, S., et al. (2017). A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. Journal of Network and Computer Applications. https://doi.org/10.1016/j.jnca.2017.07.001.CrossRef

48.

Das, A. (2017). A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. International Journal of Communication Systems. https://doi.org/10.1002/dac.2933.CrossRef

49.

Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.MathSciNetCrossRef

50.

Kim, T., Kim, C., & Park, I. (2012). Side channel analysis attacks using AM demodulation on commercial smart cards with SEED. Journal of Systems and Software, 85(12), 2899–2908.CrossRef

51.

Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S. (2004). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In Cryptographic hardware and embedded systems-CHES (pp. 119–132).

52.

Burrow, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems, 8, 18–36.CrossRef

53.

Java Pairing Based Cryptography Library (jPBC). Available at http://gas.dia.unisa.it/projects/jpbc.

Titel: Anonymous three-factor authenticated key agreement for wireless sensor networks
verfasst von: Yanrong Lu
Guangquan Xu
Lixiang Li
Yixian Yang
Publikationsdatum: 03.11.2017
Verlag: Springer US
Erschienen in: Wireless Networks / Ausgabe 4/2019
Print ISSN: 1022-0038
Elektronische ISSN: 1572-8196
DOI: https://doi.org/10.1007/s11276-017-1604-0

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 4/2019

Training size optimization with reduced complexity in cell-free massive MIMO system

An optimal transmission strategy in zero-sum matrix games under intelligent jamming attacks

Secure and efficient binding updates in host-based distributed mobility management

A hierarchical binary quadtree index for spatial queries

Interference analysis for asynchrounous OFDM/FBMC based cognitive radio networks over Rayleigh fading channel

Enhanced mobility aware routing protocol for Low Power and Lossy Networks