Abstract

Due to their frequent use in unattended and hostile deployment environments, the security in wireless sensor networks (WSNs) has attracted much interest in the past two decades. However, it remains a challenge to design a lightweight authentication protocol for WSNs because the designers are confronted with a series of desirable security requirements, e.g., user anonymity, perfect forward secrecy, resistance to de-synchronization attack. Recently, the authors presented two authentication schemes that attempt to provide user anonymity and to resist various known attacks. Unfortunately, in this work we shall show that user anonymity of the two schemes is achieved at the price of an impractical search operation—the gateway node may search for every possible value. Besides this defect, they are also prone to smart card loss attacks and have no provision for perfect forward secrecy. As our main contribution, a lightweight anonymous authentication scheme with perfect forward secrecy is designed, and what we believe the most interesting feature is that user anonymity, perfect forward secrecy, and resistance to de-synchronization attack can be achieved at the same time. As far as we know, it is extremely difficult to meet these security features simultaneously only using the lightweight operations, such as symmetric encryption/decryption and hash functions.

Highlights

  • Wireless sensor networks (WSNs) have gained a great deal of attention from researchers in the academic and industrial field mainly because of two reasons: first, they consist of a large number of resource-constrained sensor nodes, which are deployed randomly in a target region [1], and second, they can be widely used in various kinds of applications, such as healthcare monitoring [2], environment sensing [3], industrial monitoring [4], etc

  • In some applications for WSNs, such as real-time healthcare monitoring, traffic control monitoring, and military surveillance, external users are interested in accessing real-time data directly from desired sensor nodes without involving the gateway node (GWN)

  • We design a lightweight anonymous authentication protocol for WSNs based on the one-time hash chain and pseudonym identity

Read more

Summary

Introduction

Wireless sensor networks (WSNs) have gained a great deal of attention from researchers in the academic and industrial field mainly because of two reasons: first, they consist of a large number of resource-constrained sensor nodes, which are deployed randomly in a target region [1], and second, they can be widely used in various kinds of applications, such as healthcare monitoring [2], environment sensing [3], industrial monitoring [4], etc. In many applications [5,6,7], external users need to access to this real-time information from the sensor nodes.

Real-time
Related Works
Motivation and Contributions
Adversary Model
Organization of the Paper
Review of Two Related Schemes
User Registration
Sensor Node Registration
Password Update Phase
Security Analysis of Two Related Schemes
Smart Card Loss Attack
Impractical GWN Search Operation
No Provision for Perfect Forward Secrecy
The Proposed Scheme
Authentication and Key Agreement Phase
Security Analysis of Our Scheme
Authentication Proof Based on Strand Space Model
The Basic Notion of Strand Space Model
Penetrator Strands
A j i j0
Formal Security Validation Using ProVerif
Resistance to De-synchronization Attack
Mutual Authentication
User Anonymity
Perfect Forward Secrecy
Resistance to Smart Card Loss Attack
Resistance Known Session-Specific Temporary Information Attack
Resistance to User Impersonation Attack
Resistance to Sensor Node Spoofing Attack
4.3.10. Resistance to Replay Attack
4.3.11. Resistance to Man-in-the-middle Attack
Security Comparisons
Performance Analysis
Computation Analysis
Communication Analysis
Conclusions
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A Lightweight Three-Factor Anonymous Authentication Scheme With Privacy Protection for Personalized Healthcare Applications
Yue Li ... Nenghai Yu
Journal of Organizational and End User Computing | VOL. 33
Yue Li, et. al.Yue Li ... Nenghai Yu
01 May 2021
A Lightweight Three-Factor Anonymous Authentication Scheme With Privacy Protection for Personalized Healthcare Applications
Yue Li ... Mengxia Shuai
-
Yue Li, et. al.Yue Li ... Mengxia Shuai
03 Jun 2022
A Realistic Lightweight Anonymous Authentication Protocol for Securing Real-Time Application Data Access in Wireless Sensor Networks
Tzonelih Hwang ... Prosanta Gope
IEEE Transactions on Industrial Electronics | VOL. 63
Tzonelih Hwang, et. al.Tzonelih Hwang ... Prosanta Gope
01 Nov 2016
Applications and techniques in information and network security
Jemal H Abawajy ... Rafiqul Islam
Concurrency and Computation: Practice and Experience | VOL. 29
Jemal H Abawajy, et. al.Jemal H Abawajy ... Rafiqul Islam
15 Oct 2017
View more papers

More From: Sensors

Paper Title
Journal
Date
Author
A Flexible Double-Sided Curvature Sensor Array for Use in Soft Robotics
Racha Benarrait ... Andreas Dietzel
Sensors | VOL. 24
Racha Benarrait, et. al.Racha Benarrait ... Andreas Dietzel
28 May 2024
Experimental Research on Shipborne SINS Rapid Mooring Alignment with Variance-Constraint Kalman Filter and GNSS Position Updates
Zhipeng Fan ... Hubiao Wang
Sensors | VOL. 24
Zhipeng Fan, et. al.Zhipeng Fan ... Hubiao Wang
28 May 2024
Development of an In-Pipe Inspection Robot for Large-Diameter Water Pipes
Kwang-Woo Jeon ... Hak Yi
Sensors | VOL. 24
Kwang-Woo Jeon, et. al.Kwang-Woo Jeon ... Hak Yi
28 May 2024
Loom: A Modular Open-Source Approach to Rapidly Produce Sensor, Actuator, Datalogger Systems
William Richards ... Chet Udell
Sensors | VOL. 24
William Richards, et. al.William Richards ... Chet Udell
28 May 2024
View more papers