Abstract

Due to their frequent use in unattended and hostile deployment environments, the security in wireless sensor networks (WSNs) has attracted much interest in the past two decades. However, it remains a challenge to design a lightweight authentication protocol for WSNs because the designers are confronted with a series of desirable security requirements, e.g., user anonymity, perfect forward secrecy, resistance to de-synchronization attack. Recently, the authors presented two authentication schemes that attempt to provide user anonymity and to resist various known attacks. Unfortunately, in this work we shall show that user anonymity of the two schemes is achieved at the price of an impractical search operation—the gateway node may search for every possible value. Besides this defect, they are also prone to smart card loss attacks and have no provision for perfect forward secrecy. As our main contribution, a lightweight anonymous authentication scheme with perfect forward secrecy is designed, and what we believe the most interesting feature is that user anonymity, perfect forward secrecy, and resistance to de-synchronization attack can be achieved at the same time. As far as we know, it is extremely difficult to meet these security features simultaneously only using the lightweight operations, such as symmetric encryption/decryption and hash functions.

Highlights

  • Wireless sensor networks (WSNs) have gained a great deal of attention from researchers in the academic and industrial field mainly because of two reasons: first, they consist of a large number of resource-constrained sensor nodes, which are deployed randomly in a target region [1], and second, they can be widely used in various kinds of applications, such as healthcare monitoring [2], environment sensing [3], industrial monitoring [4], etc

  • In some applications for WSNs, such as real-time healthcare monitoring, traffic control monitoring, and military surveillance, external users are interested in accessing real-time data directly from desired sensor nodes without involving the gateway node (GWN)

  • We design a lightweight anonymous authentication protocol for WSNs based on the one-time hash chain and pseudonym identity

Read more

Summary

Introduction

Wireless sensor networks (WSNs) have gained a great deal of attention from researchers in the academic and industrial field mainly because of two reasons: first, they consist of a large number of resource-constrained sensor nodes, which are deployed randomly in a target region [1], and second, they can be widely used in various kinds of applications, such as healthcare monitoring [2], environment sensing [3], industrial monitoring [4], etc. In many applications [5,6,7], external users need to access to this real-time information from the sensor nodes.

Real-time
Related Works
Motivation and Contributions
Adversary Model
Organization of the Paper
Review of Two Related Schemes
User Registration
Sensor Node Registration
Password Update Phase
Security Analysis of Two Related Schemes
Smart Card Loss Attack
Impractical GWN Search Operation
No Provision for Perfect Forward Secrecy
The Proposed Scheme
Authentication and Key Agreement Phase
Security Analysis of Our Scheme
Authentication Proof Based on Strand Space Model
The Basic Notion of Strand Space Model
Penetrator Strands
A j i j0
Formal Security Validation Using ProVerif
Resistance to De-synchronization Attack
Mutual Authentication
User Anonymity
Perfect Forward Secrecy
Resistance to Smart Card Loss Attack
Resistance Known Session-Specific Temporary Information Attack
Resistance to User Impersonation Attack
Resistance to Sensor Node Spoofing Attack
4.3.10. Resistance to Replay Attack
4.3.11. Resistance to Man-in-the-middle Attack
Security Comparisons
Performance Analysis
Computation Analysis
Communication Analysis
Conclusions
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call