Abstract
The Internet of Things (IoT) has built an information bridge between people and the objective world, wherein wireless sensor networks (WSNs) are an important driving force. For applications based on WSN, such as environment monitoring, smart healthcare, user legitimacy authentication, and data security, are always worth exploring. In recent years, many multifactor user authentication schemes for WSNs have been proposed using smart cards, passwords, as well as biometric features. Unfortunately, these schemes are revealed to various vulnerabilities (e.g., password guessing attack, impersonation attack, and replay attack) due to nonuniform security evaluation criteria. Wang et al. put forward 12 pieces of widely accepted evaluation criteria by investigating quantities of relevant literature. In this paper, we first propose a lightweight multifactor authentication protocol for multigateway WSNs using hash functions and XOR operations. Further, BAN logic and BPR model are employed to formally prove the correctness and security of the proposed scheme, and the informal analysis with Wang et al.’s criteria also indicates that it can resist well-known attacks. Finally, performance analysis of the compared schemes is given, and the evaluation results show that only the proposed scheme can satisfy all 12 evaluation criteria and keep efficient among these schemes.
Highlights
As the third revolution of the information technology industry, Internet of ings (IoT) has been developing for over 20 years
In wireless sensor networks (WSNs), tens of thousands of different sensors are deployed everywhere. ese devices collect the real-time data from surrounding environment or target objects and, at fixed periods, forward the collected data directly to nearby gateway nodes for further analysis
The new protocol in this paper exclusively provides the repairability and forward security, as well as resistance against stolen smart card attack. e protocol presented by Guo et al [22] has weaknesses in no repairability, improper treatment of biometric features, and offline password guessing attack; the protocol of Wu et al [20] cannot resist insider attack, stolen smart card attack, and offline password guessing attack; the protocol proposed by Srinivas et al [21] does not protect against insider attack and offline password guessing attack and ensure that the user will be not traced; Amin’s protocol [19] does not provide resistance to insider attack and guarantee of untraceability of the user
Summary
As the third revolution of the information technology industry, Internet of ings (IoT) has been developing for over 20 years. In accordance with 12-Criteria, we further point out some vulnerabilities and drawbacks that still exist in their scheme, including no repairability, improper treatment of biological factors, offline password guessing attack, and lack of forward secrecy. E BurrowsAbadi-Needham logic [26], BAN logic for short, plays a positive and effective role when proving that one scheme can support authentication and key agreement among communicating participants It needs three steps including idealization of interaction messages in the protocol, initial assumptions according to specific situations, and achievements of expected goals by inference rules. (1) A obtains xfg of FGWN and computes fj h(SIDj ‖ xfg) after eavesdropping the message M1
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call