Abstract
The Internet of things is playing more and more important role in smart healthcare, smart grids, and smart transportation, and using wireless sensor network (WSN), we can easily obtain and transmit information. However, the data security and users’ privacy are the biggest challenges for WSN because sensor nodes have low computing power and low storage capacity and are easy to be captured, and wireless networks are vulnerable. In 2021, Shuai et al. proposed a lightweight three-factor anonymous authentication scheme for WSN. However, we found that their protocol is vulnerable to stolen-verifier attack, modification of messages’ attack, and no perfect forward secrecy. Then, a new three-factor anonymous authentication scheme using elliptic curve cryptography (ECC) is proposed. Through informal and formal security analyses, our scheme can resist various known attacks and maintains low computational complexity.
Highlights
In recent years, with the rapid development of Internet of things (IoT) technology, wireless sensor networks (WSN) are widely used in medical, military, agriculture, and other fields [1]
A large number of wireless sensor nodes are deployed in the target fields to collect the data in WSN, but sensor nodes have low computing power and low storage capacity and are easy to be captured; on the contrary, compared with the traditional wired network, messages are transmitted through wireless channels, and it may be attacked by means of eavesdropping, capture, replay, forgery, and so on
Amin and Biswas [7] showed that Turkanovicet al.’s scheme [5] suffers from offline password-guessing attacks and impersonation attacks, and Amin et al proposed a 2FA protocol for multigateway WSN
Summary
With the rapid development of Internet of things (IoT) technology, wireless sensor networks (WSN) are widely used in medical, military, agriculture, and other fields [1]. In 2009, Das [11] proposed an Security and Communication Networks authentication protocol based on ECC for WSN, but their scheme suffers from privilege insider attacks and gateway bypass attacks [12]. (1) We pointed out that Shuai et al.’s scheme suffers from the stolen-verifier attack, modification of messages attack, and no perfect forward security (2) A new three-factor authentication scheme based on ECC and fuzzy extractor algorithm used for WSNs is proposed (3) We use formal verification tool ProVerif [25] which is based on applied pi calculus to prove the security of the proposed scheme (4) e informal security analysis shows that the proposed scheme can resist various known attacks (5) We evaluate the computational cost of the proposed scheme with some related schemes; the result shows that the proposed scheme has better performance.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
