A Secure Biometric Based User Authentication Protocol in Wireless Sensor Networks

Abstract

With the development of Information and Communication Technology (ICT) and low-power devices, users can access the internet of things (IoT) services provided in various environments such as smart factory, smart health-care, and smart home. However, users cannot withstand various attacks, because sensitive information is transmitted through an open channel. Therefore, secure authentication schemes are essential to provide IoT services for legal users. In 2019, Banerjee et al. proposed an enhanced and secure authentication protocol in wireless sensor networks (WSN) using smart card. They claimed that their protocol can resist against various attacks such as user impersonation and session key disclosure attacks and cannot provide achieve mutual authentication. However, we demonstrated that Banerjee et al.'s protocol cannot prevent various attacks, including impersonation and session key disclosure attacks and cannot achieve mutual authentication. Therefore, we propose a secure biometric based user authentication protocol in wireless sensor networks to resolve these security flaws of Banerjee et al.'s protocol. We prove that our protocol can prevent various attacks such as smart card stolen attack, user impersonation attack, session key disclosure attack and replay attack and provide secure mutual authentication using informal security analysis. In addition, we compare the performance and security features of the proposed scheme with related schemes. We show that the proposed scheme provides slightly higher than Banerjee et al.'s scheme. Furthermore, we demonstrate that the proposed protocol provides better safety than related schemes. Consequently, our protocol can be suitable for practical IoT based WSN environment.