An efficient and novel three-factor user authentication scheme for large-scale heterogeneous wireless sensor networks

Abstract

In this paper, we propose a new three-factor user authentication mechanism in heterogeneous wireless sensor networks, which is a biometric-based scheme that makes use of smart card along with the user's password. The proposed protocol provides strong authentication as compared to traditional related password-based schemes and achieves good properties such as it works without synchronised clock, it freely changes password, and it provides low computation, communication and sensor's energy costs, and mutual authentication. Our scheme establishes a symmetric secret session key shared between a legal user and a sensor node so that the secret session key can be used later for secure future communications between them. Moreover, the proposed scheme provides unconditional security against node capture attack and it is also resilient against different attacks. Furthermore, the simulation results of our scheme using the automated validation of internet security protocols and applications AVISPA tool ensure that our scheme is secure.