Abstract
Recently, He et al. proposed an anonymous two-factor authentication scheme following the concept of temporal-credential for wireless sensor networks (WSNs), which is claimed to be secure and capable of withstanding various attacks. However, we reveal that the authentication phase of their scheme has several pitfalls. Firstly, their scheme is susceptible to malicious user impersonation attack, in which a legal but malicious user can impersonate as other registered users. In addition, their scheme is also vulnerable to stolen smart card attack. Furthermore, the scheme cannot provide untraceability and is prone to tracking attack. Then we put forward an untraceable two-factor authentication scheme based on elliptic curve cryptography (ECC) for WSNs. Our new scheme makes up for the missing security features necessary for real-life applications while maintaining the desired features of the original scheme. We prove that the scheme fulfills mutual authentication in the Burrows-Abadi-Needham (BAN) logic. Moreover, by way of informal security analysis, we show that the proposed scheme can resist a variety of attacks and provide more security features than He et al.’s scheme.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
