Abstract
Nowadays wireless sensor networks (WSNs) have drawn great attention from both industrial world and academic community. To facilitate real-time data access for external users from the sensor nodes directly, password-based authentication has become the prevalent authentication mechanism in the past decades. In this work, we investigate three foremost protocols in the area of password-based user authentication scheme for WSNs. Firstly, we analyze an efficient and anonymous protocol and demonstrate that though this protocol is equipped with a formal proof, it actually has several security loopholes been overlooked, such that it cannot resist against smart card loss attack and violate forward secrecy. Secondly, we scrutinize a lightweight protocol and point out that it cannot achieve the claimed security goal of forward secrecy, as well as suffering from user anonymity violation attack and offline password guessing attack. Thirdly, we find that an anonymous scheme fails to preserve two critical properties of forward secrecy and user friendliness. In addition, by adopting the “perfect forward secrecy (PFS)” principle, we provide several effective countermeasures to remedy the identified weaknesses. To test the necessity and effectiveness of our suggestions, we conduct a comparison of 10 representative schemes in terms of the underlying cryptographic primitives used for realizing forward secrecy.
Highlights
Wireless sensor networks (WSNs) have become one of the most standard services employed in commercial and industrial applications and proved to be a leading area of research [1,2,3]
Though Ma et al [26] emphasize this principle on client-server architecture, after careful analysis, we find this “perfect forward secrecy (PFS) principle” is suitable for wireless sensor networks (WSNs) environments
We first analyze three state-of-the-art authentication schemes presented by Li et al, Amin et al, and Wu et al, which are mainly applied to realize real-time data access for security-critical wireless sensor networks
Summary
Wireless sensor networks (WSNs) have become one of the most standard services employed in commercial and industrial applications and proved to be a leading area of research [1,2,3]. Description ith user jth remote sensor node gateway node malicious attacker identity of Ui and Sj password of Ui the secret key of gateway node GWN a smart card the XOR operation the concatenation operation one-way hash function the public channel the secure channel how and with what technology did they realize forward secrecy.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
