Abstract
A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks).
Highlights
The quest to understand real-world phenomena at a fine spatial-temporal resolution has led to a great increase in the interest in wireless sensor networks (WSNs)
We formally prove that our scheme achieves user anonymity as well as authenticated key exchange in an extension of the widely accepted model of Bellare et al [30]
We provide two security definitions associated with the model, one for authenticated key exchange and one for user anonymity, which collectively define a secure, anonymous SCA-WSN scheme
Summary
The quest to understand real-world phenomena at a fine spatial-temporal resolution has led to a great increase in the interest in wireless sensor networks (WSNs). One common security requirement for SCA-WSN schemes is to ensure that: only a user who is in possession of both a smart card and the corresponding password can be successfully authenticated (by the gateway) and access the sensor data. SCA-WSN schemes should be designed to achieve their intended security properties, such as authenticated key exchange and user anonymity, against stolen smart card attacks. Can provide user anonymity without recourse to public key cryptography This result is somewhat surprising because it implies that all existing anonymous schemes using only lightweight cryptographic techniques [7, 10, 11, 13,14,15,16,17,18,19] fail to achieve user anonymity in the presence of an adversary who can mount a stolen smart card attack.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
