Abstract
In a wireless sensor networks (WSNs), there is a need of constant information access from the nodes, as the real-time data might never again be accessed. Thus, users are allowed to access the nodes in the real-time as and when required. The user authentication plays an indispensable part in this communication. Recently, Farash et al. proposed an efficient user authentication scheme for WSNs. Though their scheme is very efficient, we identify that their scheme is vulnerable to off-line password guessing attack, off-line identity guessing attack, stolen smart card attack and user impersonation attack. As a result, we feel that there is a great need to improve Farash et al.’s scheme to present a secure communication protocol. In this paper, we propose a secure and lightweight user authentication and key agreement scheme for distributed WSN, which will also be handy in taking care of the Internet of Things (IoT). The lightweight property of our proposed scheme can be useful in resource-constrained architecture of WSNs. In addition, our scheme has merit to change dynamically the user’s password locally without the help of the base station or gateway node. Furthermore, our scheme supports dynamic nodes addition, after the initial deployment of nodes in the existing sensor network. We prove the authentication property of our scheme using Burrows-Abadi-Needham (BAN) logic. The simulation results using the automated validation of internet security protocols and applications (AVISPA) tool shows the security of the proposed scheme against replay and man-in-the middle attacks.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.