Abstract
Wireless sensor networks are used to monitor physical or environmental conditions. However, authenticating a user or sensor in wireless sensor networks is more difficult than in traditional networks owing to sensor network characteristics such as unreliable communication networks, resource limitation, and unattended operation. As a result, various authentication schemes have been proposed to provide secure and efficient communication. He et al. suggested a robust biometrics-based user authentication scheme, but Yoon and Kim indicated that their scheme had several security vulnerabilities. The latter then proposed an advanced biometrics-based user authentication scheme; in this paper, we analyze this advanced scheme and perform a cryptanalysis. Our analysis shows that Yoon and Kim's scheme has various security weaknesses such as a biometric recognition error, a user verification problem, lack of anonymity and perfect forward secrecy, session key exposure by the gateway node, vulnerability to denial of service attacks, and a revocation problem. Therefore, we suggest countermeasures that can be implemented to solve these problems and then propose a security-enhanced biometrics-based user authentication scheme using fuzzy extraction that conforms to the proposed countermeasures. Finally, we conduct a security analysis for the proposed biometrics-based user authentication scheme.
Highlights
Nowadays, numerous physical, chemical, and biological sensors are deployed in wireless sensor network (WSN) environments for various applications
To verify the security of Yoon and Kim’s advanced scheme, we analyzed their scheme and performed a security cryptanalysis. We found that it has various security problems, including a biometric recognition error, a user verification problem, lack of anonymity and perfect forward secrecy, session key exposure by the gateway node, vulnerability to denial of service (DoS) attacks, and a revocation problem
The important benefit of Elliptic Curves Cryptography (ECC) is that it provides a smaller key size, so ECC can maintain the same degree of security with a smaller key size than other publickey forms of cryptography, such as Rivest Shamir Adleman (RSA), Diffie-Hellman (DH), and Digital Signature Algorithm (DSA)
Summary
Numerous physical, chemical, and biological sensors are deployed in wireless sensor network (WSN) environments for various applications. In 2012, He demonstrated that Yoon and Yoo scheme was still vulnerable to denial of service (DoS) and sensor impersonation attacks The former proposed an improved scheme to overcome these security problems [13]. To verify the security of Yoon and Kim’s advanced scheme, we analyzed their scheme and performed a security cryptanalysis We found that it has various security problems, including a biometric recognition error, a user verification problem, lack of anonymity and perfect forward secrecy, session key exposure by the gateway node, vulnerability to DoS attacks, and a revocation problem. To solve these problems, we first suggest appropriate countermeasures and propose a biometrics-based user authentication scheme using fuzzy extraction with improved security that conforms to the proposed countermeasures.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Distributed Sensor Networks
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
