Session Key Authentication Mechanisms for Wireless Sensor Network Users (original) (raw)
Related papers
A strong user authentication scheme with smart cards for wireless communications
Computer Communications, 2011
Seamless roaming over wireless network is highly desirable to mobile users, and security such as authentication of mobile users is challenging. Recently, due to tamper-resistance and convenience in managing a password file, some smart card based secure authentication schemes have been proposed. This paper shows some security weaknesses in those schemes. As the main contribution of this paper, a secure and light-weight authentication scheme with user anonymity is presented. It is simple to implement for mobile user since it only performs a symmetric encryption/decryption operation. Having this feature, it is more suitable for the low-power and resource-limited mobile devices. In addition, it requires four message exchanges between mobile user, foreign agent and home agent. Thus, this protocol enjoys both computation and communication efficiency as compared to the well-known authentication schemes. As a special case, we consider the authentication protocol when a user is located in his/her home network. Also, the session key will be used only once between the mobile user and the visited network. Besides, security analysis demonstrates that our scheme enjoys important security attributes such as preventing the various kinds of attacks, single registration, user anonymity, no password/verifier table, and high efficiency in password authentication, etc. Moreover, one of the new features in our proposal is: it is secure in the case that the information stored in the smart card is disclosed but the user password of the smart card owner is unknown to the attacker. To the best of our knowledge, until now no user authentication scheme for wireless communications has been proposed to prevent from smart card breach. Finally, performance analysis shows that compared with known smart card based authentication protocols, our proposed scheme is more simple, secure and efficient.
A Privacy-Preserving User Authentication Scheme for WirelessSensor Network Users
seamless roaming over wireless network is very attractive to portable clients, and security, for example, verification of mobile clients is testing. As of late, because of alter protection and comfort in dealing with a secret word record, some shrewd card based secure confirmation plans have been proposed. This paper demonstrates some security shortcomings in those plans. As the fundamental commitment of this paper, a protected and lightweight verification plot with client secrecy is introduced. It is easy to execute for mobile client since it just plays out a symmetric encryption/decoding operation. Having this component, it is more appropriate for the low-power and asset restricted cell phones. Likewise, it requires four message trades between mobile client, outside specialist and home operator. Therefore, this convention appreciates both calculation and correspondence proficiency when contrasted with the outstanding confirmation plans. As an uncommon case, we consider the confirmation convention when a client is situated in his/her home system. In this paper, we propose a privacy-preserving all inclusive authentication protocol, called priauth, which gives solid client obscurity against the two busybodies and remote servers, session key foundation, and accomplishes productivity. In particular, priauth gives an effective way to deal with handle the issue of client renouncement while supporting solid client untraceability.
In 2012, Mun et al. proposed an enhanced secure authentication with key-agreement protocol for roaming service in global mobility networks environment based on elliptic curve cryptography. They claimed that their protocol is efficient and resistant to prominent security attacks. The careful analysis of this study proves that Mun et al.'s protocol is susceptible to several attacks such as replay attack, man-in-middle attack, user impersonation attack, privileged insider attack, denial-of-service attack, no login phase and imperfect mutual authentication phase. In addition, this study proposes an enhanced lightweight authentication with key-agreement protocol for mobile networks based on elliptic curve cryptography using smart cards. The proposed protocol is lightweight and perfectly suitable for real-time applications as it accomplishes simple one-way hash function, message authentication code and exclusive-OR operation. Furthermore, it achieves all the eminent security properties and is resistant to various possible attacks. The security analysis and comparison section demonstrates that the proposed protocol is robust compared with Mun et al.'s protocol.
A robust smart card-based anonymous user authentication protocol for wireless communications
Security and Communication Networks, 2013
Anonymous user authentication is an important but challenging task for wireless communications. In a recent paper, Das proposed a smart card-based anonymous user authentication protocol for wireless communications. The scheme can protect user privacy and is believed to be secure against a range of network attacks even if the secret information stored in the smart card is compromised. In this paper, we reanalyze the security of Das' scheme, and show that the scheme is in fact insecure against impersonation attacks. We then propose a new smart card-based anonymous user authentication protocol for wireless communications. Compared with the existing schemes, our protocol uses a different user authentication mechanism, which does not require different entities to maintain a synchronized clock.We show that the proposed new protocol can provide stronger security and better efficiency and scalability than previous schemes.
An Efficient and Secure Session Key Management Scheme in Wireless Sensor Network
Complexity, 2021
Wireless Sensor Network (WSN) is a particular network built from small sensor nodes. These sensor nodes have unique features. That is, it can sense and process data in WSN. WSN has tremendous applications in many fields. Despite the significance of WSN, this kind of network faced several issues. The biggest problems rising in WSN are energy consumption and security. Robust security development is needed to cope with WSN applications. For security purposes in WSN, cryptography techniques are very favorable. However, WSN has resource limitations, which is the main problem in applying any security scheme. Hence, if we are using the cryptography scheme in WSN, we must first guarantee that it must be energy-efficient. Thus, we proposed a secure hybrid session key management scheme for WSN. In this scheme, the major steps of public key cryptography are minimized, and much of the operations are based on symmetric key cryptography. This strategy extensively reduces the energy consumption of...
A Strong Authentication Scheme with User Privacy for Wireless Sensor Networks
ETRI Journal, 2013
Wireless sensor networks (WSNs) are used for many real-time applications. User authentication is an important security service for WSNs to ensure only legitimate users can access the sensor data within the network. In 2012, Yoo and others proposed a security-performancebalanced user authentication scheme for WSNs, which is an enhancement of existing schemes. In this paper, we show that Yoo and others' scheme has security flaws, and it is not efficient for real WSNs. In addition, this paper proposes a new strong authentication scheme with user privacy for WSNs. The proposed scheme not only achieves end-party mutual authentication (that is, between the user and the sensor node) but also establishes a dynamic session key. The proposed scheme preserves the security features of Yoo and others' scheme and other existing schemes and provides more practical security services. Additionally, the efficiency of the proposed scheme is more appropriate for real-world WSNs applications.
In wireless networks, seamless roaming allows a mobile user (MU) to utilize its services through a foreign server (FS) when outside his home server (HS). However, security and efficiency of the authentication protocol as well as privacy of MUs are of great concern to achieve an efficient authentication protocol. Conventionally, authentication involves the participation of three entities (MU, HS, and FS); however, involving an HS in the authentication process incurs heavy computational burden on it due to huge amount of roaming requests. Moreover, wireless networks are often susceptible to various forms of passive and active attacks. Similarly, mobile devices have low processing, communication, and power capabilities. In this paper, we propose an efficient, secure, and privacy-preserving lightweight authentication protocol for roaming MUs in wireless networks without engaging an HS. The proposed authentication protocol uses unlinkable pseudo-IDs and lightweight time-bound group signature to provide strong user anonymity, and a cost-effective cryptographic scheme to achieve security of the authentication protocol. Similarly, we implement a better billing system for MUs and a computationally efficient revocation scheme. Our analysis shows that the protocol has better performance than other related authentication protocols in wireless communications in terms of security, privacy, and efficiency.
User anonymity based trusted authentication scheme for wireless environment
2018
In recent years, wireless technology has gained popularity due to its cost effectiveness when compared to wired network. On the other hand, it is open to security attacks because of its transmission media. Out of various security issues related to wireless network, authentication is the primary one. To accomplish this, password based smart card authentication scheme is the most prominent scheme. However, most of these schemes are vulnerable to one or the other possible attacks. This paper presents an efficient and secure smart card authentication scheme based on difficulty in solving Elliptic Curve Discrete logarithm Problem (ECDLP). It allows users to choose and change the password without taking any assistance from the Home Agent (HA). Security analysis proves that the proposed scheme is more secure and practical.
A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks
In 2014, Turkanovic et al. proposed a smart card-5 based authentication scheme for heterogeneous ad hoc wireless 6 sensor network. This scheme is very efficient since it employs 7 only hash function and XOR operation. However, we found that 8 Turkanovic et al.'s scheme is vulnerable to impersonation attack 9 with node capture, stolen smart card attack, sensor node spoofing 10 attack, stolen verifier attack, and fails to ensure backward secrecy.
Int. J. Netw. Secur., 2016
The cluster heads in hierarchical wireless sensor networks gather real time data from the other ordinary sensor nodes and send those data to a nearest base station. But, the main important issue is that how a user will get the real time data directly from a cluster head securely. To solve this problem, many user authentication schemes have been proposed in literature. In 2012, Das et al. proposed a dynamic password-based user authentication scheme for hierarchical wireless sensor networks and showed that their scheme is secure against all possible attacks. In this paper, we have pointed out that Das et al.’s scheme is insecure against insider attack, theft attack and session key recovery attack, and their scheme also suffers from dynamic cluster head addition overhead problem, limited number of cluster heads access problem and clock synchronization problem. To overcome these drawbacks, we have proposed an efficient and robust user authentication scheme for hierarchical wireless sens...