Skip to main content
SpringerLink
Log in

A Robust Smart Card based Authentication and Key Agreement Scheme for WSN using Fuzzy Extractor

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

As Wireless Sensor Networks (WSN) uses the open channel for communication between the end users and the resource-constrained sensors; maintaining privacy and security is always a challenging task. In this context, Khalid et al. proposed a biometric-based user authentication and Key agreement (AKA) scheme in WSN based on intelligent sensors. However, during this research, it is found that the schemes have many computational flaws and are under the threat of different attacks, such as Impersonation attacks, Stolen Smart Card (SC) attacks, etc. So, to overcome the vulnerabilities found in Khalid et al.’s scheme, an improved robust mutual AKA scheme for WSNs having intelligent sensors is proposed in this article. Moreover, the correctness of the scheme is verified by Burrows–Abadi–Needham (BAN) logic, and the security is proved by Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool. Through various security analysis, performance evaluation and comparison with the existing related schemes shows that the proposed scheme could not only highly resistance against various well-known attacks than others but also maintain the low cost at sensor nodes, as well.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data availability

The data and material that support the findings of this study are available from the corresponding author, Rituparna Paul, upon reasonable request.

References

  1. Khalid B, Qureshi KN, Ghafoor KZ, Jeon G (2023) An improved biometric based user authentication and key agreement scheme for intelligent sensor based wireless communication. Microprocess Microsyst 96:104722

    Article  Google Scholar 

  2. Park Y, Lee S, Kim C, Park Y (2016) Secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. Int J Distrib Sens Netw 12(7):1550147716658607

    Article  Google Scholar 

  3. Chen CM, Wang KH, Yeh KH, Xiang B, Wu TY (2019) Attacks and solutions on a three-party password-based authenticated key exchange protocol for wireless communications. J Ambient Intell Humaniz Comput 10:3133–3142

    Article  Google Scholar 

  4. Chen CM, Xiang B, Wu TY, Wang KH (2018) An anonymous mutual authenticated key agreement scheme for wearable sensors in wireless body area networks. Appl Sci 8(7):1074

    Article  Google Scholar 

  5. Rashid B, Rehmani MH (2016) Applications of wireless sensor networks for urban areas: A survey. J Netw Comput Appl 60:192–219

    Article  Google Scholar 

  6. Saia R, Carta S, Recupero DR, Fenu G (2019) Internet of entities (IoE): A blockchain-based distributed paradigm for data exchange between wireless-based devices. In SENSORNETS 2019-Proc 8th Int Conf Sens Netw 77–84. SciTePress

  7. Khan S, Pathan ASK, Alrajeh NA (Eds) (2016) Wireless sensor networks: Current status and future trends

  8. Wang D, Wang P, Wang C (2020) Efficient multi-factor user authentication protocol with forward secrecy for real-time data access in WSNs. ACM Transact Cyber-Phys Syst 4(3):1–26

    Article  MathSciNet  Google Scholar 

  9. Jing Q, Vasilakos AV, Wan J, Lu J, Qiu D (2014) Security of the Internet of Things: perspectives and challenges. Wireless Netw 20:2481–2501

    Article  Google Scholar 

  10. Allahham AA, Rahman MA (2018) A smart monitoring system for campus using Zigbee wireless sensor networks. Int J Softw Eng Comput Syst (IJSECS) 4(1):1–14

    Article  Google Scholar 

  11. Xu Z, Xu C, Liang W, Xu J, Chen H (2019) A lightweight mutual authentication and key agreement scheme for medical Internet of Things. IEEE Access 7:53922–53931

    Article  Google Scholar 

  12. Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Netw 20:96–112

    Article  Google Scholar 

  13. Chang CC, Le HD (2015) A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wireless Commun 15(1):357–366

    Article  Google Scholar 

  14. Das AK, Kumari S, Odelu V, Li X, Wu F, Huang X (2016) Provably secure user authentication and key agreement scheme for wireless sensor networks. Secur Commun Netw 9(16):3670–3687

    Article  Google Scholar 

  15. He J, Yang Z, Zhang J, Liu W, Liu C (2018) On the security of a provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. Int J Distrib Sens Netw 14(1):1550147718756311

    Article  Google Scholar 

  16. Santos-González I, Rivero-García A, Burmester M, Munilla J, Caballero-Gil P (2020) Secure lightweight password authenticated key exchange for heterogeneous wireless sensor networks. Inf Syst 88:101423

    Article  Google Scholar 

  17. Das AK (2017) A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. Int J Commun Syst 30(1):e2933

    Article  Google Scholar 

  18. Althobaiti O, Al-Rodhaan M, Al-Dhelaan A (2013) An efficient biometric authentication protocol for wireless sensor networks. Int J Distrib Sens Netw 9(5):407971

    Article  Google Scholar 

  19. Lu Y, Xu G, Li L, Yang Y (2019) Anonymous three-factor authenticated key agreement for wireless sensor networks. Wireless Netw 25:1461–1475

    Article  Google Scholar 

  20. Mo J, Chen H (2019) A lightweight secure user authentication and key agreement protocol for wireless sensor networks. Secur Commun Netw 2019:1–17

    Article  Google Scholar 

  21. Yu S, Park Y (2020) SLUA-WSN: Secure and lightweight three-factor-based user authentication protocol for wireless sensor networks. Sensors 20(15):4143

  22. Meshram C, Obaidat MS, Lee CC, Meshram SG (2021) An efficient, robust, and lightweight subtree-based three-factor authentication procedure for large-scale DWSN in random oracle. IEEE Syst J 15(4):4927–4938

    Article  ADS  Google Scholar 

  23. Wu F, Li X, Xu L, Vijayakumar P, Kumar N (2020) A novel three-factor authentication protocol for wireless sensor networks with IoT notion. IEEE Syst J 15(1):1120–1129

    Article  ADS  Google Scholar 

  24. Li Y, Tian Y (2022) A lightweight and secure three-factor authentication protocol with adaptive privacy-preserving property for wireless sensor networks. IEEE Syst J 16(4):6197–6208

    Article  ADS  Google Scholar 

  25. Li C, Dong M, Li J, Xu G, Chen XB, Liu W, Ota K (2022) Efficient medical big data management with keyword-searchable encryption in healthchain. IEEE Syst J 16(4):5521–5532

    Article  ADS  Google Scholar 

  26. Singh M, Mishra D (2023) Post-quantum secure authenticated key agreement protocol for wireless sensor networks. Telecommun Syst 1–13

  27. Darbandeh FG, Safkhani M (2023) SAPWSN: A secure authentication protocol for wireless sensor networks. Comput Netw 220:109469

    Article  Google Scholar 

  28. Chiou SY, Chang SY (2018) An enhanced authentication scheme in mobile RFID system. Ad Hoc Netw 71:1–13

    Article  Google Scholar 

  29. Kumar P, Lee SG, Lee HJ (2012) E-SAP: Efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors 12(2):1625–1647

    Article  CAS  PubMed  PubMed Central  ADS  Google Scholar 

  30. He D, Kumar N, Chen J, Lee CC, Chilamkurti N, Yeo SS (2015) Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Syst 21:49–60

    Article  Google Scholar 

  31. Jiang Q, Ma J, Lu X, Tian Y (2014) Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J Med Syst 38:1–8

    Article  Google Scholar 

  32. Zhou J, Cao Z, Dong X, Xiong N, Vasilakos AV (2015) 4S: A secure and privacy-preserving key management scheme for cloud-assisted wireless body area network in m-healthcare social networks. Inf Sci 314:255–276

    Article  Google Scholar 

  33. Ma L, Ge Y, Zhu Y (2014) TinyZKP: a lightweight authentication scheme based on zero-knowledge proof for wireless body area networks. Wireless Pers Commun 77:1077–1090

    Article  Google Scholar 

  34. Wu F, Xu L, Kumari S, Li X (2017) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimedia Syst 23:195–205

    Article  Google Scholar 

  35. Srinivas J, Mishra D, Mukhopadhyay S (2017) A mutual authentication framework for wireless medical sensor networks. J Med Syst 41:1–19

    Article  Google Scholar 

  36. Moazami F, Safkhani M (2022) TBGODP^+ TBGODP+: improvement of TBGODP, a time bound group ownership delegation protocol. J Amb Intell Human Comput 1–20

  37. Shao X, Guo Y, Guo Y (2022) A PUF-based anonymous authentication protocol for wireless medical sensor networks. Wireless Netw 28(8):3753–3770

    Article  Google Scholar 

  38. Wazid M, Das AK, Kumar N, Vasilakos AV (2019) Design of secure key management and user authentication scheme for fog computing services. Futur Gener Comput Syst 91:475–492

    Article  Google Scholar 

  39. Jia X, He D, Kumar N, Choo KKR (2019) Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Netw 25:4737–4750

    Article  Google Scholar 

  40. Naoui S, Elhdhili ME, Saidane LA (2019) Lightweight and secure password based smart home authentication protocol: LSP-SHAP. J Netw Syst Manage 27:1020–1042

    Article  Google Scholar 

  41. Sharma G, Bala S, Verma AK (2012) Security frameworks for wireless sensor networks-review. Procedia Technol 6:978–987

    Article  Google Scholar 

  42. Fatima MN, Obaidat MS, Mahmood K, Shamshad S, Saleem MA, Ayub MF (2023) Privacy-Preserving Three-Factor Authentication Protocol for Wireless Sensor Networks Deployed in Agricultural Field. ACM Transact Sens Netw

  43. Shamshad S, Ayub MF, Mahmood K, Kumari S, Chaudhry SA, Chen CM (2022) An enhanced scheme for mutual authentication for healthcare services. Digital Communications and Networks 8(2):150–161

    Article  Google Scholar 

  44. Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2–6, 2004. Proceedings 23:523–540. Springer Berlin Heidelberg

  45. Ramli SN, Ahmad R, Abdollah MF, Dutkiewicz E (2013) A biometric-based security for data authentication in wireless body area network (wban). In 2013 15th Int Conf Adv Commun Technol (ICACT) 998–1001. IEEE

  46. Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuéllar J, Vigneron L (2005) The AVISPA tool for the automated validation of internet security protocols and applications. In Computer Aided Verification: 17th International Conference, CAV 2005, Edinburgh, Scotland, UK, July 6–10 (2005) Proceedings 17. Springer, Berlin Heidelberg 281–285

    Google Scholar 

  47. Avispa S (2019) the Security Protocol ANimator for AVISPA

Download references

Funding

This research did not receive any specific funding and it is carried out as part of the employment and higher degree of the authors.

Author information

Authors and Affiliations

  1. Department of Electronics & Communication Engineering, National Institute of Technology Arunachal Pradesh, Arunachal Pradesh, Jote, Itanagar, Papumpare, 791113, India

    Rituparna Paul & Preetisudha Meher

  2. Department of Computer Science & Engineering, National Institute of Technology Arunachal Pradesh, Arunachal Pradesh, Jote, Itanagar, Papumpare, 791113, India

    Shanvendra Rai & Subhasish Banerjee

Authors
  1. Rituparna Paul
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shanvendra Rai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Subhasish Banerjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Preetisudha Meher
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

The proposed concept was created by Rituparna Paul, Shanvendra Rai, and Subhasish Banerjee. The calculations and theoretical development were done by Rituparna Paul, Shanvendra Rai, and Subhasish Banerjee. Subhasish Banerjee and Preetisudha Meher verified the analytical methods and supervised the results of this study and encouraged Rituparna Paul and Shanvendra Rai to research for the efficient techniques and find some solutions to secure WSN. Each author added to the final manuscript and discussed the results.

Corresponding author

Correspondence to Rituparna Paul.

Ethics declarations

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Consent to Publish

I, Rituparna Paul, on behalf of all co-authors listed in the manuscript grant my consent to publish the manuscript titled “A Robust Smart Card-based Authentication and Key Agreement Scheme for WSN using Fuzzy Extractor” in your reputed journal.

Competing interest

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article is part of the Topical Collection on: Special Issue on 2 - Track on Security and Privacy

Guest Editor: Rongxing Lu

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Paul, R., Rai, S., Banerjee, S. et al. A Robust Smart Card based Authentication and Key Agreement Scheme for WSN using Fuzzy Extractor. Peer-to-Peer Netw. Appl. 17, 432–450 (2024). https://doi.org/10.1007/s12083-023-01583-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-023-01583-w

Keywords

Search

Navigation