Abstract
As Wireless Sensor Networks (WSN) uses the open channel for communication between the end users and the resource-constrained sensors; maintaining privacy and security is always a challenging task. In this context, Khalid et al. proposed a biometric-based user authentication and Key agreement (AKA) scheme in WSN based on intelligent sensors. However, during this research, it is found that the schemes have many computational flaws and are under the threat of different attacks, such as Impersonation attacks, Stolen Smart Card (SC) attacks, etc. So, to overcome the vulnerabilities found in Khalid et al.’s scheme, an improved robust mutual AKA scheme for WSNs having intelligent sensors is proposed in this article. Moreover, the correctness of the scheme is verified by Burrows–Abadi–Needham (BAN) logic, and the security is proved by Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool. Through various security analysis, performance evaluation and comparison with the existing related schemes shows that the proposed scheme could not only highly resistance against various well-known attacks than others but also maintain the low cost at sensor nodes, as well.
Similar content being viewed by others
Data availability
The data and material that support the findings of this study are available from the corresponding author, Rituparna Paul, upon reasonable request.
References
Khalid B, Qureshi KN, Ghafoor KZ, Jeon G (2023) An improved biometric based user authentication and key agreement scheme for intelligent sensor based wireless communication. Microprocess Microsyst 96:104722
Park Y, Lee S, Kim C, Park Y (2016) Secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks. Int J Distrib Sens Netw 12(7):1550147716658607
Chen CM, Wang KH, Yeh KH, Xiang B, Wu TY (2019) Attacks and solutions on a three-party password-based authenticated key exchange protocol for wireless communications. J Ambient Intell Humaniz Comput 10:3133–3142
Chen CM, Xiang B, Wu TY, Wang KH (2018) An anonymous mutual authenticated key agreement scheme for wearable sensors in wireless body area networks. Appl Sci 8(7):1074
Rashid B, Rehmani MH (2016) Applications of wireless sensor networks for urban areas: A survey. J Netw Comput Appl 60:192–219
Saia R, Carta S, Recupero DR, Fenu G (2019) Internet of entities (IoE): A blockchain-based distributed paradigm for data exchange between wireless-based devices. In SENSORNETS 2019-Proc 8th Int Conf Sens Netw 77–84. SciTePress
Khan S, Pathan ASK, Alrajeh NA (Eds) (2016) Wireless sensor networks: Current status and future trends
Wang D, Wang P, Wang C (2020) Efficient multi-factor user authentication protocol with forward secrecy for real-time data access in WSNs. ACM Transact Cyber-Phys Syst 4(3):1–26
Jing Q, Vasilakos AV, Wan J, Lu J, Qiu D (2014) Security of the Internet of Things: perspectives and challenges. Wireless Netw 20:2481–2501
Allahham AA, Rahman MA (2018) A smart monitoring system for campus using Zigbee wireless sensor networks. Int J Softw Eng Comput Syst (IJSECS) 4(1):1–14
Xu Z, Xu C, Liang W, Xu J, Chen H (2019) A lightweight mutual authentication and key agreement scheme for medical Internet of Things. IEEE Access 7:53922–53931
Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Netw 20:96–112
Chang CC, Le HD (2015) A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wireless Commun 15(1):357–366
Das AK, Kumari S, Odelu V, Li X, Wu F, Huang X (2016) Provably secure user authentication and key agreement scheme for wireless sensor networks. Secur Commun Netw 9(16):3670–3687
He J, Yang Z, Zhang J, Liu W, Liu C (2018) On the security of a provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. Int J Distrib Sens Netw 14(1):1550147718756311
Santos-González I, Rivero-García A, Burmester M, Munilla J, Caballero-Gil P (2020) Secure lightweight password authenticated key exchange for heterogeneous wireless sensor networks. Inf Syst 88:101423
Das AK (2017) A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. Int J Commun Syst 30(1):e2933
Althobaiti O, Al-Rodhaan M, Al-Dhelaan A (2013) An efficient biometric authentication protocol for wireless sensor networks. Int J Distrib Sens Netw 9(5):407971
Lu Y, Xu G, Li L, Yang Y (2019) Anonymous three-factor authenticated key agreement for wireless sensor networks. Wireless Netw 25:1461–1475
Mo J, Chen H (2019) A lightweight secure user authentication and key agreement protocol for wireless sensor networks. Secur Commun Netw 2019:1–17
Yu S, Park Y (2020) SLUA-WSN: Secure and lightweight three-factor-based user authentication protocol for wireless sensor networks. Sensors 20(15):4143
Meshram C, Obaidat MS, Lee CC, Meshram SG (2021) An efficient, robust, and lightweight subtree-based three-factor authentication procedure for large-scale DWSN in random oracle. IEEE Syst J 15(4):4927–4938
Wu F, Li X, Xu L, Vijayakumar P, Kumar N (2020) A novel three-factor authentication protocol for wireless sensor networks with IoT notion. IEEE Syst J 15(1):1120–1129
Li Y, Tian Y (2022) A lightweight and secure three-factor authentication protocol with adaptive privacy-preserving property for wireless sensor networks. IEEE Syst J 16(4):6197–6208
Li C, Dong M, Li J, Xu G, Chen XB, Liu W, Ota K (2022) Efficient medical big data management with keyword-searchable encryption in healthchain. IEEE Syst J 16(4):5521–5532
Singh M, Mishra D (2023) Post-quantum secure authenticated key agreement protocol for wireless sensor networks. Telecommun Syst 1–13
Darbandeh FG, Safkhani M (2023) SAPWSN: A secure authentication protocol for wireless sensor networks. Comput Netw 220:109469
Chiou SY, Chang SY (2018) An enhanced authentication scheme in mobile RFID system. Ad Hoc Netw 71:1–13
Kumar P, Lee SG, Lee HJ (2012) E-SAP: Efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors 12(2):1625–1647
He D, Kumar N, Chen J, Lee CC, Chilamkurti N, Yeo SS (2015) Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Syst 21:49–60
Jiang Q, Ma J, Lu X, Tian Y (2014) Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J Med Syst 38:1–8
Zhou J, Cao Z, Dong X, Xiong N, Vasilakos AV (2015) 4S: A secure and privacy-preserving key management scheme for cloud-assisted wireless body area network in m-healthcare social networks. Inf Sci 314:255–276
Ma L, Ge Y, Zhu Y (2014) TinyZKP: a lightweight authentication scheme based on zero-knowledge proof for wireless body area networks. Wireless Pers Commun 77:1077–1090
Wu F, Xu L, Kumari S, Li X (2017) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimedia Syst 23:195–205
Srinivas J, Mishra D, Mukhopadhyay S (2017) A mutual authentication framework for wireless medical sensor networks. J Med Syst 41:1–19
Moazami F, Safkhani M (2022) TBGODP^+ TBGODP+: improvement of TBGODP, a time bound group ownership delegation protocol. J Amb Intell Human Comput 1–20
Shao X, Guo Y, Guo Y (2022) A PUF-based anonymous authentication protocol for wireless medical sensor networks. Wireless Netw 28(8):3753–3770
Wazid M, Das AK, Kumar N, Vasilakos AV (2019) Design of secure key management and user authentication scheme for fog computing services. Futur Gener Comput Syst 91:475–492
Jia X, He D, Kumar N, Choo KKR (2019) Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Netw 25:4737–4750
Naoui S, Elhdhili ME, Saidane LA (2019) Lightweight and secure password based smart home authentication protocol: LSP-SHAP. J Netw Syst Manage 27:1020–1042
Sharma G, Bala S, Verma AK (2012) Security frameworks for wireless sensor networks-review. Procedia Technol 6:978–987
Fatima MN, Obaidat MS, Mahmood K, Shamshad S, Saleem MA, Ayub MF (2023) Privacy-Preserving Three-Factor Authentication Protocol for Wireless Sensor Networks Deployed in Agricultural Field. ACM Transact Sens Netw
Shamshad S, Ayub MF, Mahmood K, Kumari S, Chaudhry SA, Chen CM (2022) An enhanced scheme for mutual authentication for healthcare services. Digital Communications and Networks 8(2):150–161
Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2–6, 2004. Proceedings 23:523–540. Springer Berlin Heidelberg
Ramli SN, Ahmad R, Abdollah MF, Dutkiewicz E (2013) A biometric-based security for data authentication in wireless body area network (wban). In 2013 15th Int Conf Adv Commun Technol (ICACT) 998–1001. IEEE
Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuéllar J, Vigneron L (2005) The AVISPA tool for the automated validation of internet security protocols and applications. In Computer Aided Verification: 17th International Conference, CAV 2005, Edinburgh, Scotland, UK, July 6–10 (2005) Proceedings 17. Springer, Berlin Heidelberg 281–285
Avispa S (2019) the Security Protocol ANimator for AVISPA
Funding
This research did not receive any specific funding and it is carried out as part of the employment and higher degree of the authors.
Author information
Authors and Affiliations
Contributions
The proposed concept was created by Rituparna Paul, Shanvendra Rai, and Subhasish Banerjee. The calculations and theoretical development were done by Rituparna Paul, Shanvendra Rai, and Subhasish Banerjee. Subhasish Banerjee and Preetisudha Meher verified the analytical methods and supervised the results of this study and encouraged Rituparna Paul and Shanvendra Rai to research for the efficient techniques and find some solutions to secure WSN. Each author added to the final manuscript and discussed the results.
Corresponding author
Ethics declarations
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Consent to Publish
I, Rituparna Paul, on behalf of all co-authors listed in the manuscript grant my consent to publish the manuscript titled “A Robust Smart Card-based Authentication and Key Agreement Scheme for WSN using Fuzzy Extractor” in your reputed journal.
Competing interest
The authors declare no competing interests.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the Topical Collection on: Special Issue on 2 - Track on Security and Privacy
Guest Editor: Rongxing Lu
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Paul, R., Rai, S., Banerjee, S. et al. A Robust Smart Card based Authentication and Key Agreement Scheme for WSN using Fuzzy Extractor. Peer-to-Peer Netw. Appl. 17, 432–450 (2024). https://doi.org/10.1007/s12083-023-01583-w
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-023-01583-w