One of the great application of user authentication and key agreement protocol is to access sensor information securely over the insecure networks. Recently, Kalra and Sood proposed an efficient smart card based authentication protocol to exchange confidential information securely between the user and sensor node. We review the security of Kalra and Sood scheme and observe that their scheme is vulnerable to stolen smart card attack, stolen verifier attack and impersonation attack. The entire analysis indicates that there is a need of secure and user-friendly authentication mechanism for wireless sensor networks (WSNs). To ensure secure communication in WSNs, we improve the security of the authentication mechanism for WSNs. The main intention of this paper is to confiscate the mentioned security attacks by proposing an efficient authentication protocol using smart card. To validate security attributes, we have used well-popular AVISPA simulation tool whose results shows that the proposed protocol is SAFE under OFMC and CL-AtSe models. Further, the performance analysis shows its efficiency.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Price includes VAT for USA
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
This is the net price. Taxes to be calculated in checkout.
Amin, R., & Biswas, G. P. (2016). A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Networks, 36, 58–80.
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., Drielsma, P. H., Héam, P.-C., Kouchnarenko, O., & Mantovani, J., et al. (2005). The avispa tool for the automated validation of internet security protocols and applications. In Computer Aided Verification. Springer, pp. 281–285.
Automated Validation of Internet Security Protocols and Applications. http://www.avispa-project.org/. Accessed on January 2014.
Basin, D., Mödersheim, S., & Vigano, L. (2005). Ofmc: A symbolic model checker for security protocols. International Journal of Information Security, 4(3), 181–208.
Boyd, C., & Mathuria, A. (2003). Protocols for authentication and key establishment. Berlin: Springer.
Chen, T.-H., & Shih, W.-K. (2010). A robust mutual authentication protocol for wireless sensor networks. Etri Journal, 32(5), 704–712.
Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.
Dolev, D., & Yao, A. C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.
Eisenbarth, T. Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., & Shalmani, M. T. M. (2008). On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In Advances in Cryptology-CRYPTO. Springer, 2008, pp. 203–220.
He, D., Kumar, N., & Chilamkurti, N. (2015). A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Information Sciences 321, 263–277. doi:10.1016/j.ins.2015.02.010. http://www.sciencedirect.com/science/article/pii/S0020025515001012.
He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 10(4), 361–371.
He, D., Zhang, Y., & Chen, J. (2014). Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wireless Personal Communications, 74(2), 229–243.
Huang, B., Khan, M., Wu, L., Muhaya, F., & He, D. (2015). An efficient remote user authentication with key agreement scheme using elliptic curve cryptography. Wireless Personal Communications. doi:10.1007/s11277-015-2735-1.
Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition, 37(11), 2245–2255.
Kalra, S., & Sood, S. K. (2015). Advanced password based authentication scheme for wireless sensor networks. Journal of Information Security and Applications, 20, 37–46.
Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.
Kocher, K., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Advances in Cryptology CRYPTO’99. Springer, pp. 388–397.
Maitra, T., Amin, R., Giri, D., & Srivastava, P. D. (2016). An efficient and robust user authentication scheme for hierarchical wireless sensor networks without tamper-proof smart card. International Journal of Network Security, 18(1), 553–564.
Messerges, T. S., Dabbish, E., Sloan, R. H., et al. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.
Mishra, D. (2015). On the security flaws in id-based password authentication schemes for telecare medical information systems. Journal of Medical Systems, 39(1), 1–16.
Mishra, D. (2015). Design and analysis of a provably secure multi-server authentication scheme. Wireless Personal Communications. doi:10.1007/s11277-015-2975-0.
Mishra, D., Das, A. K., & Mukhopadhyay, S. (2014). A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Systems with Applications, 41(18), 8129–8143.
Nanni, L., Brahnam, S., & Lumini, A. (2011). Biohashing applied to orientation-based minutia descriptor for secure fingerprint authentication system. Electronics Letters, 47(15), 851–853.
Nanni, L., & Lumini, A. (2008). Random subspace for an improved biohashing for face authentication. Pattern Recognition Letters, 29(3), 295–300.
Ning, H., & Hu, S. (2012). Technology classification, industry, and education for future internet of things. International Journal of Communication Systems, 25(9), 1230–1241.
Song, R. (2010). Advanced smart card based password authentication protocol. Computer Standards and Interfaces, 32(5), 321–325.
Wander, A. S., Gura, N., Eberle, H., Gupta, V., & Shantz, S. C. (2005). Energy analysis of public-key cryptography for wireless sensor networks. In Third IEEE international conference on pervasive computing and communications, 2005. PerCom 2005, IEEE, pp. 324–328.
Watro, R., Kong, D., Cuti, S. -F., Gardiner, C., Lynn, C., & Kruus, P. (2004). Tinypk: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks, ACM, pp. 59–64.
Wong, K. H., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, 2006, IEEE, Vol. 1, p. 8.
Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.
Xu, J., Zhu, W.-T., & Feng, D.-G. (2009). An improved smart card based password authentication scheme with provable security. Computer Standards and Interfaces, 31(4), 723–728.
Yeh, H.-L., Chen, T.-H., Liu, P.-C., Kim, T.-H., & Wei, H.-W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.
Yick, J., Mukherjee, B., & Ghosal, D. (2008). Wireless sensor network survey. Computer Networks, 52(12), 2292–2330.
About this article
Cite this article
Vorugunti, C.S., Mishra, B., Amin, R. et al. Improving Security of Lightweight Authentication Technique for Heterogeneous Wireless Sensor Networks. Wireless Pers Commun 95, 3141–3166 (2017). https://doi.org/10.1007/s11277-017-3988-7
- Wireless sensor networks