SMAC-AS: MAC Based Secure Authentication Scheme for Wireless Sensor Network

  • Deepti Singh
  • Bijendra Kumar
  • Samayveer SinghEmail author
  • Satish Chand


User authentication is an elementary security prerequisite in resource-constrained wireless sensor networks (WSNs). Recently, Amin et al. presented an anonymity preserving authentication scheme for WSN which is secure against both active and passive attacks. In this paper, we first cryptanalyzed Amin et al. scheme and find that it suffers from the password guessing, impersonation, session key leakage attacks. To address these deficiencies, we propose a secure authentication scheme for wireless sensor network (SMAC-AS) by using MAC function. It additionally uses symmetric encryption and decryption operations for authentication to prevent forgery. We use OTCODE as one time activation code that is more secure than password. The SMAC-AS is a low cost and much faster in practice because it uses light weight MAC function and symmetric operations. Decryption of MAC is not easy. Moreover, SMAC-AS also helps in faster and efficient transmission of the message because of the lightweight function and operations which leads to saving the battery of the sensor nodes. We use BAN logic for authentication proof. The formal security analysis using random oracle model is done to show its efficacy.


User authentication MAC function Session key Security and privacy 



  1. 1.
    Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., & Cayirci, E. (2002). A survey on sensor networks. IEEE Communications Magazine, 40(8), 102–114.CrossRefGoogle Scholar
  2. 2.
    Chand, S., & Kumar, B. (2017). Selective α-coverage based heuristic in wireless sensor networks. Wireless Personal Communications, 97(1), 1623–1636.CrossRefGoogle Scholar
  3. 3.
    Singh, S., Chand, S., & Kumar, B. (2017). Multilevel heterogeneous network model for wireless sensor networks. Telecommunication Systems, 64(2), 259–277.CrossRefGoogle Scholar
  4. 4.
    Al Ameen, M., Liu, J., & Kwak, K. (2012). Security and privacy issues in wireless sensor networks for healthcare applications. Journal of Medical Systems, 36(1), 93–101.CrossRefGoogle Scholar
  5. 5.
    Yuan, J., Jiang, C., & Jiang, Z. (2010). A biometric-based user authentication for wireless sensor networks. Wuhan University Journal of Natural Sciences, 15(3), 272–276.CrossRefGoogle Scholar
  6. 6.
    Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.CrossRefGoogle Scholar
  7. 7.
    Watro, R., Kong, D., Cuti, S. F., Gardiner, C., Lynn, C., & Kruus, P. (2004). TinyPK: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks (pp. 59–64). ACM.Google Scholar
  8. 8.
    Sun, D. Z., Li, J. X., Feng, Z. Y., Cao, Z. F., & Xu, G. Q. (2013). On the security and improvement of a two-factor user authentication scheme in wireless sensor networks. Personal and Ubiquitous Computing, 17(5), 895–905.CrossRefGoogle Scholar
  9. 9.
    Jiang, Q., Ma, J., Lu, X., & Tian, Y. (2015). An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking and Applications, 8(6), 1070–1081.CrossRefGoogle Scholar
  10. 10.
    Fan, R., Ping, L. D., Fu, J. Q., & Pan, X. Z. (2010). A secure and efficient user authentication protocol for two-tiered wireless sensor networks. In Second pacific-Asia conference on circuits, communications and system (PACCS), 2010 (Vol. 1, pp. 425–428). IEEE.Google Scholar
  11. 11.
    Chen, T. H., & Shih, W. K. (2010). A robust mutual authentication protocol for wireless sensor networks. ETRI Journal, 32(5), 704–712.CrossRefGoogle Scholar
  12. 12.
    Amin, R., Islam, S. H., Biswas, G. P., Khan, M. K., Leng, L., & Kumar, N. (2016). Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Computer Networks, 101, 42–62.CrossRefGoogle Scholar
  13. 13.
    Farash, M. S., Turkanović, M., Kumari, S., & Hölbl, M. (2016). An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Networks, 36, 152–176.CrossRefGoogle Scholar
  14. 14.
    Wong, K., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic the user authentication scheme for wireless sensor networks. In: Proceedings of IEEE international conference on sensor networks, ubiquitous, and trustworthy computing (pp. 244–251). IEEE Computer Society.Google Scholar
  15. 15.
    Tseng, H. R., Jan, R. H., & Yang, W. (2007). An improved dynamic user authentication scheme for wireless sensor networks. In Global telecommunications conference, 2007. GLOBECOM’07 (pp. 986–990). IEEE.Google Scholar
  16. 16.
    Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.CrossRefGoogle Scholar
  17. 17.
    He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc & Sensor Wireless Networks, 10(4), 361–371.Google Scholar
  18. 18.
    Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.CrossRefGoogle Scholar
  19. 19.
    Yoo, S. G., Park, K. Y., & Kim, J. (2012). A security-performance-balanced user authentication scheme for wireless sensor networks. International Journal of Distributed Sensor Networks, 8(3), 382810.CrossRefGoogle Scholar
  20. 20.
    Kumari, S., Khan, M. K., & Atiquzzaman, M. (2015). User authentication schemes for wireless sensor networks: A review. Ad Hoc Networks, 27, 159–194.CrossRefGoogle Scholar
  21. 21.
    Kumar, P., Lee, S. G., & Lee, H. J. (2012). E-SAP: Efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors, 12(2), 1625–1647.CrossRefGoogle Scholar
  22. 22.
    He, D., Kumar, N., Chen, J., Lee, C. C., Chilamkurti, N., & Yeo, S. S. (2015). Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Systems, 21(1), 49–60.CrossRefGoogle Scholar
  23. 23.
    Kumar, P., Gurtov, A., Ylianttila, M., Lee, S. G., & Lee, H. (2013). A strong authentication scheme with user privacy for wireless sensor networks. ETRI Journal, 35(5), 889–899.CrossRefGoogle Scholar
  24. 24.
    Bilal, M., & Kang, S. G. (2017). An authentication protocol for future sensor networks. Sensors, 17(5), 979.CrossRefGoogle Scholar
  25. 25.
    Stallings, W. (2006). Cryptography and network security. Upper Saddle River: Prentice-Hall Inc.Google Scholar
  26. 26.
    Burrows, M., & Needham Abadi, R. (1990). A logic of authentication. ACM Transaction Computer System, 8(1), 18–36.CrossRefGoogle Scholar
  27. 27.
    Liu, D. (2005). Security mechanisms for wireless sensor networks. Ph.D. thesis, North Carolina State University, Raleigh, USA.
  28. 28.
    Xu, L., & Wu, F. (2015). Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. Journal of Medical Systems, 39(2), 10.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  • Deepti Singh
    • 1
  • Bijendra Kumar
    • 1
  • Samayveer Singh
    • 2
    Email author
  • Satish Chand
    • 3
  1. 1.Division of Computer EngineeringNetaji Subhas Institute of TechnologyNew DelhiIndia
  2. 2.Department of Computer Science and EngineeringNational Institute of Technology JalandharPunjabIndia
  3. 3.School of Computer and Systems SciencesJawaharlal Nehru UniversityNew DelhiIndia

Personalised recommendations