Abstract
In modern, wireless sensor networks (WSNs) stand for the next evolutionary and innovative development step in utilities, industrial, building, home, shipboard, and transportation systems automation. The feature of WSNs is easy to deploy and has wide range of applications. Therefore, in distributed and unattended locations, WSNs are deployed to allow a legitimated user to login to the network and access data. Consequently, the authentication between users and sensor nodes has become one of the important security issues. In 2009, M. L. Das proposed a two-factor authentication for WSNs. Based on one-way hash function and exclusive-OR operation, the scheme is well-suited for resource constrained environments. Later, Khan and Algahathbar pointed out the flaws and vulnerabilities of Das’s scheme and proposed an alternative scheme. However, Vaidya et al. found that both Das’s and Khan–Algahathbar’s schemes are vulnerable to various attacks including stolen smart card attacks. Further, Vaidya et al. proposed an improved two-factor user authentication to overcome the security weakness of both schemes. In this paper, we show that Vaidya et al.’s scheme still exposes to a malicious insider attack that seriously threatens the security of WSNs. Furthermore, we propose an improve scheme that mends those vulnerabilities.
Similar content being viewed by others
References
Jain, M. K. (2011). Wireless sensor networks: Security issues and challenges. International Journal of Computer and Information Technology, 2(1), 62–67.
Lewis, F. (2004). Smart environments: Technologies, protocols, and application. In D. J. Cook & S. K. Das (Eds.), Wireless sensor networks. New York: Wiley.
Chong, C. Y., & Kumar, S. (2003). Sensor networks: Evolution, opportunities and challenges. Proceedings of IEEE, 91(8), 1247–1256.
IEEE Std 802.15.4-2006, Part 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (LR-WPANs), 2006.
IEEE, WPAN Task Group 6. http://www.ieee802.org/15/pub/TG6.html.
IEEE Std 802.15.4-2003, Institute of Electrical and Electronics Engineers Inc, 1 October 2003.
IEEE802.15.4 WPANTaskGroup4(TG4). http://ieee802.org/15/pub/TG4.html.
Kinney, P. (2010). ZigBee technology: Wireless control that simply works. http://www.zigbee.org/en/press_kits/2009_12_16/documents/white_papers/wp_zigbeetechwireless_final.pdf Accessed on June 2010.
Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8, 1086–1090.
Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.
Vaidya, B., Makrakis, D., & Mouftah, H. T. (2010). Improved two-factor user authentication in wireless sensor networks. In IEEE 6th international conference on wireless and mobile computing, networking and communications (WiMob), 2000 (pp. 600–606)
He, D., Ma, M., Zhang, Y., & Chen, C. (2011). A strong user authentication scheme with smart cards for wireless communications. Computer Communications, 34(3), 367–374.
Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.
Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Proceedings of Advances in Cryptology (Crypto’99) (pp. 388–397). Santa Barbara, USA.
Author information
Authors and Affiliations
Corresponding author
Additional information
Part of this paper has been presented in 9th IEEE International Wireless Communications and Mobile Computing Conference (IEEE IWCMC 2013).
Rights and permissions
About this article
Cite this article
Hsieh, WB., Leu, JS. A Robust User Authentication Scheme Using Dynamic Identity in Wireless Sensor Networks. Wireless Pers Commun 77, 979–989 (2014). https://doi.org/10.1007/s11277-013-1547-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-013-1547-4