Wireless Personal Communications

, Volume 107, Issue 1, pp 243–270 | Cite as

An Enhanced and Secure Biometric Based User Authentication Scheme in Wireless Sensor Networks Using Smart Cards

  • Subhasish BanerjeeEmail author
  • Chukhu Chunka
  • Srijon Sen
  • Rajat Subhra Goswami


Over the last two decades, several researchers have recommended many remote user authentication schemes, following since introducing the concept way back in 1981. Researchers are continuously trying to enhance the security in authentication protocols by incorporating the several features into their work. A few years back, Turkanovic et al. (Ad Hoc Netw 20:96–112, 2014) have presented a novel work for authenticating users in IOT environment using smart cards for wireless sensor networks. In this paper, we have demonstrated that their scheme doesn’t resist many possible security threats and have numerous flaws, and also proposed an enhanced and secure biometric-based user authentication technique to overcome their weaknesses. The stated protocol not only overcome from the flaws of Turkanovic et al.’s scheme but also reduce the computation overhead as well. Later, to proving the mutual authentication among the entities and session key secrecy of the proposed scheme has also been verified by ProVerif (2.0) simulation tool.


Biometric Smart card Wireless sensor network Authentication 



  1. 1.
    Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Computer Networks, 54(15), 2787–2805.CrossRefzbMATHGoogle Scholar
  2. 2.
    Prabhu, B., Pradeep, M., & Gajendran, E. (2017). Enhanced battlefield surveillance methodology using wireless sensor network. A Multidisciplinary Journal of Scientific Research and Education, 3(1), 185–190.Google Scholar
  3. 3.
    Al Ameen, M., Liu, J., & Kwak, K. (2012). Security and privacy issues in wireless sensor networks for healthcare applications. Journal of Medical Systems, 36(1), 93–101.CrossRefGoogle Scholar
  4. 4.
    Hou, L., & Bergmann, N. W. (2011). Induction motor fault diagnosis using industrial wireless sensor networks and Dempster-Shafer classifier fusion. In IECON 2011-37th annual conference on IEEE industrial electronics society (pp. 2992–2997). IEEE.Google Scholar
  5. 5.
    Bottero, M., Dalla Chiara, B., & Deflorio, F. P. (2013). Wireless sensor networks for traffic monitoring in a logistic centre. Transportation Research Part C: Emerging Technologies, 26, 99–124.CrossRefGoogle Scholar
  6. 6.
    Ramesh, M. V. (2014). Design, development, and deployment of a wireless sensor network for detection of landslides. Ad Hoc Networks, 13, 2–18.CrossRefGoogle Scholar
  7. 7.
    Dong, X., Vuran, M. C., & Irmak, S. (2013). Autonomous precision agriculture through integration of wireless underground sensor networks with center pivot irrigation systems. Ad Hoc Networks, 11(7), 1975–1987.CrossRefGoogle Scholar
  8. 8.
    Bindu, C. S., Reddy, P. C. S., & Satyanarayana, B. (2008). Improved remote user authentication scheme preserving user anonymity. International Journal of Computer Science and Network Security, 8(3), 62–66.Google Scholar
  9. 9.
    Lin, C. W., Tsai, C. S., & Hwang, M. S. (2006). A new strong-password authentication scheme using one-way hash functions. Journal of Computer and Systems Sciences International, 45(4), 623–626.MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Das, M. L., Saxena, A., & Gulati, V. P. (2004). A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2), 629–631.CrossRefGoogle Scholar
  11. 11.
    Das, A. K. (2011). Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Information Security, 5(3), 145–151.CrossRefGoogle Scholar
  12. 12.
    Chang, C. C., Chang, S. C., & Lai, Y. W. (2010). An improved biometrics-based user authentication scheme without concurrency system. International Journal of Intelligent Information Processing, 1(1), 41–49.CrossRefGoogle Scholar
  13. 13.
    An, Y. (2012). Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards. BioMed Research International, 2012, 1–6.Google Scholar
  14. 14.
    Perrig, A., Stankovic, J., & Wagner, D. (2004). Security in wireless sensor networks. Communications of the ACM, 47(6), 53–57.CrossRefGoogle Scholar
  15. 15.
    Biswas, S., & Adhikari, S. (2015). A survey of security attacks, defenses and security mechanisms in wireless sensor network. International Journal of Computer Applications, 131(17), 28–35.CrossRefGoogle Scholar
  16. 16.
    Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks, 20, 96–112.CrossRefGoogle Scholar
  17. 17.
    Ngai, E. C. H., Liu, J., & Michael, R. L. (2017). An efficient intruder detection algorithm against sinkhole attacks in wireless sensor networks. Computer Communication, 30(11–12), 2353–2364.Google Scholar
  18. 18.
    Fayoumi, M. A., Ahmad, Y., & Tari, U. (2016). A heterogeneous framework to detect intruder attacks in wireless sensor networks. International Journal of Advanced Computer Science and Applications, 7(12), 52–58.Google Scholar
  19. 19.
    Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Kocher, P., Jaffe, J., Jun, B., & Rohatgi, P. (2011). Introduction to differential power analysis. Journal of Cryptographic Engineering, 1(1), 5–27.CrossRefGoogle Scholar
  21. 21.
    Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Mrdovic, S., & Perunicic, B. (2008). Kerckhoffs’ principle for intrusion detection. In Telecommunications network strategy and planning symposium, 2008. Networks 2008. The 13th international (pp. 1–8). IEEE.Google Scholar
  23. 23.
    Naor, M., & Yung, M. (1989). Universal one-way hash functions and their cryptographic applications. In Proceedings of the 21st annual ACM symposium on theory of computing (pp. 33–43). ACM.Google Scholar
  24. 24.
    Jin, A. T. B., Ling, D. N. C., & Goh, A. (2004). Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition, 37(11), 2245–2255.CrossRefGoogle Scholar
  25. 25.
    Watro, R., Kong, D., Cuti, S.F., Gardiner, C., Lynn, C., & Kruus, P. (2004). TinyPK: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks (pp. 59–64). ACM.Google Scholar
  26. 26.
    Wong, K. H., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In IEEE international conference on sensor networks, ubiquitous, and trustworthy computing (pp. 318–327). ACM.Google Scholar
  27. 27.
    Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.CrossRefGoogle Scholar
  28. 28.
    He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 10(4), 361–371.Google Scholar
  29. 29.
    Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.CrossRefGoogle Scholar
  30. 30.
    Chen, T. H., & Shih, W. K. (2010). A robust mutual authentication protocol for wireless sensor networks. ETRI Journal, 32(5), 704–712.CrossRefGoogle Scholar
  31. 31.
    Yeh, H. L., Chen, T. H., Liu, P. C., Kim, T. H., & Wei, H. W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.CrossRefGoogle Scholar
  32. 32.
    Xue, K., Ma, C., Hong, P., & Ding, R. (2012). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.CrossRefGoogle Scholar
  33. 33.
    Ruan, Z., Sun, X., & Liang, W. (2013). Securing sensor data storage and query based on k-out-of-n coding. International Journal of Communication Systems, 26(5), 549–566.CrossRefGoogle Scholar
  34. 34.
    He, D., & Wang, D. (2015). Robust biometrics-based authentication scheme for multiserver environment. IEEE Systems Journal, 9(3), 816–823.CrossRefGoogle Scholar
  35. 35.
    Odelu, V., Das, A. K., & Goswami, A. (2015). A secure biometrics-based multi-Server authentication protocol using smart cards. IEEE Transactions on Information Forensics and Security, 10(9), 1953–1966.CrossRefGoogle Scholar
  36. 36.
    Li, X., Niu, J., Kumari, S., et al. (2015). An enhancement of a smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 80(1), 175–192.CrossRefGoogle Scholar
  37. 37.
    Blanchet, B. (2001). An efficient cryptographic protocol verifier based on prolog rules. In Proceedings of IEEE Computer Society Foundation (CSFW) (pp. 82–96).Google Scholar
  38. 38.
    Das, A. K., Sharma, P., Chatterjee, S., & Sing, J. K. (2012). A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications, 35(5), 1646–1656.CrossRefGoogle Scholar
  39. 39.
    Wireless Measurement System. Crossbow: EOL, Crossbow technology, I. MICA 2.Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  • Subhasish Banerjee
    • 1
    Email author
  • Chukhu Chunka
    • 1
  • Srijon Sen
    • 2
  • Rajat Subhra Goswami
    • 1
  1. 1.Department of Computer Science and EngineeringNational Institute of Technology, Arunachal PradeshYupia, Papum PareIndia
  2. 2.IBMBangaloreIndia

Personalised recommendations