Skip to main content
Log in

Improvement of a User Authentication Scheme for Wireless Sensor Networks Based on Internet of Things Security

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The internet of things (IoT) is the network of physical devices embedded with types of equipment which enables them to connect and exchange data. The IoT will provide an excellent chance for the integration of the physical world into computer-based systems. Wireless sensor networks (WSNs) are considered as a critical component of IoT networks, and user authentication is a cardinal issue in WSNs. Recently, Wu et al. (J Ambient Intell Humaniz Comput 8(1):101–116, 2017) proposed a new user authentication scheme for wireless sensor networks based on the Internet of Things security. This scheme is more valuable. Because it does not uses timestamps. Also, it provides strong forward security, it can resist the de-synchronization problem, and it is efficient. Unfortunately, in this paper, we will prove that Wu et al.’s scheme is vulnerable to user impersonation attack, gateway impersonation attack, man-in-the-middle attack, and sensor impersonation attack. Furthermore, we show that this scheme can not guarantee user anonymity. It is much worth to design a new security protocol with the same advantages as those of Wu et al.’s scheme. Therefore, we have put forward some improvements to dominate the weaknesses of Wu et al.’s protocol. We use the random oracle model to demonstrate the formal proof, and the security verification tool Proverif to demonstrate that the proposal can satisfy security and authentication features. The performance analysis and simulation results by NS2 indicate that the proposed protocol is efficient.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Sutrala, A. K., Das, A. K., Kumar, N., Reddy, A. G., Vasilakos, A. V., & Rodrigues, J. J. P. C. (2018). On the design of secure user authenticated key management scheme for multigateway-based wireless sensor networks using ECC. International Journal of Communication Systems, 31(8), e3514.

    Google Scholar 

  2. Luo, M., Wen, Y., & Hu, X. (2019). Practical data transmission scheme for wireless sensor networks in heterogeneous IoT environment. Wireless Personal Communications, 109, 1–15.

    Google Scholar 

  3. Xu, L. D., He, W., & Li, S. (2014). Internet of things in industries: A survey. IEEE Transactions on Industrial Informatics, 10(4), 2233–2243.

    Google Scholar 

  4. Feng, X., Yan, F., & Liu, X. (2019). Study of wireless communication technologies on internet of things for precision agriculture. Wireless Personal Communications, 108, 1–18.

    Google Scholar 

  5. Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Networks, 20, 96–112.

    Google Scholar 

  6. Srinivas, J., Mishra, D., Mukhopadhyay, S., & Kumari, S. (2017). Provably secure biometric based authentication and key agreement protocol for wireless sensor networks. Journal of Ambient Intelligence and Humanized Computing, 9, 1–21.

    Google Scholar 

  7. Wu, F., Lili, X., Kumari, S., & Li, X. (2017). A privacy-preserving and provable user authentication scheme for wireless sensor networks based on internet of things security. Journal of Ambient Intelligence and Humanized Computing, 8(1), 101–116.

    Google Scholar 

  8. Jabbari, A., & Mohasefi, J. B. (2019). Improvement in new three-party-authenticated key agreement scheme based on chaotic maps without password table. Nonlinear Dynamics, 95, 1–15.

    MATH  Google Scholar 

  9. Tsai, J.-L., & Lo, N.-W. (2015). Provably secure and efficient anonymous id-based authentication protocol for mobile devices using bilinear pairings. Wireless Personal Communications, 83(2), 1273–1286.

    Google Scholar 

  10. Bakhtiari-Chehelcheshmeh, S., & Hosseinzadeh, M. (2017). A new certificateless and secure authentication scheme for ad hoc networks. Wireless Personal Communications, 94(4), 2833–2851.

    Google Scholar 

  11. Hsu, C.-L., Chuang, Y.-H., & Kuo, C.-L. (2015). A novel remote user authentication scheme from bilinear pairings via internet. Wireless Personal Communications, 83(1), 163–174.

    Google Scholar 

  12. Sahoo, S. S., Mohanty, S., & Majhi, B. (2019). Improved biometric-based mutual authentication and key agreement scheme using ECC. Wireless Personal Communications, 111, 1–27.

    Google Scholar 

  13. Jin, W. B. (2019). On the secure design of hash-based authenticator in the smartcard authentication system. Wireless Personal Communications, 109(4), 2329–2352.

    Google Scholar 

  14. Kumari, S., & Renuka, K. (2019). Design of a password authentication and key agreement scheme to access e-healthcare services. Wireless Personal Communications,. https://doi.org/10.1007/s11277-019-06755-71.

    Article  Google Scholar 

  15. Zhu, H., & Geng, S. (2019). A three-party dynamic identity-based authenticated key exchange protocol with forward anonymity. Wireless Personal Communications, 109(3), 1911–1924.

    Google Scholar 

  16. Song, T., Li, R., Mei, B., Jiguo, Y., Xing, X., & Cheng, X. (2017). A privacy preserving communication protocol for IoT applications in smart homes. IEEE Internet of Things Journal, 4(6), 1844–1852.

    Google Scholar 

  17. Naoui, S., Elhdhili, M. E., & Saidane, L. A. (2019). Novel enhanced LoRaWAN framework for smart home remote control security. Wireless Personal Communications, 110, 1–22.

    Google Scholar 

  18. Gope, P., & Hwang, T. (2016). BSN-Care: A secure IoT-based modern healthcare system using body sensor network. IEEE Sensors Journal, 16(5), 1368–1376.

    Google Scholar 

  19. Mohammedi, M., Omar, M., & Bouabdallah, A. (2017). Secure and lightweight remote patient authentication scheme with biometric inputs for mobile healthcare environments. Journal of Ambient Intelligence and Humanized Computing, 9, 1–13.

    Google Scholar 

  20. Ma, M., He, D., Kumar, N., Choo, K.-K. R., & Chen, J. (2018). Certificateless searchable public key encryption scheme for industrial internet of things. IEEE Transactions on Industrial Informatics, 14(2), 759–767.

    Google Scholar 

  21. Li, X., Peng, J., Niu, J., Wu, F., Liao, J., & Choo, K. K. R. (2018). A robust and energy efficient authentication protocol for industrial internet of things. IEEE Internet of Things Journal, 5(3), 1606–1615.

    Google Scholar 

  22. Iglesias-Urkia, M., Orive, A., Urbieta, A., & Casado-Mansilla, D. (2019). Analysis of CoAP implementations for industrial internet of things: A survey. Journal of Ambient Intelligence and Humanized Computing, 10(7), 2505–2518.

    Google Scholar 

  23. Geetha, R., Madhusudhan, V., Padmavathy, T., & Lallithasree, A. (2019). A light weight secure communication scheme for wireless sensor networks. Wireless Personal Communications, 108(3), 1957–1976.

    Google Scholar 

  24. Liu, Y., & Yuanming, W. (2019). A key pre-distribution scheme based on sub-regions for multi-hop wireless sensor networks. Wireless Personal Communications, 109(2), 1161–1180.

    Google Scholar 

  25. Mirvaziri, H., & Hosseini, R. (2020). A novel method for key establishment based on symmetric cryptography in hierarchical wireless sensor networks. Wireless Personal Communications, 112, 1–19.

    Google Scholar 

  26. Watro, R., Kong, D., Cuti, S.-F., Gardiner, C., Lynn, C., & Kruus P. (2004). TinyPK: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks (pp. 59–64). ACM.

  27. Manik, L. D. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.

    Google Scholar 

  28. He, D., Gao, Y., Chan, S., Chen, C., & Jiajun, B. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 10(4), 361–371.

    Google Scholar 

  29. Muhammad, K. K., & Khaled, A. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.

    Google Scholar 

  30. Chen, T.-H., & Shih, W.-K. (2010). A robust mutual authentication protocol for wireless sensor networks. ETRI Journal, 32(5), 704–712.

    Google Scholar 

  31. Vaidya, B., Makrakis, D., & Mouftah, H. T.(2010). Improved two-factor user authentication in wireless sensor networks. In 2010 IEEE 6th international conference on wireless and mobile computing, networking and communications (WiMob) (pp. 600–606). IEEE.

  32. Yoon, E.-J., and Yoo Kee-Young .(2011). Cryptanalysis of robust mutual authentication protocol for wireless sensor networks. In Cognitive Informatics & Cognitive Computing (ICCI* CC), 2011 10th IEEE International Conference on, pages 392–396. IEEE,

  33. Kumar Pardeep, and Lee Hoon-Jae.(2011). Cryptanalysis on two user authentication protocols using smart card for wireless sensor networks. In Wireless Advanced (WiAd), 2011, pages 241–245. IEEE,

  34. Yeh, H.-L., Chen, T.-H., Liu, P.-C., Kim, T.-H., & Wei, H.-W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.

    Google Scholar 

  35. Han, W. (2011). Weakness of a secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 293(01), 2011.

    Google Scholar 

  36. Shi, W., & Gong, P. (2013). A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. International Journal of Distributed Sensor Networks, 9(4), 730831.

    Google Scholar 

  37. Choi, Y., Lee, D., Kim, J., Jung, J., Nam, J., & Won, D. (2014). Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 14(6), 10081–10106.

    Google Scholar 

  38. Farash, M. S., Turkanović, M., Kumari, S., & Ölbl, M. H. (2016). An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Networks, 36, 152–176.

    Google Scholar 

  39. Chang, C.-C., & Le, H.-D. (2016). A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Transactions on Wireless Communications, 15(1), 357–366.

    MathSciNet  Google Scholar 

  40. Fan, W., Lili, X., Kumari, S., & Li, X. (2017). A new and secure authentication scheme for wireless sensor networks with formal proof. Peer-to-Peer Networking and Applications, 10(1), 16–30.

    Google Scholar 

  41. Mohammad, W., Kumar, D. A., Vanga, O., Neeraj, K., Mauro, C., & Minho, J. (2018). Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet of Things Journal, 5(1), 269–282.

    Google Scholar 

  42. Kakali, C. (2019). An improved authentication protocol for wireless body sensor networks applied in healthcare applications. Wireless Personal Communications, 111, 1–19.

    Google Scholar 

  43. Sasikaladevi, N., & Malathi, D. (2019). Energy efficient lightweight mutual authentication protocol (REAP) for MBAN based on Genus-2 hyper-elliptic curve. Wireless Personal Communications, 109, 1–18.

    Google Scholar 

  44. Hsieh, J.-S., & Leu, W.-B. (2014). A robust user authentication scheme using dynamic identity in wireless sensor networks. Wireless Personal Communications, 77, 979–989.

    Google Scholar 

  45. Nikravan, M., & Reza, A. (2020). A multi-factor user authentication and key agreement protocol based on bilinear pairing for the internet of things. Wireless Personal Communications, 111(1), 463–494.

    Google Scholar 

  46. Zeng, X., Guangquan, X., Zheng, X., Xiang, Y., & Zhou, W. (2018). E-AUA: An efficient anonymous user authentication protocol for mobile IoT. IEEE Internet of Things Journal, 6(2), 1506–1519.

    Google Scholar 

  47. Chaudhry, S. A., Naqvi, H., Farash, M. S., Shon, T., & Sher, M. (2018). An improved and robust biometrics-based three factor authentication scheme for multiserver environments. The Journal of Supercomputing, 74(8), 3504–3520.

    Google Scholar 

  48. Xie, Q., Bin, H., & Ting, W. (2015). Improvement of a chaotic maps-based three-party password-authenticated key exchange protocol without using server’s public key and smart card. Nonlinear Dynamics, 79(4), 2345–2358.

    MathSciNet  MATH  Google Scholar 

  49. Kumar, D., Chand, S., & Kumar, B. (2019). Cryptanalysis and improvement of an authentication protocol for wireless sensor networks applications like safety monitoring in coal mines. Journal of Ambient Intelligence and Humanized Computing, 10(2), 641–660.

    Google Scholar 

  50. He, D., Kumar, N., Lee, J.-H., & Sherratt, R. S. (2014). Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Transactions on Consumer Electronics, 60(1), 30–37.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to J. B. Mohasefi.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jabbari, A., Mohasefi, J.B. Improvement of a User Authentication Scheme for Wireless Sensor Networks Based on Internet of Things Security. Wireless Pers Commun 116, 2565–2591 (2021). https://doi.org/10.1007/s11277-020-07811-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07811-3

Keywords

Navigation