Skip to main content
SpringerLink
Log in

An Improved Multifactor User Authentication Scheme for Wireless Sensor Networks

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Wireless Sensor Networks (WSNs) are used to collect and transmitted the data in various applications from normal to those which requires significant security issues. Only legitimate users can get access to the data a secure and efficient user authentication scheme is required. As a part of this study, we analyze three recently proposed user authentication and session key establishment schemes for WSNs and shows their weaknesses. To remove the weaknesses of these schemes, we propose an improved user authentication and session key agreement scheme using keyed fuzzy extractors and Chebyshev chaotic maps. We use Burrows-Abadi-Needham logic analysis to exhibit that the proposed scheme ensures mutual authentication and establishes a session key between user and sensor node. We also use scyther tool to exhibit that the designed scheme offers all scurity features and resist all known attacks. The performance comparison exhibits that the proposed scheme is robust and efficient than other concerned schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., & Cayirci, E. (2002). Wireless sensor networks: A survey. Computer Networks, 38(4), 393–422.

    Google Scholar 

  2. Alotaibi, M. (2018). An enhanced symmetric cryptosystem and biometric-based anonymous user authentication and session key establishment scheme for wsn. IEEE Access, 6, 70072–70087.

    Google Scholar 

  3. Amin, R., & Biswas, G. (2016). A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Networks, 36, 58–80.

    Google Scholar 

  4. Amin, R., Islam, S. H., Kumar, N., & Choo, K. K. R. (2018). An untraceable and anonymous password authentication protocol for heterogeneous wireless sensor networks. Journal of Network and Computer Applications, 104, 133–144.

    Google Scholar 

  5. Benenson, Z., Gärtner, F. C., Kesdogan, D. (2004). User authentication in sensor networks. In GI Jahrestagung (2), Citeseer, pp 385–389.

  6. Benenson, Z., Gedicke, N., & Raivio, O. (2005). Realizing robust user authentication in sensor networks. Real-World Wireless Sensor Networks (REALWSN), 14, 52.

    Google Scholar 

  7. Burrows, M., Abadi, M., & Needham, R. M. (1989). A logic of authentication. Proceedings of the Royal Society of London A Mathematical and Physical Sciences, 426(1871), 233–271.

    MathSciNet  MATH  Google Scholar 

  8. Canetti, R., & Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. In International Conference on the Theory and Applications of Cryptographic Techniques, Springer, pp 453–474.

  9. Chang, C. C., & Le, H. D. (2015). A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Transactions on Wireless Communications, 15(1), 357–366.

    Google Scholar 

  10. Cremers, C. (2014). Scyther user manual-draft february, 18, 2014.

  11. Das, A. K. (2016). A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-peer Networking and Applications, 9(1), 223–244.

    Google Scholar 

  12. Das, A. K., Sharma, P., Chatterjee, S., & Sing, J. K. (2012). A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications, 35(5), 1646–1656.

    Google Scholar 

  13. Das, A. K., Kumari, S., Odelu, V., Li, X., Wu, F., & Huang, X. (2016). Provably secure user authentication and key agreement scheme for wireless sensor networks. Security and Communication Networks, 9(16), 3670–3687.

    Google Scholar 

  14. Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.

    Google Scholar 

  15. Dodis, Y., Kanukurthi, B., Katz, J., Reyzin, L., & Smith, A. (2012). Robust fuzzy extractors and authenticated key agreement from close secrets. IEEE Transactions on Information Theory, 58(9), 6207–6222.

    MathSciNet  MATH  Google Scholar 

  16. Fan, R., Dj, He., Xz, Pan, et al. (2011). An efficient and dos-resistant user authentication scheme for two-tiered wireless sensor networks. Journal of Zhejiang University SCIENCE C, 12(7), 550–560.

    Google Scholar 

  17. Farash, M. S., Turkanović, M., Kumari, S., & Hölbl, M. (2016). An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Networks, 36, 152–176.

    Google Scholar 

  18. He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad hoc & Sensor Wireless Networks, 10(4), 361–371.

    Google Scholar 

  19. He, J., Yang, Z., Zhang, J., Liu, W., & Liu, C. (2018). On the security of a provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. International Journal of Distributed Sensor Networks, 14(1), 1550147718756311.

    Google Scholar 

  20. Jiang, Q., Ma, J., Lu, X., & Tian, Y. (2015). An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-peer Networking and Applications, 8(6), 1070–1081.

    Google Scholar 

  21. Jung, J., Kim, J., Choi, Y., & Won, D. (2016). An anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in wireless sensor networks. Sensors, 16(8), 1299.

    Google Scholar 

  22. Kalra, S., & Sood, S. K. (2015). Advanced password based authentication scheme for wireless sensor networks. Journal of Information Security and Applications, 20, 37–46.

    Google Scholar 

  23. Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks. Sensors, 10(3), 2450–2459.

    Google Scholar 

  24. Ko, L. C. (2008). A novel dynamic user authentication scheme for wireless sensor networks. In 2008 IEEE International Symposium on Wireless Communication Systems, IEEE, pp 608–612.

  25. Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Annual International Cryptology Conference, Springer, pp 388–397.

  26. Kumar, P., & Lee, H. J. (2011). Cryptanalysis on two user authentication protocols using smart card for wireless sensor networks. In 2011 Wireless Advanced, IEEE, pp 241–245.

  27. Kumari, S., & Renuka, K. (2020). A provably secure biometrics and ecc-based authentication and key agreement scheme for wsns. International Journal of Communication Systems, 33(3), e4194.

    Google Scholar 

  28. Kumari, S., Li, X., Wu, F., Das, A. K., Arshad, H., & Khan, M. K. (2016). A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps. Future Generation Computer Systems, 63, 56–75.

    Google Scholar 

  29. Li, C. T., Weng, C. Y., & Lee, C. C. (2013). An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks. Sensors, 13(8), 9589–9603.

    Google Scholar 

  30. Li, W., Li, B., Zhao, Y., Wang, P., & Wei, F. (2018). Cryptanalysis and security enhancement of three authentication schemes in wireless sensor networks. Wireless Communications and Mobile Computing 2018.

  31. Li, X., Niu, J., Bhuiyan, M. Z. A., Wu, F., Karuppiah, M., & Kumari, S. (2017). A robust ecc-based provable secure authentication protocol with privacy preserving for industrial internet of things. IEEE Transactions on Industrial Informatics, 14(8), 3599–3609.

    Google Scholar 

  32. Li, X., Niu, J., Kumari, S., Wu, F., Sangaiah, A. K., & Choo, K. K. R. (2018). A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. Journal of Network and Computer Applications, 103, 194–204.

    Google Scholar 

  33. Maitra, T., Amin, R., Giri, D., & Srivastava, P. (2016). An efficient and robust user authentication scheme for hierarchical wireless sensor networks without tamper-proof smart card. IJ Network Security, 18(3), 553–564.

    Google Scholar 

  34. Mason, J. C., & Handscomb, D. C. (2002). Chebyshev polynomials. Chapman and Hall/CRC.

  35. Mnif, A., Cheikhrouhou, O., & Jemaa, M. B. (2011). An id-based user authentication scheme for wireless sensor networks using ecc. In ICM 2011 Proceeding, IEEE, pp 1–9.

  36. Nyang, D., & Lee, M. K. (2009). Improvement of dass two-factor authentication protocol in wireless sensor networks. IACR Cryptology ePrint Archive, 2009, 631.

    Google Scholar 

  37. Roy, S., Chatterjee, S., Das, A. K., Chattopadhyay, S., Kumari, S., & Jo, M. (2017). Chaotic map-based anonymous user authentication scheme with user biometrics and fuzzy extractor for crowdsourcing internet of things. IEEE Internet of Things Journal, 5(4), 2884–2895.

    Google Scholar 

  38. Santos-González, I., Rivero-García, A., Burmester, M., Munilla, J., & Caballero-Gil, P. (2020). Secure lightweight password authenticated key exchange for heterogeneous wireless sensor networks. Information Systems, 88, 101423.

    Google Scholar 

  39. Singh, A., Awasthi, A. K., & Singh, K. (2017). Cryptanalysis and improvement in user authentication and key agreement scheme for wireless sensor network. Wireless Personal Communications, 94(3), 1881–1898.

    Google Scholar 

  40. Srinivas, J., Das, A. K., Wazid, M., & Kumar, N. (2018). Anonymous lightweight chaotic map-based authenticated key agreement protocol for industrial internet of things. IEEE Transactions on Dependable and Secure Computing

  41. Tseng, H. R., Jan, R. H., & Yang, W. (2007). An improved dynamic user authentication scheme for wireless sensor networks. In IEEE GLOBECOM 2007-IEEE Global Telecommunications Conference, IEEE, pp 986–990.

  42. Turkanovic, M., & Holbl, M. (2013). An improved dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Elektronika ir Elektrotechnika, 19(6), 109–116.

    Google Scholar 

  43. Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Networks, 20, 96–112.

    Google Scholar 

  44. Vaidya, B., Makrakis, D., & Mouftah, H. T. (2010). Improved two-factor user authentication in wireless sensor networks. 2010 IEEE 6th International Conference on Wireless and Mobile Computing (pp. 600–606). IEEE: Networking and Communications.

  45. Vaidya, B., Rodrigues, J. J., & Park, J. H. (2010). User authentication schemes with pseudonymity for ubiquitous sensor network in ngn. International Journal of Communication Systems, 23(9–10), 1201–1222.

    Google Scholar 

  46. Wang, D., & Wang, P. (2014). On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions. Computer Networks, 73, 41–57.

    Google Scholar 

  47. Wang, D., & Wang, P. (2014). Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Networks, 20, 1–15.

    Google Scholar 

  48. Wang, D., Wang, P., & Wang, C. (2020). Efficient multi-factor user authentication protocol with forward secrecy for real-time data access in wsns. ACM Transactions on Cyber-Physical Systems, 4(3), 1–26.

    Google Scholar 

  49. Wong, K. H., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC’06), IEEE, vol 1, pp 8–pp.

  50. Xiong, L., Peng, D., Peng, T., Liang, H., & Liu, Z. (2017). A lightweight anonymous authentication protocol with perfect forward secrecy for wireless sensor networks. Sensors, 17(11), 2681.

    Google Scholar 

  51. Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.

    Google Scholar 

  52. Yoo, S. G., Park, K. Y., & Kim, J. (2012). A security-performance-balanced user authentication scheme for wireless sensor networks. International Journal of Distributed Sensor Networks, 8(3), 382810.

    Google Scholar 

  53. Yuan, J., Jiang, C., & Jiang, Z. (2010). A biometric-based user authentication for wireless sensor networks. Wuhan University Journal of Natural Sciences, 15(3), 272–276.

    Google Scholar 

  54. Yuan, J. J. (2014). An enhanced two-factor user authentication in wireless sensor networks. Telecommunication Systems, 55(1), 105–113.

    Google Scholar 

Download references

Acknowledgements

On behalf of all the co-authors, I confirm that the manuscript is the authors’ original work and the manuscript has not received prior publication and is not under consideration for publication elsewhere.

Funding

This work not received any external funding.

Author information

Authors and Affiliations

  1. Department of Mathematics, M M Degree College, Khekra, Uttar Pradesh, India

    Gaurav Tyagi

  2. Department of Mathematics, SSV(P.G.) College, Hapur, Uttar Pradesh, India

    Rahul Kumar

Authors
  1. Gaurav Tyagi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rahul Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

Gaurav analyzed three recently proposed schemes, proposed an enhanced scheme and then gave it’s formal and informal security analysis; conceptualization and supervision is by Rahul Kumar.

Corresponding author

Correspondence to Gaurav Tyagi.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Availability of data and material

The data and material used to support the findings of this study are included within the article.

Code availability

The code of formal security proof using scyther tool of the proposed scheme is included within the article.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tyagi, G., Kumar, R. An Improved Multifactor User Authentication Scheme for Wireless Sensor Networks. Wireless Pers Commun 123, 1311–1343 (2022). https://doi.org/10.1007/s11277-021-09182-9

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-021-09182-9

Keywords

Search

Navigation