A Provably Secure Two-Factor Authenticated Key Exchange Protocol for Wireless Sensor Networks Based on Authenticated Encryption

  • Fushan Wei
  • Ruijie ZhangEmail author
  • Jian Shen
Conference paper
Part of the Lecture Notes on Data Engineering and Communications Technologies book series (LNDECT, volume 2)


Two-factor authenticated key exchange (TFAKE) protocols are widely used in wireless sensor networks (WSNs) to provide user authentication and data confidentiality. However, many existing TFAKE protocols are found to be insecure against different attacks. In this paper, we investigate how to design provably secure TFAKE protocols using asymmetric cryptology mechanisms. Our main technique tool is robust authenticated encryption schemes and fuzzy verifiers. We first present a formal security model for TFAKE protocol in WSNs and then propose a novel TFAKE protocol based on authenticated encryption schemes. We prove the security of the proposed protocol in the random oracle model. The performance comparison result shows that our protocol not only enjoys provable security but also has high efficiency. protocols, our protocol is more efficient and enjoys provable security.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Das, M. L.: Two-Factor User Authentication in Wireless Sensor Networks. IEEE Transactions on Wireless Communications, vol. 8, no. 3, 2009, pp. 1086-1090.Google Scholar
  2. 2.
    Khan, M. K., Alghathbar, K.: Cryptanalysis And Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’. Sensors, 10(3), 2010, pp. 2450-2459.Google Scholar
  3. 3.
    He, D., Gao, Y., Chan, S., Chen, C., & Bu, J.: An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks. Ad Hoc & Sensor Wireless Networks, 10(4), 2010, pp. 361-371.Google Scholar
  4. 4.
    Vaidya, B., Makrakis, D., Mouftah, H.: (2012). Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks. Security and Communication Networks, 9(2), 2016, pp. 171-183.Google Scholar
  5. 5.
    Sun, D. Z., Li, J. X., Feng, Z. Y., Cao, Z. F., & Xu, G. Q: On the Security And Improvement of a Two-Factor User Authentication Scheme in Wireless Sensor Networks. Personal and Ubiquitous Computing, 17(5), 2013, pp. 895-905.Google Scholar
  6. 6.
    He, D., Kumar, N., Khan, M. K., & Lee, J. H.: Anonymous Two-Factor Authentication for Consumer Roaming Service in Global Mobility Networks. IEEE Transactions on Consumer Electronics, 59(4), 2013, pp. 811-817.Google Scholar
  7. 7.
    Yuan, J. J.: An Enhanced Two-Factor User Authentication in Wireless Sensor Networks. Telecommunication Systems, 55(1), 2014, pp. 105-113.Google Scholar
  8. 8.
    Jiang, Q., Ma, J., Lu, X., Tian, Y.: An Efficient Two-Factor User Authentication Scheme with Unlinkability for Wireless Sensor Networks. Peer-to-Peer Networking and Applications, 8(6), 2014, pp. 1070-1081.Google Scholar
  9. 9.
    Wei, F., Ma, J., Jiang, Q., Shen, J., & Ma, C.: Cryptanalysis and Improvement of an Enhanced Two-Factor User Authentication Scheme in Wireless Sensor Networks. Information Technology And Control, 45(1), 2016, pp. 62-70.Google Scholar
  10. 10.
    Wang, D., & Wang, P.: On the Anonymity of Two-Factor Authentication Schemes for Wireless Sensor Networks: Attacks, Principle and Solutions. Computer Networks, 73, 2014, pp. 41-57.Google Scholar
  11. 11.
    Wang, D., & Wang, P.: Understanding Security Failures of Two-Factor Authentication Schemes for Real-Time Applications in Hierarchical Wireless Sensor Networks. Ad Hoc Networks, 20, 2014, pp. 1-15.Google Scholar
  12. 12.
    Hoang V T, Krovetz T, Rogaway P: Robust Authenticated-Encryption AEZ and the Problem That it Solves. Advances in Cryptology-EUROCRYPT 2015. Springer Berlin Heidelberg, 2015, pp. 15-44.Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.State Key Laboratory of Mathematical Engineering and Advanced ComputingZhengzhouChina
  2. 2.School of Computer and SoftwareNanjing University of Information Science and TechnologyNanjingChina

Personalised recommendations