Abstract
User authentication is an elementary security prerequisite in resource-constrained wireless sensor networks (WSNs). Recently, Amin et al. presented an anonymity preserving authentication scheme for WSN which is secure against both active and passive attacks. In this paper, we first cryptanalyzed Amin et al. scheme and find that it suffers from the password guessing, impersonation, session key leakage attacks. To address these deficiencies, we propose a secure authentication scheme for wireless sensor network (SMAC-AS) by using MAC function. It additionally uses symmetric encryption and decryption operations for authentication to prevent forgery. We use OTCODE as one time activation code that is more secure than password. The SMAC-AS is a low cost and much faster in practice because it uses light weight MAC function and symmetric operations. Decryption of MAC is not easy. Moreover, SMAC-AS also helps in faster and efficient transmission of the message because of the lightweight function and operations which leads to saving the battery of the sensor nodes. We use BAN logic for authentication proof. The formal security analysis using random oracle model is done to show its efficacy.
Similar content being viewed by others
References
Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., & Cayirci, E. (2002). A survey on sensor networks. IEEE Communications Magazine, 40(8), 102–114.
Chand, S., & Kumar, B. (2017). Selective α-coverage based heuristic in wireless sensor networks. Wireless Personal Communications, 97(1), 1623–1636.
Singh, S., Chand, S., & Kumar, B. (2017). Multilevel heterogeneous network model for wireless sensor networks. Telecommunication Systems, 64(2), 259–277.
Al Ameen, M., Liu, J., & Kwak, K. (2012). Security and privacy issues in wireless sensor networks for healthcare applications. Journal of Medical Systems, 36(1), 93–101.
Yuan, J., Jiang, C., & Jiang, Z. (2010). A biometric-based user authentication for wireless sensor networks. Wuhan University Journal of Natural Sciences, 15(3), 272–276.
Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.
Watro, R., Kong, D., Cuti, S. F., Gardiner, C., Lynn, C., & Kruus, P. (2004). TinyPK: Securing sensor networks with public key technology. In Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks (pp. 59–64). ACM.
Sun, D. Z., Li, J. X., Feng, Z. Y., Cao, Z. F., & Xu, G. Q. (2013). On the security and improvement of a two-factor user authentication scheme in wireless sensor networks. Personal and Ubiquitous Computing, 17(5), 895–905.
Jiang, Q., Ma, J., Lu, X., & Tian, Y. (2015). An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking and Applications, 8(6), 1070–1081.
Fan, R., Ping, L. D., Fu, J. Q., & Pan, X. Z. (2010). A secure and efficient user authentication protocol for two-tiered wireless sensor networks. In Second pacific-Asia conference on circuits, communications and system (PACCS), 2010 (Vol. 1, pp. 425–428). IEEE.
Chen, T. H., & Shih, W. K. (2010). A robust mutual authentication protocol for wireless sensor networks. ETRI Journal, 32(5), 704–712.
Amin, R., Islam, S. H., Biswas, G. P., Khan, M. K., Leng, L., & Kumar, N. (2016). Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Computer Networks, 101, 42–62.
Farash, M. S., Turkanović, M., Kumari, S., & Hölbl, M. (2016). An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Networks, 36, 152–176.
Wong, K., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic the user authentication scheme for wireless sensor networks. In: Proceedings of IEEE international conference on sensor networks, ubiquitous, and trustworthy computing (pp. 244–251). IEEE Computer Society.
Tseng, H. R., Jan, R. H., & Yang, W. (2007). An improved dynamic user authentication scheme for wireless sensor networks. In Global telecommunications conference, 2007. GLOBECOM’07 (pp. 986–990). IEEE.
Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.
He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc & Sensor Wireless Networks, 10(4), 361–371.
Xue, K., Ma, C., Hong, P., & Ding, R. (2013). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323.
Yoo, S. G., Park, K. Y., & Kim, J. (2012). A security-performance-balanced user authentication scheme for wireless sensor networks. International Journal of Distributed Sensor Networks, 8(3), 382810.
Kumari, S., Khan, M. K., & Atiquzzaman, M. (2015). User authentication schemes for wireless sensor networks: A review. Ad Hoc Networks, 27, 159–194.
Kumar, P., Lee, S. G., & Lee, H. J. (2012). E-SAP: Efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors, 12(2), 1625–1647.
He, D., Kumar, N., Chen, J., Lee, C. C., Chilamkurti, N., & Yeo, S. S. (2015). Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Systems, 21(1), 49–60.
Kumar, P., Gurtov, A., Ylianttila, M., Lee, S. G., & Lee, H. (2013). A strong authentication scheme with user privacy for wireless sensor networks. ETRI Journal, 35(5), 889–899.
Bilal, M., & Kang, S. G. (2017). An authentication protocol for future sensor networks. Sensors, 17(5), 979.
Stallings, W. (2006). Cryptography and network security. Upper Saddle River: Prentice-Hall Inc.
Burrows, M., & Needham Abadi, R. (1990). A logic of authentication. ACM Transaction Computer System, 8(1), 18–36.
Liu, D. (2005). Security mechanisms for wireless sensor networks. Ph.D. thesis, North Carolina State University, Raleigh, USA. http://repository.lib.ncsu.edu/ir/handle/1840.16/4662.
Xu, L., & Wu, F. (2015). Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. Journal of Medical Systems, 39(2), 10.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Singh, D., Kumar, B., Singh, S. et al. SMAC-AS: MAC Based Secure Authentication Scheme for Wireless Sensor Network. Wireless Pers Commun 107, 1289–1308 (2019). https://doi.org/10.1007/s11277-019-06336-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-019-06336-8