Skip to main content
SpringerLink
Log in

A Novel Smart Card Based User Authentication and Key Agreement Scheme for Heterogeneous Wireless Sensor Networks

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Due to the open environment in which hierarchical wireless sensor networks (HWSNs) are typically deployed, it is important to authenticate transmitted data. In recent years, a number of user authentication schemes with smart card for HWSNs have been proposed. In 2014, Turkanović et al. proposed a novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks (HADWSNs). Their scheme is a lightweight, which requires the computation of only hash functions. In this paper, we first analyze Turkanović et al.’s scheme and then demonstrate that their scheme cannot really protect against user masquerade, off-line password guessing, and node capture attacks. To overcome these security weaknesses, we further propose an advanced smart card based user authentication while inherits the original merits of their scheme. Through the informal and formal security analysis, we demonstrate that our scheme is resilient possible known attacks including the attacks found in Turkanović et al.’s scheme. In addition, we compare the proposed scheme with related ones to prove that the computation cost of the proposed scheme are well suitable for practical applications in HADWSNs.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Vivek, K., Narottam, C., & Naveen, C. (2010). Recent advances and future trends in wireless sensor networks. Internatioal Journal of Applied Engineering Research, 1(3), 330–342.

    Google Scholar 

  2. Cheng, Y., & Agrawal, D. (2007). An improved key distribution mechanism for large-scale hierarchical wireless sensor networks. Ad Hoc Networks, 5(1), 35–48.

    Article  Google Scholar 

  3. Asadi, M., Zimmerman, C., & Agah, A. (2013). A game-theoretic approach to security and power conservation in wireless sensor networks. International Journal of Network Security, 15(1), 50–58.

    Google Scholar 

  4. Das, A. K. (2012). Improving identity-based random key establishment scheme for large-scale hierarchical wireless sensor networks. International Journal of Network Security, 14(1), 1–21.

    Google Scholar 

  5. Li, C. T. (2011). Secure smart card based password authentication scheme with user anonymity. Information Technology and Control, 40(2), 157–162.

    Article  Google Scholar 

  6. Mi, Q., Stankovic, J. A., & Stoleru, R. (2012). Practical and secure localization and key distribution for wireless sensor networks. Ad Hoc Networks, 10(6), 946–961.

    Article  Google Scholar 

  7. Watro, R., Kong, D., Cuti, S., Gardiner, C., Lynn, C., Kruus, P., & Tiny, P. K. (2004). Securing sensor networks with publickey technology. In Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks, SASN 2004, Washington, DC, USA, October (pp. 59–64).

  8. Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.

    Article  MathSciNet  Google Scholar 

  9. Yuan, J., Jiang, C., & Jiang, Z. (2010). A biometric-based user authentication for wireless sensor networks. Wuhan University Journal of Natural Sciences, 15(3), 272–276.

    Article  MathSciNet  Google Scholar 

  10. Song, R. (2010). Advanced smart card based password authentication protocol. Computer Standards and Interfaces, 32(5), 321–325.

    Article  Google Scholar 

  11. Xu, J., Zhu, W. T., & Feng, D. G. (2009). An improved smart card based password authentication scheme with provable security. Computer Standards and Interfaces, 31(4), 723–728.

    Article  Google Scholar 

  12. Yeh, H. L., Chen, T. H., Liu, P. C., Kim, T. H., & Wei, H. W. (2011). A secured authentication protocol for wireless sensor networks using ellipticcurves cryptography. Sensors, 11(5), 4767–4779.

    Article  Google Scholar 

  13. Ghosal, A., Halder, S., & DasBit, S. (2012). A dynamic TDMA based scheme for securing query processing in WSN. Wireless Networks, 8(2), 165–184.

    Article  Google Scholar 

  14. Wong, K. H. M., Zheng, Y., Cao, J., & Wang, S. (2006). A dynamic user authentication scheme for wireless sensor networks. In Proceedings of the IEEE international conference on sensor networks, ubiquitous, and trustworthy computing, Taichung (pp. 244–251).

  15. Huang, H. F., Chang, Y. F., & Liu, C. H. (2010). Enhancement of two-factor user authentication in wireless sensor networks. In Proceedings of the 2010 sixth international conference on intelligent information hiding and multimedia signal processing (pp. 27–30). IEEE Computer Society.

  16. He, D., Gao, Y., Chan, S., Chen, C., & Bu, J. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 10(4), 361–371.

    Google Scholar 

  17. Nyang, D., & Lee, M. K. (2009). Improvement of Das’s two-factor authentication protocol in wireless sensor networks. In CORD conference proceedings.

  18. Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of “two-factor user authentication in wireless sensor networks”. Sensors, 10(3), 2450–2459.

    Article  Google Scholar 

  19. Vaidya, B., Makrakis, D., & Mouftah, H. T. (2010). Improved two-factor user authentication in wireless sensor networks. In IEEE 6th international conference on wireless and mobile computing, networking and communications (pp. 600–606).

  20. Xue, K., Ma, C., Hong, P., & Ding, R. (2012). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36, 316–323.

    Article  Google Scholar 

  21. Li, C. T., Weng, C. Y., & Lee, C. C. (2013). An advanced temporal credentialbased security scheme with mutual authentication and key agreement for wireless sensor networks. Sensors, 13, 9589–9603.

    Article  Google Scholar 

  22. Turkanović, M., & Hölbl, M. (2014). Notes on “a temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks”. Wireless Personal Communication, 77, 907–922.

    Article  Google Scholar 

  23. Fan, R., He, D., Pan, X., & Ping, L. (2011). An efficient and dos-resistant user authentication scheme for two-tiered wireless sensor networks. Journal of Zhejiang University SCIENCE, 12(7), 550–560.

    Article  Google Scholar 

  24. Das, A. K., Sharma, P., Chatterjee, S., & Sing, J. K. (2012). A dynamic passwordbased user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications, 35(52), 1646–1656.

    Article  Google Scholar 

  25. Wang, D., & Wang, P. (2014). Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Networks, 20, 1–15.

    Article  Google Scholar 

  26. Turkanović, M., Brumen, B., & Hölbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks, 20, 96–112.

    Article  Google Scholar 

  27. Burrow, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer System, 8, 18–36.

    Article  Google Scholar 

  28. Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Proceedings of advances in cryptology-CRYPTO’99, LNCS 1666 (pp. 388–397).

  29. Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002b). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.

    Article  MathSciNet  Google Scholar 

  30. Boyd, C., & Mathuria, A. (2003). Protocols for authentication and key establishment. Berlin: Springer.

    Book  MATH  Google Scholar 

  31. Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., & Shalmani, M. T. M. (2008). On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. Advances in cryptology-CRYPTO (pp. 203–220). Berlin: Springer.

    Google Scholar 

  32. Lamport, L. (1981). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.

    Article  MathSciNet  Google Scholar 

  33. Yang, W. H., & Shieh, S. P. (1999). Password authentication schemes with smart cards. Computer and Security, 18(8), 727–733.

    Article  Google Scholar 

  34. Stallings, W. (2004). Cryptography and network security: Principles and practices (3rd ed., pp. 328–345). London: Pearson Education.

    Google Scholar 

  35. Stinson, D. R. (2006). Some observations on the theory of cryptographic hash functions. Designs Codes and Cryptography, 38(2), 259–277.

    Article  MathSciNet  MATH  Google Scholar 

  36. Chatterjee, S., Das, A. K., & Sing, J. K. (2014). An enhanced access control scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks, 21(1–2), 121–149.

    Google Scholar 

  37. Odelu, V., Das, A. K., & Goswami, A. (2014). A secure effective key management scheme for dynamic access control in a large leaf class hierarchy. Information Sciences, 269(10), 270–285.

    Article  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgements

The authors would like to thank all the anonymous reviewers for their helpful advice. This paper is supported by the National Key Research and Development Program (Grant Nos. 2016YFB0800602), the National Natural Science Foundation of China (Grant Nos. 61472045, 61573067, 61373020, U1536102 and U1536116).

Author information

Authors and Affiliations

  1. Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876, China

    Yanrong Lu, Lixiang Li, Haipeng Peng & Yixian Yang

  2. State Key Laboratory of Public Big Data, Guizhou, 550025, China

    Yanrong Lu, Lixiang Li, Haipeng Peng & Yixian Yang

Authors
  1. Yanrong Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lixiang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Haipeng Peng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yixian Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lixiang Li.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lu, Y., Li, L., Peng, H. et al. A Novel Smart Card Based User Authentication and Key Agreement Scheme for Heterogeneous Wireless Sensor Networks. Wireless Pers Commun 96, 813–832 (2017). https://doi.org/10.1007/s11277-017-4203-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4203-6

Keywords

Search

Navigation