Security analysis of 'two-factor user authentication in wireless sensor networks'

Authors:
Muhammad Khurram Khan;Khaled Alghathbar
Affiliations:
Center of Excellence in Information Assurance, King Saud University, Saudi Arabia and Information Systems Department, College of Computer and Information Sciences, King Saud University, Saudi Arab ...;Information Systems Department, College of Computer and Information Sciences, King Saud University, Saudi Arabia
Venue:
AST/UCMA/ISA/ACN'10 Proceedings of the 2010 international conference on Advances in computer science and information technology
Year:
2010

Citing 12
Cited 0

Examining Smart-Card Security under the Threat of Power Analysis Attacks

IEEE Transactions on Computers
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Wireless Sensor Networks: Architectures and Protocols

Wireless Sensor Networks: Architectures and Protocols
TinyPK: securing sensor networks with public key technology

Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks
A Dynamic User Authentication Scheme for Wireless Sensor Networks

SUTC '06 Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing -Vol 1 (SUTC'06) - Volume 01
Improving the security of 'a flexible biometrics remote user authentication scheme'

Computer Standards & Interfaces
Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards

Computer Standards & Interfaces
Simple Dynamic User Authentication Protocols for Wireless Sensor Networks

SENSORCOMM '08 Proceedings of the 2008 Second International Conference on Sensor Technologies and Applications
Robust dynamic user authentication scheme for wireless sensor networks

Proceedings of the 5th ACM symposium on QoS and security for wireless and mobile networks
Two-factor user authentication in wireless sensor networks

IEEE Transactions on Wireless Communications
Authenticated queries in sensor networks

ESAS'05 Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards

IEEE Transactions on Consumer Electronics

Quantified Score

Hi-index	0.01

Visualization

Abstract

Authenticating remote users in wireless sensor networks (WSN) is an important security issue due to their un-attended and hostile deployments. Usually, sensor nodes are equipped with limited computing power, storage, and communication module, thus authenticating remote users in such resource-constrained environment is a critical security concern. Recently, M.L Das proposed a two-factor user authentication scheme in WSN and claimed that his scheme is secure against different kind of attacks. However, in this paper, we prove that M.L Das-scheme has some critical security pitfalls and is not recommended for real application. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack.