Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Public-key cryptography and password protocols
ACM Transactions on Information and System Security (TISSEC)
Side Channel Cryptanalysis of Product Ciphers
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
TinyPK: securing sensor networks with public key technology
Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks
A Dynamic User Authentication Scheme for Wireless Sensor Networks
SUTC '06 Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing -Vol 1 (SUTC'06) - Volume 01
Simple Dynamic User Authentication Protocols for Wireless Sensor Networks
SENSORCOMM '08 Proceedings of the 2008 Second International Conference on Sensor Technologies and Applications
A New Formal Proof Model for RFID Location Privacy
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
An Authentication Protocol for Sensor Networks Using Pairings
CONIELECOMP '09 Proceedings of the 2009 International Conference on Electrical, Communications, and Computers
Defining strong privacy for RFID
ACM Transactions on Information and System Security (TISSEC)
Robust dynamic user authentication scheme for wireless sensor networks
Proceedings of the 5th ACM symposium on QoS and security for wireless and mobile networks
Two-factor user authentication in wireless sensor networks
IEEE Transactions on Wireless Communications
An Efficient Modular Exponentiation Algorithm against Simple Power Analysis Attacks
IEEE Transactions on Consumer Electronics
Protecting poorly chosen secrets from guessing attacks
IEEE Journal on Selected Areas in Communications
| Hi-index | 0.00 |
User authentication is a basic security requirement during the deployment of the wireless sensor network (WSN), because it may operate in a rather hostile environment, such as a military battlefield. In 2010, Khan and Alghathbar (KA) found out that Das's two-factor user authentication scheme for WSNs is vulnerable to the gateway node (GW-node) bypassing attack and the privileged-insider attack. They further presented an improved scheme to overcome the security flaws of Das's scheme. However, in this paper, we show that KA's scheme still suffers from the GW-node impersonation attack, the GW-node bypassing attack, and the privileged-insider attack. Hence, to fix the security flaws in KA's scheme, we propose a new user authentication scheme for WSNs. The security of the user authentication session in the proposed scheme is reduced by the model of Bellare and Rogaway. The security of partial compromise of secrets in the proposed scheme is reduced and analyzed by our adversarial model. Based on the performance evaluation, the overall cost of the proposed scheme is less than that of KA's scheme. Hence, we believe that the proposed scheme is more suitable for real security applications than KA's scheme.