A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.
Recent advances in big data technology collecting and analyzing large amounts of valuable data have attracted a lot of attention. When the information in non-reachable areas is required, IoT wireless sensor network technologies have to be applied. Sensors fundamentally have energy limitations, and it is almost impossible to replace energy-depleted sensors that have been deployed in an inaccessible region. Therefore, moving healthy sensors into the sensing hole will recover the faulty sensor area. In rough surfaces, hopping sensors would be more appropriate than wheel-driven mobile sensors. Sensor relocation algorithms to recover sensing holes have been researched variously in the past. However, the majority of studies to date have been inadequate in reality, since they are nothing but theoretical studies which assume that all the topology in the network is known and then computes the shortest path based on the nonrealistic backing up knowledge—The topology information. In this paper, we first propose a distributed hopping sensor relocation protocol. The possibility of movement of the hopping sensor is also considered to recover sensing holes and is not limited to applying the shortest path strategy. Finally, a performance analysis using OMNeT++ has demonstrated the solidification of the excellence of the proposed protocol.
A smart-card-based user authentication scheme for wireless sensor networks
(hereafter referred to as a SCA-WSN scheme) is designed to ensure that only
users who possess both a smart card and the corresponding password are allowed
to gain access to sensor data and their transmissions. Despite many research
efforts in recent years, it remains a challenging task to design an efficient
SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN
schemes use only lightweight cryptographic techniques (rather than public-key
cryptographic techniques) for the sake of efficiency, and have been demonstrated
to suffer from the inability to provide user anonymity. Some schemes employ
elliptic curve cryptography for better security but require sensors with strict
resource constraints to perform computationally expensive scalar-point
multiplications; despite the increased computational requirements, these schemes
do not provide user anonymity. In this paper, we present a new SCA-WSN scheme
that not only achieves user anonymity but also is efficient in terms of the
computation loads for sensors. Our scheme employs elliptic curve cryptography
but restricts its use only to anonymous user-to-gateway authentication, thereby
allowing sensors to perform only lightweight cryptographic operations. Our
scheme also enjoys provable security in a formal model extended from the widely
accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity
property and various SCA-WSN specific attacks (e.g., stolen smart card attacks,
node capture attacks, privileged insider attacks, and stolen verifier
attacks).
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.