A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks

Das, Ashok Kumar

doi:10.1007/s11277-015-2288-3

Cited by 92 publications

(84 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Proof This proof is similar to that presented in [7,13,14,16,41,48]. In this proof, we plan to construct an adversary A who will have the ability to derive the identity I D i of a legal user U i and the secret key X j of a medical server MS j .…”

Section: Theorem 1 Under the Assumption That A One-way Hash Function mentioning

confidence: 92%

“…Step R1: As in [13], U i first inputs his/her desired identity I D i , password P W i , and then imprints the personal biometrics B i at the sensor of a specific device. U i generates a 1024-bit random number K, which is kept secret to U i only.…”

Section: User Registration Phasementioning

confidence: 99%

“…In this section, we perform the formal security analysis of our scheme under the random oracle model as in [7,13,41,48] for the formal security analysis. We apply the method of contradiction proof [10] for our formal security analysis.…”

Section: Formal Security Analysis Using Random Oracle Modelmentioning

confidence: 99%

See 2 more Smart Citations

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS

2015

Self Cite

View full text Add to dashboard Cite

The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to other related schemes. As a result, our scheme is very appropriate for practical applications in TMIS.

show abstract

Section: Theorem 1 Under the Assumption That A One-way Hash Function mentioning

confidence: 92%

Section: User Registration Phasementioning

confidence: 99%

See 1 more Smart Citation

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS

2015

Self Cite

View full text Add to dashboard Cite

show abstract

“…The wireless itself is untrusted, where an anonymous nodes can also get connected. In [17] authors proposed a novel secured method called Three-factor user authentication scheme for distributed WSNs. To avoid the collisions in communication with privacy preserving data mining Larr et al [7] proposed an anonymous ID assignment where this ID number will iteratively assign to the nodes Drushina et al [18] proposed a network coding method for privacy in networks by removes the statistical dependence between incoming and outgoing messages, so that tracing is not possible.…”

Section: Related Workmentioning

confidence: 99%

Privacy preserving data publishing based on sensitivity in context of Big Data using Hive

Rao

Satyanarayana

2018

J Big Data

View full text Add to dashboard Cite

“…In order to monitor the critical parameters of application environment, several sensor nodes are deployed in a specific area (called the target field or deployment area), such as forest or battlefield. Sensor nodes are batterylimited devices, and they have the ability to communicate with the nearby base station(s) via other neighbor nodes by short range of wireless radio transmission with low bandwidth and over small communication ranges [1][2][3][4][5].…”

Section: Introductionmentioning

confidence: 99%

A Secure and Scalable Group Access Control Scheme for Wireless Sensor Networks

Odelu

Das

Goswami

2015

Wireless Pers Commun

Self Cite

View full text Add to dashboard Cite

Recently, in 2013, Wu et al. proposed an efficient adaptable and scalable group access control scheme (GAC) for managing wireless sensor networks and they claimed that their proposed GAC approach provides the forward secrecy and backward secrecy, and it also prevents the man-in-the-middle attack. However, in this paper, we revisit Wu et al.'s scheme and show that Wu et al.'s scheme fails to provide the forward and backward secrecy to the group access key (GAK), and also their scheme does not prevent the man-inthe-middle attack and it does not provide the mutual authentication between a node and the task manager. Moreover, in Wu et al.'s scheme, all the past GAKs used by a node can be revealed to an adversary when that node is compromised. We then aim to propose a novel group access control mechanism to withstand the security weaknesses found in Wu et al.'s scheme while retaining the original merits of their scheme. Through the rigorous informal security analysis and the formal security analysis using the widely-accepted BurrowsAbadi-Needham logic, we show that our scheme is secure against various known attacks including the attacks found in Wu et al.'s scheme. Moreover, in our scheme, the vulnerability of the GAKs used by a node is limited and bounded to the last GAK update protocol interval when that node is compromised by an adversary. Our scheme provides efficient dynamic properties such as joining and leaving of a node from a group along with high security and the required desirable features as compared to Wu et al.'s scheme, and as a result, our scheme is very suitable for the practical applications.

show abstract

A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks

Cited by 92 publications

References 31 publications

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS

A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS

Privacy preserving data publishing based on sensitivity in context of Big Data using Hive

A Secure and Scalable Group Access Control Scheme for Wireless Sensor Networks

Contact Info

Product

Resources

About