Analysis and Improvement of a Robust User Authentication Framework for Ubiquitous Sensor Networks

Chi, Ling; Hu, Liang; Li, Hongtu; Chu, Jianfeng

doi:10.1155/2014/637684

Cited by 5 publications

(7 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since the early work of Das [2], He et al [3], Khan and Alghathbar [4] and Chen and Shih [5], all of which provide no keyexchange functionality, the design of SCA-WSN schemes has attracted much attention from researchers due to their potential to be widely deployed, and a number of proposals offering various levels of security and efficiency have been presented [6][7][8][9][10][11][12][13][14][15][16][17][18][19][20]. Some schemes consider only authenticated key exchange [6,8,9,12,20] while others attempt to additionally provide user anonymity [7,10,11,[13][14][15][16][17][18][19]. Schemes such as the ones in [6,12,20] employ elliptic curve cryptography to provide perfect forward secrecy while most schemes [7][8][9][10][11][13][14][15][16]…”

Section: Introductionmentioning

confidence: 99%

“…Some schemes consider only authenticated key exchange [6,8,9,12,20] while others attempt to additionally provide user anonymity [7,10,11,[13][14][15][16][17][18][19]. Schemes such as the ones in [6,12,20] employ elliptic curve cryptography to provide perfect forward secrecy while most schemes [7][8][9][10][11][13][14][15][16][17][18][19] use only lightweight cryptographic techniques, such as symmetric encryptions, message authentication codes and hash functions, to focus on improving the efficiency.…”

Section: Introductionmentioning

confidence: 99%

“…A smart-card-based user authentication scheme for WSNs (in short, a SCA-WSN scheme) allows a user holding its smart card issued by the gateway to achieve authenticated key exchange with a sensor, preferably in a way that its anonymity is preserved. Since the early work of Das [2], He et al [3], Khan and Alghathbar [4] and Chen and Shih [5], all of which provide no keyexchange functionality, the design of SCA-WSN schemes has attracted much attention from researchers due to their potential to be widely deployed, and a number of proposals offering various levels of security and efficiency have been presented [6][7][8][9][10][11][12][13][14][15][16][17][18][19][20]. Some schemes consider only authenticated key exchange [6,8,9,12,20] while others attempt to additionally provide user anonymity [7,10,11,[13][14][15][16][17][18][19].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

et al. 2015

View full text Add to dashboard Cite

A smart-card-based user authentication scheme for wireless sensor networks (hereafter referred to as a SCA-WSN scheme) is designed to ensure that only users who possess both a smart card and the corresponding password are allowed to gain access to sensor data and their transmissions. Despite many research efforts in recent years, it remains a challenging task to design an efficient SCA-WSN scheme that achieves user anonymity. The majority of published SCA-WSN schemes use only lightweight cryptographic techniques (rather than public-key cryptographic techniques) for the sake of efficiency, and have been demonstrated to suffer from the inability to provide user anonymity. Some schemes employ elliptic curve cryptography for better security but require sensors with strict resource constraints to perform computationally expensive scalar-point multiplications; despite the increased computational requirements, these schemes do not provide user anonymity. In this paper, we present a new SCA-WSN scheme that not only achieves user anonymity but also is efficient in terms of the computation loads for sensors. Our scheme employs elliptic curve cryptography but restricts its use only to anonymous user-to-gateway authentication, thereby allowing sensors to perform only lightweight cryptographic operations. Our scheme also enjoys provable security in a formal model extended from the widely accepted Bellare-Pointcheval-Rogaway (2000) model to capture the user anonymity property and various SCA-WSN specific attacks (e.g., stolen smart card attacks, node capture attacks, privileged insider attacks, and stolen verifier attacks).

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

et al. 2015

View full text Add to dashboard Cite

show abstract

“…Since then, the design of SUA-WSN schemes has received significant attention from researchers due to their potential to be widely deployed, and a number of solutions offering various levels of efficiency and security have been subsequently proposed [ 2 , 3 , 13 – 27 ]. Early schemes only aimed to achieve mutual authentication [ 13 – 15 ], while later schemes attempted to provide additional security properties, such as authenticated key exchange [ 2 , 3 , 16 – 27 ] and user anonymity [ 2 , 3 , 20 , 22 – 24 , 26 ]. Some schemes [ 16 , 21 , 27 ] employ elliptic curve cryptography to provide perfect forward secrecy, while others [ 2 , 3 , 12 – 14 , 17 – 20 , 22 – 26 ] only use symmetric cryptography and hash functions to focus on improving the efficiency.…”

Section: Introductionmentioning

confidence: 99%

“…Despite the research efforts over the recent years, it remains a significant challenge to design a robust SUA-WSN scheme that carries a formal proof of security in a widely-accepted model. As summarized in Table 1 , most of the published schemes either provide no formal analysis of security [ 3 , 12 – 14 , 16 , 20 – 22 , 24 – 26 ] or fail to achieve important security properties, such as mutual authentication, session-key security, user anonymity, two-factor security and resistance against various attacks [ 3 , 13 – 16 , 19 , 21 – 27 , 30 , 31 ]. Some schemes [ 2 , 17 – 19 , 23 , 27 ] have been proven secure using a computer security approach, which, as mentioned above, suffers from intractability and undecidability and could possibly give a false positive result.…”

Section: Introductionmentioning

confidence: 99%

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

Nam

Kim

Paik

et al. 2014

Sensors

View full text Add to dashboard Cite

A smart-card-based user authentication scheme for wireless sensor networks (in short, a SUA-WSN scheme) is designed to restrict access to the sensor data only to users who are in possession of both a smart card and the corresponding password. While a significant number of SUA-WSN schemes have been suggested in recent years, their intended security properties lack formal definitions and proofs in a widely-accepted model. One consequence is that SUA-WSN schemes insecure against various attacks have proliferated. In this paper, we devise a security model for the analysis of SUA-WSN schemes by extending the widely-accepted model of Bellare, Pointcheval and Rogaway (2000). Our model provides formal definitions of authenticated key exchange and user anonymity while capturing side-channel attacks, as well as other common attacks. We also propose a new SUA-WSN scheme based on elliptic curve cryptography (ECC), and prove its security properties in our extended model. To the best of our knowledge, our proposed scheme is the first SUA-WSN scheme that provably achieves both authenticated key exchange and user anonymity. Our scheme is also computationally competitive with other ECC-based (non-provably secure) schemes.

show abstract

Modeling of Secure Communication in Internet-of-Things for Resisting Potential Intrusion

Fathima¹,

Banu²,

Ahammed³

2019

Computational Statistics and Mathematical Modeling Methods in Intelligent Systems

View full text Add to dashboard Cite

Analysis and Improvement of a Robust User Authentication Framework for Ubiquitous Sensor Networks

Cited by 5 publications

References 15 publications

Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks

Modeling of Secure Communication in Internet-of-Things for Resisting Potential Intrusion

Contact Info

Product

Resources

About