Cryptanalysis and Improvement of ECC - Based Security Enhanced User Authentication Protocol for Wireless Sensor Networks

Maurya, Anup Kumar; Sastry, V. N.; Udgata, Siba K.

doi:10.1007/978-3-319-22915-7_13

Cited by 5 publications

(5 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our proposed scheme is split into five phases: (1) setup; (2) user registration; (3) authentication, authorization, and key agreement (AAK); (4) password and biometrics update; and (5) access privilege update. ECC is asymmetric key cryptography and provides similar security measures with smaller key sizes in comparison with other non-ECC-based asymmetric key cryptography methods such as RSA [27]. As WSNs are resource-constrained, techniques that are more lightweight, such as symmetric ones (XOR and hash computations, for example), are more appropriate [4].…”

Section: Our Proposed Schemementioning

confidence: 99%

A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things

Shin

Kwon

2020

IEEE Access

View full text Add to dashboard Cite

Wireless sensor networks (WSNs) have played an important role in the Internet of Things (IoT), and the 5G network is being considered as a major candidate for IoT's communication network with the advent of 5G commercialization. The potential of integrating WSNs and 5G in the IoT is expected to allow IoT to penetrate deeply into our daily lives and to provide various services that are convenient, but at the same time, it also brings new security threats. From this aspect, user authentication and key agreement are essential for secure end-to-end communication. As IoT devices, including sensors, collect and process more and more personal information, both anonymous authentication and authorization are also required to protect the privacy and to prevent anyone without privileges from accessing private data. Recently, Adavoudi-Jolfaei et al. proposed an anonymous three-factor authentication and access control scheme for real-time applications in WSNs. However, we found that this scheme does not provide sensor-node anonymity and suffers from user collusion and desynchronization attacks. In this paper, we introduce a system architecture by considering the integration of WSNs and 5G for IoT. Based on a cryptanalysis of Adavoudi-Jolfaei et al.'s scheme and the system architecture, we propose an elliptic curve cryptography (ECC)-based privacy-preserving authentication, authorization, and key agreement scheme for WSNs in 5G-integrated IoT. We conduct a formal and informal security analysis in order to demonstrate that the proposed scheme withstands various security attacks and guarantees all desired security features, overcoming the drawbacks of Adavoudi-Jolfaei et al.'s scheme. Finally, a performance and comparative analysis with the related schemes indicate that the proposed scheme is both efficient and more secure.

show abstract

Section: Our Proposed Schemementioning

confidence: 99%

A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things

Shin

Kwon

2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…The second method takes advantage of asymmetric cryptographic algorithm, which has the challenge of reducing computation load as much as possible. However, the latest protocols with this method neglect the possibility of improvement [6][7][8]. …”

Section: IImentioning

confidence: 99%

“…The first one is the weakness or none of user anonymity [3,[5][6][7][8][9][10][11][12][13][14], which would cause being tracked easily. The second one is information leakage of the lost smart card [3,[6][7][8][9][10][11][12][13][14], which causes the attacker can do guesswork in a smaller space after extracting the information in the smart card. The third one is security recovery when system secret information is revealed [3, 5 -12], in which case, the system cannot update secret information conveniently because all users must register again.…”

Section: Advances In Computer Science Research Volume 44mentioning

confidence: 99%

“…From the top, the HWSN is divided into three layers, the gateway, the cluster head and the sensor nodes. Some protocols have been suggested on the security of HWSN [3,[5][6][7][8][9][10][11][12][13][14], in which several problems exist in the user authentication. After investigating the main technology of authentication, an enhanced secure anonymity user authentication protocol will be proposed by combing three factors of smart card, user password, and user biometrics in this paper.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An Enhanced Secure Anonymity User Authentication Protocol for Hierarchical Wireless Sensor Networks

Pan¹,

Chen²

2017

Proceedings of the 3rd International Conference on Wireless Communication and Sensor Networks (WCSN 2016)

View full text Add to dashboard Cite

Abstract-The security of hierarchical wireless sensor network (HWSN) attracts more attentions with the rapid deployment of HWSN recently. In this paper, the user authentication technology of HWSN is investigated and a more efficient and more secure user authentication protocol is proposed. Overcoming the main faults of the previous protocols, this enhanced protocol makes the improvements in achieving the strong anonymity, preventing the attackers of guessing the password of the lost smart card, and updating the secret information independently and quickly. The security of the protocol is verified by using the Rubin Logic method. The computation load is evaluated and is acceptable for the real systems.

show abstract

“…It makes security to be an essential factor for WSNs, where data integrity is the most important requirement. Authentication has three major classes based on the primary cryptographic methods such as asymmetric cryptography, symmetric cryptography and hybrid methods [2]. Initially, it was estimated that WSNs would compose only of equal sensor nodes.…”

Section: Introductionmentioning

confidence: 99%

ECC-based User Authentication Scheme for Wireless Sensor Networks

Temirlan¹,

Li²

2017

engineering-journal

View full text Add to dashboard Cite

In 2016, Akansha S. et al. proposed an upgraded user authentication protocol. According to the implemented cryptanalysis on their scheme, some vulnerabilities have been found in registration and authentication part. In registration part, the gateway uses generated value as secrecy and sends it to sensor node, which doesn't have information about received secret value and cannot verify its identity. In authentication part, user is unable to check legitimacy of received session key generated by sensor node. Mainly, the protocol has been implemented using only one way hash function, XOR and concatenation operations, which is not adequate to provide authentication and confidentiality. In this paper, we suggest ECC-based user authentication scheme for WSNs, which eliminates the drawbacks of the previous scheme. The protocol decreases the high cost public-key operations of the sensor node and substitutes them with symmetric-key based operations.

show abstract

Cryptanalysis and Improvement of ECC - Based Security Enhanced User Authentication Protocol for Wireless Sensor Networks

Cited by 5 publications

References 8 publications

A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things

A Privacy-Preserving Authentication, Authorization, and Key Agreement Scheme for Wireless Sensor Networks in 5G-Integrated Internet of Things

An Enhanced Secure Anonymity User Authentication Protocol for Hierarchical Wireless Sensor Networks

ECC-based User Authentication Scheme for Wireless Sensor Networks

Contact Info

Product

Resources

About