On the Design of Secure and Efficient Three-Factor Authentication Protocol Using Honey List for Wireless Sensor Networks

Lee, Joonyoung; Yu, SungJin; Kim, Myeonghyun; Park, Young-Ho; Das, Ashok Kumar

doi:10.1109/access.2020.3000790

Cited by 55 publications

(26 citation statements)

References 52 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the past few decades, numerous password-based authentication schemes have been proposed to provide security and efficiency in WSN environments [ 15 , 16 , 17 , 18 , 19 ]. In 1981, Lamport [ 20 ] suggested an authentication mechanism based on a password.…”

Section: Related Workmentioning

confidence: 99%

WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks

Kwon

Lee

et al. 2021

Sensors

Self Cite

View full text Add to dashboard Cite

Wireless sensor networks (WSN) are widely used to provide users with convenient services such as health-care, and smart home. To provide convenient services, sensor nodes in WSN environments collect and send the sensing data to the gateway. However, it can suffer from serious security issues because susceptible messages are exchanged through an insecure channel. Therefore, secure authentication protocols are necessary to prevent security flaws in WSN. In 2020, Moghadam et al. suggested an efficient authentication and key agreement scheme in WSN. Unfortunately, we discover that Moghadam et al.’s scheme cannot prevent insider and session-specific random number leakage attacks. We also prove that Moghadam et al.’s scheme does not ensure perfect forward secrecy. To prevent security vulnerabilities of Moghadam et al.’s scheme, we propose a secure and lightweight mutual authentication protocol for WSNs (WSN-SLAP). WSN-SLAP has the resistance from various security drawbacks, and provides perfect forward secrecy and mutual authentication. We prove the security of WSN-SLAP by using Burrows-Abadi-Needham (BAN) logic, Real-or-Random (ROR) model, and Automated Verification of Internet Security Protocols and Applications (AVISPA) simulation. In addition, we evaluate the performance of WSN-SLAP compared with existing related protocols. We demonstrate that WSN-SLAP is more secure and suitable than previous protocols for WSN environments.

show abstract

Section: Related Workmentioning

confidence: 99%

WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks

Kwon

Lee

et al. 2021

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…An adversary is able to steal the legal driver's smart card and extract the secret credentials stored in memory by performing the power analysis attacks [13]- [15]. After getting the secret data of the smart card, an adversary may attempt potential attacks including "offline password guessing", "forward secrecy", and "impersonation attacks", and so on [16], [17].…”

Section: A Threat Modelmentioning

confidence: 99%

IoV-SMAP: Secure and Efficient Message Authentication Protocol for IoV in Smart City Environment

Lee

Park

et al. 2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

With the emergence of the concept of smart city and the increasing demands for a range of vehicles, Internet of Vehicles (IoV) has achieved a lot of attention by providing multiple benefits, including vehicle emergence, accidents, levels of pollution, and traffic congestion. Moreover, IoV provides various services by combining vehicular ad-hoc networks (VANET) with the Internet of Things (IoT) in smart cities. However, the communication among vehicles is susceptible to various security threats because the sensitive message is transmitted via a insecure channel in the IoV-based smart city environment. Thus, a secure message authentication protocol is indispensable to ensure various services for IoV in a smart city environment. In 2020, a secure message authentication protocol for IoV communication in smart cities has been proposed. However, we discover that the analyzed scheme suffers from various potential attacks such as impersonation, secret key disclosure, and off-line guessing attacks, and also does not ensure authentication. To solve the security threats of the analyzed scheme, we design a secure and efficient message authentication protocol for IoV in a smart city environment, called IoV-SMAP. The proposed IoV-SMAP can resist security drawbacks and provide user anonymity, and mutual authentication. We demonstrate the security of IoV-SMAP by performing informal and formal analyses such as the Real-or-Random (ROR) model, and Automated Validation of Internet Security Protocols and Application (AVISPA) simulations. In addition, we compare the performance of IoV-SMAP with related existing competing authentication schemes. We demonstrate that IoV-SMAP provides better security along with efficiency than related competing schemes and is suitable for the IoV-based smart city environment.

show abstract

“…We consider the widely-used "Dolev-Yao (DY) threat model" [36], [37], [38] for analyzing security of the proposed authentication protocol. The capabilities of an adversary model can be defined in the following manner:…”

Section: Adversary Modelmentioning

confidence: 99%

Design of Secure Authentication Protocol for Cloud-Assisted Telecare Medical Information System Using Blockchain

et al. 2020

Self Cite

View full text Add to dashboard Cite

Telecare medical information system (TMIS) implemented in wireless body area network (WBAN) is convenient and time-saving for patients and doctors. TMIS is realized using wearable devices worn by a patient, and wearable devices generate patient health data and transmit them to a server through a public channel. Unfortunately, a malicious attacker can attempt performing various attacks through such a channel. Therefore, establishing a secure authentication process between a patient and a server is essential. Moreover, wearable devices have limited storage power. Cloud computing can be considered to resolve this problem by providing a storage service in the TMIS environment. In this environment, access control of the patient health data is essential for the quality of healthcare. Furthermore, the database of the cloud server is a major target for an attacker. The attacker can try to modify, forge, or delete the stored data. To resolve these problems, we propose a secure authentication protocol for a cloud-assisted TMIS with access control using blockchain. We employ ciphertext-policy attribute-based encryption (CP-ABE) to establish access control for health data stored in the cloud server, and apply blockchain to guarantee data integrity. To prove robustness of the proposed protocol, we conduct informal analysis and Burrows-Adabi-Needham (BAN) logic analysis, and we formally validate the proposed protocol using automated validation of internet security protocols and applications (AVISPA). Consequently, we show that the proposed protocol provides more security and has better efficiency compared to related protocols. Therefore, the proposed protocol is proper for a practical TMIS environment. INDEX TERMS Attribute-based encryption, bilinear pairing, blockchain, cloud computing, mutual authentication and key agreement, telecare medical information system

show abstract

On the Design of Secure and Efficient Three-Factor Authentication Protocol Using Honey List for Wireless Sensor Networks

Cited by 55 publications

References 52 publications

WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks

WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks

IoV-SMAP: Secure and Efficient Message Authentication Protocol for IoV in Smart City Environment

Design of Secure Authentication Protocol for Cloud-Assisted Telecare Medical Information System Using Blockchain

Contact Info

Product

Resources

About