Abstract
Wireless sensor networks are applied in various areas like smart grid, environmental monitoring, health care, and security and surveillance. It applies to many fields, but as the utilization is higher, security becomes more important. Recently, the authentication scheme for the environment of wireless sensor network has also been studied. Wu et al. has announced a three-factor user authentication scheme claiming to be resistant to different types of attacks and maintain various security attributes. However, their proposal has several fatal vulnerabilities. First, it is vulnerable to the outsider attack. Second, it is exposed to user impersonation attack. Third, it does not satisfy user anonymity. Therefore, in this paper, we describe these vulnerabilities and prove Wu et al.’s scheme is unsafe.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Wu, F., Xu, L., Kumari, S., Li, X.: An Improved and Provably Secure Three- Factor User Authentication Scheme for Wireless Sensor Networks. Peer-to-Peer Networking and Applications 11(1), 1-20 (2018)
Watro, R., Kong, D., Cuti, Sf., Gardiner, C., Lynn, C., Kruus, P.: Tinypk: Securing Sensor Networks with Public Key Technology. In: Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks. ACM, 59-64 (2004)
Das, M.: Two-Factor User Authentication in Wireless Sensor Networks. IEEE transactions on wireless communications 8(3), 1086-1090 (2009)
Choi, Y., Lee, Y., Won, D.: Security Improvement on Biometric Based Authentication Scheme for Wireless Sensor Networks Using Fuzzy Extraction. International Journal of Distributed Sensor Networks 2016, 1-16 (2016)
Kim, J., Moon, J., Jung, J., Won, D.: Security Analysis and Improvements of Session Key Establishment for Clustered Sensor Networks. Journal of Sensors 2016, 1-17 (2016)
Kang, D., Jung, J., Mun, J., Lee, D., Choi, Y., Won, D.: Effcient and Robust User Authentication Scheme that Achieve User Anonymity with a Markov Chain. Security and Communication Networks 9(11), 1462-1476 (2016)
Jung, J., Kim, J., Choi, Y., Won, D.: An Anonymous User Authentication and Key Agreement Scheme Based on a Symmetric Cryptosystem in Wireless Sensor Networks. Sensors 16(8), 1-30 (2016)
He, D., Gao, Y., Chan, S., Chen, C., Bu, J.: An enhanced two-factor user authentication scheme in wireless sensor networks. Ad hoc and Sensor wireless network 10(4), 361-371 (2010)
Kumar, P., Lee, H. J.: Cryptanalysis on two user authentication protocols using smart card for wireless sensor networks. IEEE Wireless advanced (WiAd), 241-245 (2011)
Yeh, H. L., Chen, T. H., Liu, P. C., Kim, T. H., Wei, H. W.: A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767-4779 (2011)
Xue, K., Ma, C., Hong, P., Ding, R.: A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316-323 (2013)
Jiang, Q., Ma, J., Lu, X., Tian, Y.: An effcient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-peer Networking and Applications, 8(6), 1070-1081 (2015)
Das, A. K.: A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-peer Networking and Applications, 9(1), 223-244 (2016)
Das, A. K.: A secure and effective biometricbased user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. International Journal of Communication Systems, 30(1) (2017)
Das, A. K.: A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks. Wireless Personal Communications, 82(3), 1377-1404 (2015)
Miller, V.: Uses of Elliptic Curves in Cryptography. In: Advances in Cryptology Crypto 218, 417-426 (1986)
Koblitz, N.: Elliptic curve cryptosystems. Mathematics of computation 48, 203-209 (1987)
Dodis, Y., Kanukurthi, B., Katz, J., Smith, A.: Robust fuzzy extractors and authenticated key agreement from close secrets. IEEE Transactions on Information Theory 58, 6207-6222 (2013)
Das, A.: A Secure and Effective Biometric-based User Authentication Scheme for Wireless Sensor Networks using Smart Card and Fuzzy Extractor. International Journal of Communication Systems 2015, 1-25 (2015)
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. In: Proceedings on the International Conference on the Theory and Applications of Cryptographic Techniques, 523-540 (2004)
Moon, J., Choi, Y., Jung, J., Won, D.: An Improvement of Robust Biometrics- based Authentication and Key Agreement Scheme for Multi-Server Environments using Smart Cards. PLoS One 10, 1-15 (2015)
Acknowledgements
This research was supported by Basic Science Research Program through the National Research Foundation of Korea(NRF) funded by the Ministry of Education (NRF-2010-0020210)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ryu, J., Song, T., Moon, J., Kim, H., Won, D. (2019). Cryptanalysis of Improved and Provably Secure Three-Factor User Authentication Scheme for Wireless Sensor Networks. In: Alfred, R., Lim, Y., Ibrahim, A., Anthony, P. (eds) Computational Science and Technology. Lecture Notes in Electrical Engineering, vol 481. Springer, Singapore. https://doi.org/10.1007/978-981-13-2622-6_5
Download citation
DOI: https://doi.org/10.1007/978-981-13-2622-6_5
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-2621-9
Online ISBN: 978-981-13-2622-6
eBook Packages: EngineeringEngineering (R0)