Skip to main content
Log in

Lightweight three factor scheme for real-time data access in wireless sensor networks

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

Wireless sensor networks (WSNs) have rapidly increased to be applicable in many different areas due to their wireless mobile connectivity, large scale deployment and ad hoc network. However, these characteristics make WSNs usually deployed in unattended and hostile field, which may bring some new threats such as information tampering and eavesdropping attacks, etc. User authentication is one of the most important security services that allowed the legitimate user to query and collect the real-time data from a sensor node in WSN. Since the sensor nodes are resource-constrained devices which have limited storage, power and computing resource, the proposed authentication scheme should be low cost and lightweight. Recently, Gope et al. proposed a two-factor lightweight authentication scheme for real-time data access in WSN. However, according to the analysis, there still exist several drawbacks in their scheme as well as in other two-factor schemes. In this paper, we propose a novel lightweight three-factor authentication scheme for WSN to withstand such threats as well as providing higher operational efficiency than most of the recently presented schemes. Both analysis and simulation show that our scheme is more suitable for the security real-time data access in WSN.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Lamport, L. (1998). Password authentication with insecure communication. Communications of the ACM, 24(11), 770–772.

    Article  Google Scholar 

  2. Wu, T. D. (1998). The secure remote password protocol. In NDSS (Vol. 98).

  3. Katz, J., Ostrovsky, R., & Yung, M. (2009). Efficient and secure authenticated key exchange using weak passwords. Journal of the ACM (JACM), 57(1), 3.

    Article  MathSciNet  Google Scholar 

  4. Chang, C.-C., & Wu, T.-C. (1991). Remote password authentication with smart cards. IEE Proceedings E (Computers and Digital Techniques), 138(3), 165–168.

    Article  Google Scholar 

  5. Chen, T.-H., & Shih, W.-K. (2010). A robust mutual authentication protocol for wireless sensor networks. ETRI Journal, 32(5), 704–712.

    Article  Google Scholar 

  6. Daojing, H., et al. (2010). An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc & Sensor Wireless Networks, 10(4), 361–371.

    Google Scholar 

  7. Huang, H.-F., Ya-Fen, C., & Chun-Hung, L. (2010). Enhancement of two-factor user authentication in wireless sensor networks. In Intelligent information hiding and multimedia signal processing (IIH-MSP), 2010 sixth international conference on. IEEE.

  8. Vaidya, B., Dimitrios, M., & Hussein, T. M. (2010). Improved two-factor user authentication in wireless sensor networks. In Wireless and mobile computing, networking and communications (WiMob), 2010 IEEE 6th international conference on. IEEE.

  9. Yoo, S. G., Park, K. Y., & Kim, J. (2012). A security-performance-balanced user authentication scheme for wireless sensor networks. International Journal of Distributed Sensor Networks, 8(3), 382810.

    Article  Google Scholar 

  10. Sun, D.-Z., et al. (2013). On the security and improvement of a two-factor user authentication scheme in wireless sensor networks. Personal and Ubiquitous Computing, 17(5), 895–905.

    Article  Google Scholar 

  11. Wong, K. H. M., et al. (2006). A dynamic user authentication scheme for wireless sensor networks. In Sensor networks, ubiquitous, and trustworthy computing, 2006. IEEE international conference on (Vol. 1). IEEE.

  12. Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090.

    Article  Google Scholar 

  13. Nyang, D. H., & Lee, M.-K. (2009). Improvement of Das’s two-factor authentication protocol in wireless sensor networks. IACR Cryptology ePrint Archive, 2009, 631.

    Google Scholar 

  14. Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.

    Article  Google Scholar 

  15. Fan, R., et al. (2010). A secure and efficient user authentication protocol for two-tiered wireless sensor networks. In Circuits, communications and system (PACCS), 2010 second Pacific-Asia conference on (Vol. 1). IEEE.

  16. Turkanovic, M., Brumen, B., & Holbl, M. (2014). A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks, 20, 96–112.

    Article  Google Scholar 

  17. Amin, R., & Biswas, G. P. (2016). A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Networks, 36, 58–80.

    Article  Google Scholar 

  18. Farash, M. S., et al. (2016). An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment. Ad Hoc Networks, 36, 152–176.

    Article  Google Scholar 

  19. Gope, P., & Hwang, T. (2016). A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks. IEEE Transactions on Industrial Electronics, 63(11), 7124–7132.

    Article  Google Scholar 

  20. Li, X., et al. (2014). Applying biometrics to design three-factor remote user authentication scheme with key agreement. Security and Communication Networks, 7(10), 1488–1497.

    Google Scholar 

  21. He, D., & Wang, D. (2015). Robust biometrics-based authentication scheme for multiserver environment. IEEE Systems Journal, 9(3), 816–823.

    Article  Google Scholar 

  22. Jiang, Q., et al. (2016). Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy. Nonlinear Dynamics, 83(4), 2085–2101.

    Article  MathSciNet  Google Scholar 

  23. Jiang, Q., et al. (2016). A privacy preserving three-factor authentication protocol for e-Health clouds. The Journal of Supercomputing, 72(10), 3826–3849.

    Article  Google Scholar 

  24. Xiong, L., et al. (2017). A lightweight anonymous authentication protocol with perfect forward secrecy for wireless sensor networks. Sensors, 17(11), 2681.

    Article  Google Scholar 

  25. Wang, C., Guoai, X., & Sun, J. (2017). An enhanced three-factor user authentication scheme using elliptic curve cryptosystem for wireless sensor networks. Sensors, 17(12), 2946.

    Article  Google Scholar 

  26. Li, W., et al. (2018). Cryptanalysis and security enhancement of three authentication schemes in wireless sensor networks. Wireless Communications and Mobile Computing. https://doi.org/10.1155/2018/8539674.

    Article  Google Scholar 

  27. Das, A. K. (2016). A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-peer Networking and Applications, 9(1), 223–244.

    Article  Google Scholar 

  28. Das, A. K. (2017). A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. International Journal of Communication Systems. https://doi.org/10.1002/dac.2933.

    Article  Google Scholar 

  29. Das, A. K. (2015). A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks. Wireless Personal Communications, 82(3), 1377–1404.

    Article  Google Scholar 

  30. Wu, F., et al. (2018). An improved and provably secure three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Networking and Applications, 11(1), 1–20.

    Article  Google Scholar 

  31. Amin, R., et al. (2016). Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Computer Networks, 101, 42–62.

    Article  Google Scholar 

  32. Jiang, Q., et al. (2017). Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. IEEE Access, 5, 3376–3392.

    Article  Google Scholar 

  33. Wang, D., & Wang, P. (2016). Two birds with one stone: Two-factor authentication with security beyond conventional bound. IEEE Transactions on Dependable and Secure Computing.

  34. Bond, M., et al. (2014). Chip and Skim: Cloning EMV cards with the pre-play attack. In Security and privacy (SP), 2014 IEEE Symposium on. IEEE.

  35. Wang, D., & Wang, P. (2014). On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions. Computer Networks, 73, 41–57.

    Article  Google Scholar 

  36. Gunson, N., Marshall, D., et al. (2011). User perceptions of security and usability of single-factor and two-factor authentication in automated telephone banking. Computers & Security, 30(4), 208–220.

    Article  Google Scholar 

  37. Madhusudhan, R., & Mittal, R. C. (2012). Dynamic ID-based remote user password authentication schemes using smart cards: A review. Journal of Network and Computer Applications, 35(4), 1235–1248.

    Article  Google Scholar 

  38. Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.

    Article  MathSciNet  Google Scholar 

  39. Dodis, Y., Reyzin, L., & Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In International conference on the theory and applications of cryptographic techniques. Berlin: Springer.

  40. Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Annual international cryptology conference. Berlin: Springer.

  41. Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smartcard security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.

    Article  MathSciNet  Google Scholar 

  42. AVISPA Automated Validation of Internet Security Protocols and Applications. Last Accessed on April 25, 2016. [Online]. http://www.avispa-project.org/.

  43. Von Oheimb, D. (2005). The high-level protocol specification language HLPSL developed in the EU project AVISPA. In Proceedings of APPSEM workshop.

  44. Secure Hash Standard FIPS PUB 180-1, National Institute of Standards and Technology (NIST), U.S. Department of Commerce (1995).

Download references

Acknowledgements

This work was supported in part by Sichuan Provincial Science and Technology Planning Program (Technology Supporting Plan) of China under Project Contracts Nos. 2016GZ0116 and 2016GZ0061, and in part by Guangdong Provincial Science and Technology Planning Program of China under Project Contract No. 2015B090909004. Moreover, the work was supported in part by The Startup Foundation for Introducing Talent of NUIST under Project Contract No. 2243141701031.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Hanguang Luo.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Luo, H., Wen, G. & Su, J. Lightweight three factor scheme for real-time data access in wireless sensor networks. Wireless Netw 26, 955–970 (2020). https://doi.org/10.1007/s11276-018-1841-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11276-018-1841-x

Keywords

Navigation