Skip to main content
SpringerLink
Log in

Notes on “A Temporal-Credential-Based Mutual Authentication and Key Agreement Scheme for Wireless Sensor Networks”

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Xue et al. recently proposed an innovative mutual authentication and key agreement scheme for wireless sensor networks based on temporal credential using smart cards. However, in this paper we demonstrate that their scheme is vulnerable to password guessing attacks, node capture attacks and denial-of-service attacks. Furthermore we show that their scheme has some inconsistencies which make it less secure and more computationally costly than originally presented.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Xue, K., Ma, C., Hong, P., & Ding, R. (2012). A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications, 36(1), 316–323. doi:10.1016/j.jnca.2012.05.010.

    Article  Google Scholar 

  2. Yeh, H.-L., Chen, T.-H., Liu, P.-C., Kim, T.-H., & Wei, H.-W. (2011). A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors, 11(5), 4767–4779.

    Article  Google Scholar 

  3. Das, A. K., Sharma, P., Chatterjee, S., & Sing, J. (2012). A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications, 35(5), 1646–1656. doi:10.1016/j.jnca.2012.03.011.

    Article  Google Scholar 

  4. Khan, M. K., & Alghathbar, K. (2010). Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors, 10(3), 2450–2459.

    Article  Google Scholar 

  5. Das, M. L. (2009). Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications, 8(3), 1086–1090. doi:10.1109/twc.2008.080128.

    Article  Google Scholar 

  6. Chen, T.-H., & Shih, W.-K. (2010). A robust mutual authentication protocol for wireless sensor networks (Vol. 32, Vol. 5). Taejon, COREE, REPUBLIQUE DE: Electronics and Telecommunications Research Institute.

  7. Xiang, T., Wong, K. W., & Liao, X. F. (2008). Cryptanalysis of a password authentication scheme over insecure networks. Journal of Computer and System Sciences, 74(5), 657–661. doi:10.1016/j.jcss.2007.05.001.

    Google Scholar 

  8. He, D., Wu, S., & Chen, J. (2012). Note on ‘Design of improved password authentication and update scheme based on elliptic curve cryptography’. Mathematical and Computer Modelling, 55(3–4), 1661–1664. doi:10.1016/j.mcm.2011.10.079.

    Article  MATH  MathSciNet  Google Scholar 

  9. Knudsen, L., & Robshaw, M. B. (2011). Brute force attacks. In: The block cipher companion. Information Security and Cryptography (pp. 95–108). Springer, Berlin, Heidelberg.

  10. Adams, C. (2011). Dictionary attack. In H. A. van Tilborg & S. Jajodia (Eds.), Encyclopedia of cryptography and security (p. 332). USA: Springer.

    Google Scholar 

  11. Graham, R. (2009). How hackers will crack your password. http://www.darkreading.com/hacked-off/how-hackers-will-crack-your-password/227700892. Accessed 11 Sept 2013

  12. Bonneau, J. (2012). The science of guessing: analyzing an anonymized corpus of 70 million passwords. Paper presented at the 2012 IEEE symposium on security and privacy. San Francisco, CA, USA.

  13. Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.

    Article  MathSciNet  Google Scholar 

  14. Kocher, P. C., Jaffe, J., & Jun, B. (1999). Differential power analysis. Paper presented at the proceedings of the 19th annual international cryptology conference on advances in cryptology.

  15. Newsome, J., Shi, E., Song, D., & Perrig, A. (2004). The sybil attack in sensor networks: analysis and defenses. Paper presented at the proceedings of the 3rd international symposium on information processing in sensor networks, Berkeley, California, USA.

  16. Zhu, W. T., Zhou, J., Deng, R. H., & Bao, F. (2012). Detecting node replication attacks in wireless sensor networks: a survey. Journal of Network and Computer Applications, 35(3), 1022–1034. doi:10.1016/j.jnca.2012.01.002.

    Article  Google Scholar 

  17. Wood, A., & Stankovic, J. A. (2002). Denial of service in sensor networks. Computer, 35(10), 54–62. doi:10.1109/mc.2002.1039518.

    Article  Google Scholar 

  18. Yussoff, Y. M., Hashim, H., Rosli, R., & Baba, M. D. (2012). A review of physical attacks and trusted platforms in wireless sensor networks. Procedia Engineering, 41(0), 580–587. doi:10.1016/j.proeng.2012.07.215.

    Article  Google Scholar 

  19. Nanda, R., & Krishna, P. V. (2011). Mitigating denial of service attacks in hierarchical wireless sensor networks. Network Security, 2011(10), 14–18. doi:10.1016/S1353-4858(11)70107-6.

    Article  Google Scholar 

  20. Zhang, Y.-Y., Li, X.-Z., & Liu, Y.-A. (2012). The detection and defence of DoS attack for wireless sensor network. The Journal of China Universities of Posts and Telecommunications, 19(Suppl 2), 52–56. doi:10.1016/S1005-8885(11)60444-5.

    Google Scholar 

  21. Raymond, D. R., & Midkiff, S. F. (2008). Denial-of-service in wireless sensor networks: attacks and defenses. IEEE Pervasive Computing, 7(1), 74–81. doi:10.1109/mprv.2008.6.

    Article  Google Scholar 

Download references

Acknowledgments

The authors are grateful to all referees for important and helpful remarks, advice and suggestions concerning the content of the paper.

Author information

Authors and Affiliations

  1. Faculty of Electrical Engineering and Computer Science, University of Maribor, Maribor, Slovenia

    Muhamed Turkanović & Marko Hölbl

Authors
  1. Muhamed Turkanović
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marko Hölbl
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Muhamed Turkanović.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Turkanović, M., Hölbl, M. Notes on “A Temporal-Credential-Based Mutual Authentication and Key Agreement Scheme for Wireless Sensor Networks”. Wireless Pers Commun 77, 907–922 (2014). https://doi.org/10.1007/s11277-013-1543-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-013-1543-8

Keywords

Search

Navigation