Skip to main content
SpringerLink
Log in

Provably secure biometric based authentication and key agreement protocol for wireless sensor networks

  • Original Research
  • Published:
Journal of Ambient Intelligence and Humanized Computing Aims and scope Submit manuscript

Abstract

Wireless sensor networks (WSNs) comprise of distributed sensors. The collected information available at the sensor is provided to the users who are permitted to get access. The information is transmitted in internet of things (IOT) environment, which can be eavesdrop. Thus, it is essential to ensure that only authorized shareholders can access the transmitted information. Authentication and key agreement protocols are developed to ensure confidentiality and security in IOT. We design a biometric based authentication and key agreement protocol for WSNs. To analyze the security of the proposed protocol, we use formal security proof, which shows that an attacker has a negligible probability of breaking the protocol security. We also use the BAN logic technique to show the correctness of mutual authentication. Additionally, we adopt an informal analysis to discuss the resistance of proposed scheme against various possible attacks on authentication protocols. Additionally, through the comparison of computational efficiency and security attributes with recent results, proposed protocol seems to be more appropriate for WSNs.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  • Abdalla M, Izabachène M, Pointcheval D (2008) Anonymous and transparent gateway-based password-authenticated key exchange. In: Franklin MK, Hui LCK, Wong DS (eds) Cryptology and Network Security. CANS 2008. Lecture Notes in Computer Science, vol 5339. Springer, Berlin, Heidelberg

  • Akyildiz IF, Su W, Sankarasubramaniam Y, Cayirci E (2002) Wireless sensor networks: a survey. Comput Netw 38(4):393–422

    Article  Google Scholar 

  • Amin R, Biswas G (2016) A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Netw 36:58–80

    Article  Google Scholar 

  • Amin R, Islam SH, Biswas G, Khan MK, Leng L, Kumar N (2016) Design of anonymity preserving three-factor authenticated key exchange protocol for wireless sensor network. Comput Netw 101:42–62

    Article  Google Scholar 

  • Bresson E, Chevassut O, Pointcheval D (2003) Security proofs for an efficient password-based key exchange. In: Proceedings of the 10th ACM conference on computer and communications security, ACM, pp 241–250

  • Burrows JH (1995) Secure hash standard. FIPS PUB 180-1, National Institute of Standards and Technology (NIST), U.S. Department of Commerce, April 1995. http://csrc.nist.gov/publications/fips/fips180-2/fips180-2. Accessed on July 2015

  • Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8(1):18–36

    Article  MATH  Google Scholar 

  • Chang CC, Le HD (2016) A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans Wirel Commun 15(1):357–366

    Article  MathSciNet  Google Scholar 

  • Choi Y, Lee D, Kim J, Jung J, Nam J, Won D (2014) Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6):10081–10106

    Article  Google Scholar 

  • Choi Y, Lee Y, Won D (2016) Security improvement on biometric based authentication scheme for wireless sensor networks using fuzzy extraction. Int J Distrib Sens Netw 2016:1–16

    Google Scholar 

  • Das AK (2014) A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Netw Appl 1–22. doi:10.1007/ s12083-014-0324-9

  • Das AK, Sharma P, Chatterjee S, Sing JK (2012) A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. J Netw Comput Appl 35(5):1646–1656

    Article  Google Scholar 

  • Das ML (2009) Two-factor user authentication in wireless sensor networks. IEEE Trans Wirel Commun 8(3):1086–1090

    Article  Google Scholar 

  • Dodis Y, Ostrovsky R, Reyzin L, Smith A (2008) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J Comput 38(1):97–139

    Article  MathSciNet  MATH  Google Scholar 

  • Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208

    Article  MathSciNet  MATH  Google Scholar 

  • Eisenbarth T, Kasper T, Moradi A, Paar C, Salmasizadeh M, Shalmani M, Manzuri T (2008) On the power of power analysis in the real world: a complete break of the keeloq code hopping scheme. Advances in cryptology—CRYPTO 2008, vol 5157., Lecture notes in computer scienceSpringer, Berlin, pp 203–220

    Chapter  Google Scholar 

  • Farash MS, Turkanović M, Kumari S, Hölbl M (2016) An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment. Ad Hoc Netw 36:152–176

    Article  Google Scholar 

  • He D, Gao Y, Chan S, Chen C, Bu J (2010) An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc Sens Wirel Netw 10(4):361–371

    Google Scholar 

  • Huang HF, Chang YF, Liu CH (2010) Enhancement of two-factor user authentication in wireless sensor networks. In: 2010 Sixth International Conference on intelligent information hiding and multimedia signal processing (IIH-MSP), IEEE, pp 27–30

  • Huang X, Xiang Y, Chonka A, Zhou J, Deng RH (2011) A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans Parallel Distrib Syst 22(8):1390–1397

    Article  Google Scholar 

  • Jain AK, Ross A, Prabhakar S (2004) An introduction to biometric recognition. IEEE Trans Circuits Syst Video Technol 14(1):4–20

    Article  Google Scholar 

  • Jiang Q, Ma J, Lu X, Tian Y (2015) An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Netw Appl 8(6):1070–1081

    Article  Google Scholar 

  • Jiang Q, Kumar N, Ma J, Shen J, He D, Chilamkurti N (2016) A privacy-aware two-factor authentication protocol based on elliptic curve cryptography for wireless sensor networks. Int J Netw Manag. doi:10.1002/nem.1937

  • Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Proceedings of advances in cryptology—CRYPTO’99, LNCS, vol 1666, pp 388–397

  • Li X, Wang K, Shen J, Kumari S, Wu F, Hu Y (2016) An enhanced biometrics-based user authentication scheme for multi-server environments in critical systems. J Ambient Intell Hum Comput 7(3):427–443

    Article  Google Scholar 

  • Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  MATH  Google Scholar 

  • Mishra D, Mukhopadhyay S (2013) Cryptanalysis of pairing-free identity-based authenticated key agreement protocols. In: International Conference on information systems security. Springer, pp 247–254

  • Mishra D, Das AK, Mukhopadhyay S (2014) A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst Appl 41(18):8129–8143

    Article  Google Scholar 

  • Mishra D, Chaturvedi A, Mukhopadhyay S (2015a) Design of a lightweight two-factor authentication scheme with smart card revocation. J Inf Secur Appl 23:44–53

    Google Scholar 

  • Mishra D, Das AK, Chaturvedi A, Mukhopadhyay S, (2015b) A secure password-based authentication and key agreement scheme using smart cards. J Inf Secur Appl 23:28–43

  • Mrdovic S, Perunicic B (2008) Kerckhoffs’ principle for intrusion detection. In: Telecommunications network strategy and planning symposium, 2008. Networks 2008. The 13th International, IEEE, pp 1–8

  • Nam J, Kim M, Paik J, Lee Y, Won D (2014) A provably-secure ecc-based authentication scheme for wireless sensor networks. Sensors 14(11):21023–21044

    Article  Google Scholar 

  • Nyang D, Lee MK (2009) Improvement of das’s two-factor authentication protocol in wireless sensor networks. IACR Cryptol ePrint Arch 2009:631

    Google Scholar 

  • Shi W, Gong P (2013) A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. Int J Distrib Sens Netw 2013:1–7

    Article  Google Scholar 

  • Stallings W (2006) Cryptography and network security: principles and practices, 4th edn. Pearson Education, India

    Google Scholar 

  • Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Netw 20:96–112

    Article  Google Scholar 

  • Wang D, Wang P (2014) Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Netw 20:1–15

    Article  Google Scholar 

  • Wang D, He D, Wang P, Chu CH (2015) Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans Dependable Secure Comput 12(4):428–442

    Article  Google Scholar 

  • Wong KH, Zheng Y, Cao J, Wang S (2006) A dynamic user authentication scheme for wireless sensor networks. In: IEEE International Conference on sensor networks, ubiquitous, and trustworthy computing, 2006, IEEE, vol 1, p 8

  • Wu F, Xu L, Kumari S, Li X (2017a) A new and secure authentication scheme for wireless sensor networks with formal proof. Peer-to-Peer Netw Appl 10(1):16–30

    Article  Google Scholar 

  • Wu F, Xu L, Kumari S, Li X (2017b) A privacy-preserving and provable user authentication scheme for wireless sensor networks based on internet of things security. J Ambient Intell Hum Comput 8(1):101–116

    Article  Google Scholar 

  • Yeh HL, Chen TH, Liu PC, Kim TH, Wei HW (2011) A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5):4767–4779

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, Indian Institute of Technology, Kharagpur, India

    Jangirala Srinivas & Sourav Mukhopadhyay

  2. Department of Mathematics, LNM Institute of Information Technology, Jaipur, India

    Dheerendra Mishra

  3. Department of Mathematics, Ch. Charan Singh University, Meerut, India

    Saru Kumari

Authors
  1. Jangirala Srinivas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dheerendra Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sourav Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Saru Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dheerendra Mishra.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Srinivas, J., Mishra, D., Mukhopadhyay, S. et al. Provably secure biometric based authentication and key agreement protocol for wireless sensor networks. J Ambient Intell Human Comput 9, 875–895 (2018). https://doi.org/10.1007/s12652-017-0474-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12652-017-0474-8

Keywords

Search

Navigation