research-article

A Novel Authenticated Key Agreement Protocol With Dynamic Credential for WSNs

Authors:
Zheng Yang

Chongqing University of Technology and Singapore University of Technology and Design, Singapore

Chongqing University of Technology and Singapore University of Technology and Design, Singapore
View Profile

,
Junyu Lai

University of Electronic Science and Technology of China, Chengdu, Sichuan, China

University of Electronic Science and Technology of China, Chengdu, Sichuan, China
View Profile

,
Yingbing Sun

University of Electronic Science and Technology of China, Chengdu, Sichuan, China

University of Electronic Science and Technology of China, Chengdu, Sichuan, China
View Profile

,
Jianying Zhou

Singapore University of Technology and Design, Singapore

Singapore University of Technology and Design, Singapore
View Profile

Authors Info & Claims

ACM Transactions on Sensor Networks Volume 15 Issue 2Article No.: 22pp 1–27https://doi.org/10.1145/3303704

Published:21 February 2019Publication History

ACM Transactions on Sensor Networks

Abstract

Public key cryptographic primitive (e.g., the famous Diffie-Hellman key agreement, or public key encryption) has recently been used as a standard building block in authenticated key agreement (AKA) constructions for wireless sensor networks (WSNs) to provide perfect forward secrecy (PFS), where the expensive cryptographic operation (i.e., exponentiation calculation) is involved. However, realizing such complex computation on resource-constrained wireless sensors is inefficient and even impossible on some devices. In this work, we introduce a new AKA scheme with PFS for WSNs without using any public key cryptographic primitive. To achieve PFS, we rely on a new dynamic one-time authentication credential that is regularly updated in each session. In particular, each value of the authentication credential is wisely associated with at most one session key that enables us to fulfill the security goal of PFS. Furthermore, the proposed scheme enables the principals to identify whether they have been impersonated previously. We highlight that our scheme can be very efficiently implemented on sensors since only hash function and XOR operation are required.

References

ns-3. 2017. Network Simulator: ns-3 Tutorial. Available at https://www.nsnam.org/docs/release/3.26/tutorial/ns-3-tutorial.pdf.Google Scholar
Michel Abdalla, Pierre-Alain Fouque, and David Pointcheval. 2005. Password-based authenticated key exchange in the three-party setting. In Proceedings of the 8th International Workshop on Practice and Theory in Public Key Encryption (PKC’05). 65--84. Google ScholarDigital Library
Rifaqat Ali, Arup Kumar Pal, Saru Kumari, Marimuthu Karuppiah, and Mauro Conti. 2018. A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring. Future Generation Computer Systems 84 July 2018, 200--215.Google Scholar
Mihir Bellare, David Pointcheval, and Phillip Rogaway. 2000. Authenticated key exchange secure against dictionary attacks. In Proceedings of the 19th International Conference on Theory and Application of Cryptographic Techniques (EUROCRYPT’00). 139--155. Google ScholarDigital Library
Mihir Bellare and Phillip Rogaway. 1993. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security (CCS’93). ACM, New York, NY, 62--73. Google ScholarDigital Library
Mihir Bellare and Phillip Rogaway. 1995. Provably secure session key distribution: The three party case. In Proceedings of the 27th Annual ACM Symposium on Theory of Computing (STOC’95). ACM, New York, NY, 57--66. Google ScholarDigital Library
Sravani Challa, Mohammad Wazid, Ashok Kumar Das, Neeraj Kumar, Goutham Reddy Alavalapati, Eun-Jun Yoon, et al. 2017. Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5 (2017), 3028--3043.Google ScholarCross Ref
Chih Chun Chang, Shadi Arafa, and Sead Muftic. 2014. Key establishment protocol for wireless sensor networks. In Proceedings of the 2014 IEEE International Conference on Mobile Adhoc and Sensor Systems. IEEE, Los Alamitos, CA, 1--6.Google Scholar
Chin-Chen Chang, Wei-Yuan Hsueh, and Ting-Fang Cheng. 2016. A dynamic user authentication and key agreement scheme for heterogeneous wireless sensor networks. Wireless Personal Communications 89, 2 (2016), 447--465. Google ScholarDigital Library
C. C. Chang and H. D. Le. 2016. A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Transactions on Wireless Communications 15, 1 (Jan, 2016), 357--366.Google ScholarDigital Library
Kahina Chelli. 2014. Hardware key exchange protocol in wireless sensor networks. In Proceedings of the 2014 World Congress on Engineering. IEEE, Los Alamitos, CA, 1--5.Google Scholar
Tien Ho Chen and Wei Kuan Shih. 2010. A robust mutual authentication protocol for wireless sensor networks. Etri Journal 32, 5 (2010), 704--712.Google ScholarCross Ref
Ashok Kumar Das, Saru Kumari, Vanga Odelu, Xiong Li, Fan Wu, and Xinyi Huang. 2016. Provably secure user authentication and key agreement scheme for wireless sensor networks. Security and Communication Networks 9, 16 (2016), 3670--3687. Google ScholarDigital Library
Ashok Kumar Das, Pranay Sharma, Santanu Chatterjee, and Jamuna Kanta Sing. 2012. A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications 35, 5 (2012), 1646--1656. Google ScholarDigital Library
Manik Lal Das. 2009. Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications 8, 3 (2009), 1086--1090. Google ScholarDigital Library
J. Liu, J. Baek, J. Zhou, Y. Yang, and J. W. Wong. 2010. Efficient online/offline identity-based signature for wireless sensor network. International Journal of Information Security 9, 4 (2010), 287--296. Google ScholarDigital Library
Whitfield Diffie and Martin E. Hellman. 1976. New directions in cryptography. IEEE Transactions on Information Theory 22, 6 (1976), 644--654. Google ScholarDigital Library
Whitfield Diffie, Paul C. van Oorschot, and Michael J. Wiener. 1992. Authentication and authenticated key exchanges. Design, Codes Cryptography 2, 2 (1992), 107--125. Google ScholarDigital Library
Daojing He, Yi Gao, Sammy Chan, Chun Chen, and Jiajun Bu. 2010. An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc and Sensor Wireless Networks 10, 4 (2010), 361--371.Google Scholar
J. Jeong, M. Y. Chung, and H. Choo. 2008. Integrated OTP-based user authentication scheme using smart cards in home networks. In Proceedings of the 2008 Hawaii International Conference on System Sciences. IEEE, Los Alamitos, CA, 294--294. Google ScholarDigital Library
Qi Jiang, Sherali Zeadally, Jianfeng Ma, and Debiao He. 2017. Lightweight three-factor authentication and key agreement protocol for Internet-integrated wireless sensor networks. IEEE Access 5 (2017), 3376--3392.Google ScholarCross Ref
Jaewook Jung, Jiye Kim, Younsung Choi, and Dongho Won. 2016. An anonymous user authentication and key agreement scheme based on a symmetric cryptosystem in wireless sensor networks. Sensors 16, 8 (2016), 1299.Google ScholarCross Ref
M. K. Khan and K. Alghathbar. 2010. Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors 10, 3 (2010), 2450--2459.Google ScholarCross Ref
Hyun Jung Kim and Hyun Sung Kim. 2011. AUTH<sub;>HOTP</sub;>—HOTP based authentication scheme over home network environment. In Computational Science and Its Applications—ICCSA 2011. Lecture Notes in Computer Science, Vol. 6784. 622--637. Google ScholarDigital Library
Hugo Krawczyk. 2005. HMQV: A high-performance secure Diffie-Hellman protocol. In Proceedings of the 25th Annual International Conference on Advances in Cryptology (CRYPTO’05). 546--566. Google ScholarDigital Library
Brian A. LaMacchia, Kristin Lauter, and Anton Mityagin. 2007. Stronger security of authenticated key exchange. In Proceedings of the 1st International Conference on Provable Security (ProvSec’07). 1--16. Google ScholarDigital Library
Cheng-Chi Lee, Rui-Xiang Chang, and Hsien-Ju Ko. 2010. Improving two novel three-party encrypted key exchange protocols with perfect forward secrecy. International Journal of Foundations of Computer Science 21, 6 (2010), 979--991.Google ScholarCross Ref
Cheng-Chi Lee, Chun-Ta Li, and Shun-Der Chen. 2011. Two attacks on a two-factor user authentication in wireless sensor networks. Parallel Processing Letters 21, 1 (2011), 21--26.Google ScholarCross Ref
Chun-Ta Li, Chi-Yao Weng, Cheng-Chi Lee, and Chun-Cheng Wang. 2015. A hash based remote user authentication and authenticated key agreement scheme for the integrated EPR information system. Journal of Medical Systems 39, 11 (2015), 144:1--144:11. Google ScholarDigital Library
Chun-Ta Li, Cheng-Chi Lee, Lian-Jun Wang, and Chen-Ju Liu. 2011. A secure billing service with two-factor user authentication in wireless sensor networks. International Journal of Innovative Computing, Information and Control 7, 8 (2011), 4821--4831.Google Scholar
Y. Li. 2013. Design of a key establishment protocol for smart home energy management system. In Proceedings of the 2013 International Conference on Computational Intelligence, Communication Systems, and Networks. IEEE, Los Alamitos, CA, 88--93. Google ScholarDigital Library
D. Nali and Paul C. van Oorschot. 2008. CROO: A universal infrastructure and protocol to detect identity fraud. In Computer Security—ESORICS 2008. Lecture Notes in Computer Science, Vol. 5283. Springer, 130--145. Google ScholarDigital Library
F. K. Santoso and N. C. H. Vun. 2015. Securing IoT for smart home system. In Proceedings of the 2015 International Symposium on Consumer Electronics. IEEE, Los Alamitos, CA, 1--2.Google ScholarCross Ref
Wenbo Shi and Peng Gong. 2013. A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. International Journal of Distributed Sensor Networks 9, 730831 (2013), 51--59.Google ScholarCross Ref
Victor Shoup. 2004. Sequences of Games: A Tool for Taming Complexity in Security Proofs. Cryptology ePrint Archive, Report 2004/332. Available at http://eprint.iacr.org/.Google Scholar
Kazem Sohraby, Daniel Minoli, and Taieb Znati. 2007. Wireless Sensor Networks: Technology, Protocols, and Applications. John Wiley 8 Sons. Google ScholarDigital Library
Huei Ru Tseng, Rong Hong Jan, and Wuu Yang. 2007. An improved dynamic user authentication scheme for wireless sensor networks. In Proceedings of the IEEE Global Telecommunications Conference (GLOBECOM’07). IEEE, Los Alamitos, CA, 986--990.Google ScholarCross Ref
Muhamed Turkanovi, Botjan Brumen, and Marko Hlbl. 2014. A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Networks 20, 2 (2014), 96--112.Google ScholarCross Ref
M. Turkanovic and M. Holbl. 2013. An improved dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Elektronika Ir Elektrotechnika 19, 6 (2013), 109--116.Google ScholarCross Ref
Binod Vaidya, Dimitrios Makrakis, and Hussein T. Mouftah. 2010. Improved two-factor user authentication in wireless sensor networks. Proceedings of the Conference on Wireless and Mobile Computing Networking and Communications. IEEE, Los Alamitos, CA, 600--606.Google Scholar
B. Vaidya, D. Makrakis, and H. T. Mouftah. 2011. Device authentication mechanism for smart energy home area networks. In Proceedings of the 2011 IEEE International Conference on Consumer Electronics. IEEE, Los Alamitos, CA, 787--788.Google Scholar
Binod Vaidya, Jong Hyuk Park, Sang-Soo Yeo, and Joel J. P. C. Rodrigues. 2011. Robust one-time password authentication scheme using smart card for home network environment. Computer Communications 34, 3 (2011), 326--336. Google ScholarDigital Library
Haodong Wang and Qun Li. 2006. Efficient implementation of public key cryptosystems on mote sensors (short paper). In Information and Communications Security. Lecture Notes in Computer Science, Vol. 4307. Springer, 519--528. Google ScholarDigital Library
K. H. M. Wong, Y. Zheng, J. Cao, and S. Wang. 2006. A dynamic user authentication scheme for wireless sensor networks. In Proceedings of the 2006 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing. IEEE, Los Alamitos, CA, 244--251. Google ScholarDigital Library
Kaiping Xue, Changsha Ma, Peilin Hong, and Rong Ding. 2013. A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications 36, 1 (2013), 316--323. Google ScholarDigital Library
Zheng Yang and Fei Guo. 2014. Authenticated key exchange with synchronized state. Security and Communication Networks 7, 12 (2014), 2373--2388.Google ScholarCross Ref
Zheng Yang, Junyu Lai, Chao Liu, Wanping Liu, and Shuangqing Li. 2017. Simpler generic constructions for strongly secure one-round key exchange from weaker assumptions. Computer Journal 60, 8 (2017), 1145--1160.Google Scholar
Zheng Yang, Junyu Lai, Wanping Liu, Chao Liu, and Song Luo. 2017. SignORKE: Improving pairing-based one-round key exchange without random oracles. IET Information Security 11, 5 (2017), 243--249.Google ScholarCross Ref
Zheng Yang, Chao Liu, Wanping Liu, Song Luo, Hua Long, and Shuangqing Li. 2016. A lightweight generic compiler for authenticated key exchange from non-interactive key exchange with auxiliary input. International Journal of Network Security 18, 6 (2016), 1109--1121.Google Scholar
Zheng Yang, Wu Yang, Lingyun Zhu, and Daigu Zhang. 2015. Towards modelling perfect forward secrecy in two-message authenticated key exchange under ephemeral-key revelation. Security and Communication Networks 8, 18 (2015), 3356--3371. Google ScholarDigital Library
H. L. Yeh, T. H. Chen, P. C. Liu, T. H. Kim, and H. W. Wei. 2011. A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11, 5 (2011), 4767--4779.Google ScholarCross Ref
Y. Choi, D. Lee, J. Kim, J. Jung, J. Nam, and D. Won. 2014. Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14, 6 (2014), 10081--10106.Google ScholarCross Ref

Index Terms

A Novel Authenticated Key Agreement Protocol With Dynamic Credential for WSNs
1. Networks
  1. Network types
    1. Cyber-physical networks
      1. Sensor networks
2. Security and privacy
  1. Cryptography
    1. Key management
  2. Network security
    1. Mobile and wireless security
    2. Security protocols

Recommendations

New identity-based three-party authenticated key agreement protocol with provable security

Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In the recent years, several identity-based (ID-based) authenticated key agreement protocols ...
Read More
Efficient three-party authenticated key agreement protocol in certificateless cryptography

Key agreement protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities and which cannot be predetermined by any party. Key agreement can be ...
Read More
An Untraceable Biometric-Based Multi-server Authenticated Key Agreement Protocol with Revocation

Online access has been widely adopted to distribute diversified services to customers. In this architecture, public channels are utilized to exchange information between end users and remote servers at anytime and anywhere. To achieve confidentiality and ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Sensor Networks Volume 15, Issue 2
May 2019
339 pages
ISSN:1550-4859
EISSN:1550-4867
DOI:10.1145/3311822
Editor:
Yunhao Liu
Tsinghua University, China
Issue’s Table of Contents
Copyright © 2019 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States

Journal Family
ACM Journals for the Design of Smart and Connected Systems
Publication History
- Published: 21 February 2019
- Accepted: 1 January 2019
- Revised: 1 November 2018
- Received: 1 December 2017
Published in tosn Volume 15, Issue 2

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Wireless sensor networks
authentication
dynamic credential
forward secrecy
key agreement
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 21
  Total Citations
  View Citations
- 408
  Total Downloads
- Downloads (Last 12 months)22
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

A Novel Authenticated Key Agreement Protocol With Dynamic Credential for WSNs

ACM Transactions on Sensor Networks

Abstract

References

Cited By

Index Terms

Recommendations

New identity-based three-party authenticated key agreement protocol with provable security

Efficient three-party authenticated key agreement protocol in certificateless cryptography

An Untraceable Biometric-Based Multi-server Authenticated Key Agreement Protocol with Revocation