ECC-based User Authentication Scheme for Wireless Sensor Networks
Abstract
In 2016, Akansha S. et al. proposed an upgraded user authentication protocol. According to the implemented cryptanalysis on their scheme, some vulnerabilities have been found in registration and authentication part. In registra-tion part, the gateway uses generated value as secrecy and sends it to sensor node, which doesn’t have infor-mation about received secret value and cannot verify its identity. In authentication part, user is unable to check legiti-macy of received session key generated by sensor node. Mainly, the protocol has been implemented using only one way hash function, XOR and concatenation operations, which is not adequate to provide authentication and confidentiality. In this paper, we suggest ECC-based user authentication scheme for WSNs, which eliminates the drawbacks of the previous scheme. The protocol decreases the high cost public-key operations of the sensor node and substitutes them with symmetric-key based operations.
Keywords
Download Options
Introduction
Nowadays, the Wireless Sensor Networks becomes a rich sphere of active research containing programming models, distributed algorithms, routing protocols, signal processing, system design, data management and security. For most of the WSN’s applications, security is a major concern. Therefore, the resource constraint and computational limitations compels security solutions in WSNs to be differ from standard networks [1]. Sensor nodes are limited in terms of con-suming power, energy levels and memory size. Thus, comparing with wired sensors, the nodes in WSNs have a vulnera-bility to various passive and active attacks. It makes security to be an essential factor for WSNs, where data integrity is the most important requirement. Authentication has three major classes based on the primary cryptographic methods such as asymmetric cryptography, symmetric cryptography and hybrid methods [2]. Initially, it was estimated that WSNs would compose only of equal sensor nodes. But nowadays we are discussing heterogeneous WSNs since sensor networks can be constructed with different kind of nodes, some of them equipped with better computational power comparing with others (e.g. gateway nodes) [3]. The main security requirements for WSNs are authentication, confidentiality, integrity, authorization, non-repudiation, availability and freshness. User identification can be performed using three factors such as physical attributes (for instance fingerprint, retinal pattern etc.), documents and credentials (like smart card, id card etc.), personal information or password [4].
In our work, we clearly show that Akansha S. et al.’s [5] user authentication scheme has some drawbacks, which does not provide resistance against some attacks and is not enough secure. Also, we demonstrate that their scheme can be made much efficient by using ECC and removing some unnecessary steps. To eliminate the weaknesses and improve previous work, we suggest ECC-based user authentication scheme for wireless sensor networks which is more secure as compared to previous work.
The remainder of this paper is arranged as follows. Section 2 describes related works. Section 3 contains a brief review of Akansha et al.’s scheme. The weaknesses of Akansha et al.’s scheme are described in Section 4. In Section 5, some preliminaries and network model are reviewed. Section 6 represents our key agreement protocol. The security of the proposed protocol is discussed in Section 7. We provide our research conclusions in Section 8.
Conclusion
In this paper, Akansha S. et al.’s protocol has been reviewed and analysed. Based on the cryptanalysis of their scheme, have been found some drawbacks. In registration part, the gateway generates new secret value, which is not known to sensor node. Hence, sensor node is unable to check identity of received secret value. Also, there is possibility of smart card breach attack, because the adversary only needs to guess user’s password to obtain values from the smart card. In authentication part, sensor node computes session key value and sends to user. It leads to the sensor impersonation attack since user doesn’t know value of session key and cannot authenticate sensor node. The general vulnerability of Akansha S. et al.’s scheme is that they only used a hash function, XOR and concatenation. As mentioned above, these operations cannot provide enough security. Comparing to the Akansha S. et al.’s scheme, we have designed a protocol based on the IEEE 802.15.4 standard of network model using ECC. In our scheme, the signature algorithm ECDSA and the Message Authentication Code (MAC) have been implemented, which provides a mutual authentication. Also, in registration part, the scheme provides secure key agreement resistant to the smart card breach attack.