Advertisement

Cluster Computing

, Volume 22, Supplement 3, pp 7389–7399 | Cite as

A security-enhanced mutual authentication scheme with privacy protected in wireless sensor networks

  • Haitao Yu
  • Liejun WangEmail author
Article

Abstract

In recent years, the debate on user privacy is becoming increasingly fierce. As wireless sensor networks (e.g.: electronic medical system and smart home systems) increasingly penetrate people’s lives, it is imperative to design an identity authentication scheme with user privacy protection for wireless sensor networks. At present, many researchers have given their user authentication schemes by using different methods for user privacy protection. Two factor authentication scheme is now considered a relatively high safety performance. In this paper, we analyze the two factor authentication scheme proposed by Nam et al., and find that the scheme still has defects. The most fatal problem is that the scheme does not provide sufficient protection for privacy in wireless sensor networks. Based on the work of Nam, we are a complement to the defects of the existing scheme. A random number is inserted into the user registration phase to change the identity of the user into a disguised identity and assign ECC key pairs to each sensor node, thus enhancing the security of the node authentication data. In formal analysis, we use BAN logic as our analysis tool to prove that our scheme achieves mutual authentication. Furthermore, we also give informal analysis for almost known attacks, the result shows that our proposed scheme could provide better security features. Finally, we implemented our authentication scheme on the RF chip CC2538, and measured the related execution time parameters. In order to obtain more security features, the proposed scheme is slightly higher than other schemes in terms of time complexity.

Keywords

Privacy protected Mutual authentication Wireless sensor network Elliptic curve cryptography 

Notes

Acknowledgements

This work is supported by Chinese National Natural Science Foundation (Program No. 61471311), Cernet Network Next Generation Internet Technology Innovation Project (No. NGII20160326) and The Xinjiang Uygur Autonomous Region science and Technology Department Project (No. 2015211c259).

References

  1. 1.
    Arshad, H., et al.: On the security of a two-factor authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. (2015).  https://doi.org/10.1007/s10916-015-0259-6
  2. 2.
    Jiang, Q., et al.: An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Netw. Appl. 8(6), 1070–1081 (2015)CrossRefGoogle Scholar
  3. 3.
    Hu, J., Lu, J.: Anonymity authentication scheme based on smart card in wireless network. Comput. Eng. 38(1), 122–124 (2012)Google Scholar
  4. 4.
    Aslam, M.U., et al.: A survey of authentication schemes in telecare medicine information systems. J. Med. Syst. 41(1), 26 (2017)CrossRefGoogle Scholar
  5. 5.
    Li, X., et al.: Secure and efficient two-factor user authentication scheme with user anonymity for network based E-health care applications. J. Med. Syst. 40(12), 12 (2016)CrossRefGoogle Scholar
  6. 6.
    Das, M.L., Saxena, A., Gulati, V.P.: A dynamic ID-based remote user authentication scheme. IEEE Trans. Consum. Electron. 50(2), 629–631 (2007)CrossRefGoogle Scholar
  7. 7.
    Wang, Y.Y., et al.: A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 32(4), 583–585 (2009)CrossRefGoogle Scholar
  8. 8.
    Khan, M.K., Kim, S.K., Alghathbar, K.: Cryptanalysis and security enhancement of a ’more efficient & secure dynamic ID-based remote user authentication scheme’. Comput. Commun. 34(3), 305–309 (2011)CrossRefGoogle Scholar
  9. 9.
    Chen, H.M., Lo, J.W., Yeh, C.K.: An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6), 3907–15 (2012)CrossRefGoogle Scholar
  10. 10.
    Jiang, Q., et al.: A privacy enhanced authentication scheme for telecare medical information systems. J. Med. Syst. 37(1), 9897 (2013)CrossRefGoogle Scholar
  11. 11.
    Wu, Z.Y., et al.: A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3), 1529–1535 (2012)CrossRefGoogle Scholar
  12. 12.
    Chaudhry, S.A., et al.: Cryptanalysis and improvement of an improved two factor authentication protocol for telecare medical information systems. J. Med. Syst. 39(6), 11 (2015)CrossRefGoogle Scholar
  13. 13.
    Debiao, H., Jianhua, C., Rui, Z.: A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3), 1989–1995 (2012)CrossRefGoogle Scholar
  14. 14.
    Shen, H., et al.: A security-enhanced authentication with key agreement scheme for wireless mobile communications using elliptic curve cryptosystem. J. Supercomput. 72(9), 3588–3600 (2016)CrossRefGoogle Scholar
  15. 15.
    Nam, J., et al.: Efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation. PLoS ONE 10(4), 21 (2015)CrossRefGoogle Scholar
  16. 16.
    Liu, X., Zhang, R.S., Liu, Q.D.: A temporal credential-based mutual authentication with multiple-password scheme for wireless sensor networks. PLoS ONE 12(1), 26 (2017)MathSciNetGoogle Scholar
  17. 17.
    Reddy, A.G., et al.: A secure anonymous authentication protocol for mobile services on elliptic curve cryptography. IEEE Access 4, 4394–4407 (2016)CrossRefGoogle Scholar
  18. 18.
    Xue, K.P., Hong, P.L., Ma, C.S.: A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J. Comput. Syst. Sci. 80(1), 195–206 (2014)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Lu, Y.R., et al.: An anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography. Multimed. Tools Appl. 76(2), 1801–1815 (2017)CrossRefGoogle Scholar
  20. 20.
    Choi, Y., et al.: Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6), 10081 (2014)CrossRefGoogle Scholar
  21. 21.
    Jiang, Q., et al.: An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks. J. Netw. Comput. Appl. 76, 37–48 (2016)CrossRefGoogle Scholar
  22. 22.
    Choi, Y., et al.: Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 14(6), 10081–10106 (2014)CrossRefGoogle Scholar
  23. 23.
    Yeh, H.-L., et al.: A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5), 4767–4779 (2011)CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2017

Authors and Affiliations

  1. 1.School of Information Science and EngineeringXinjiang UniversityUrumchiChina
  2. 2.School of Software EngineeringXinjiang UniversityUrumchiChina

Personalised recommendations