A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor

International Journal of Communication Systems

Volumn 30, Issue 1, 2017, Pages

  Das, Ashok Kumar ^a  

^a INTERNATIONAL INSTITUTE OF INFORMATION TECHNOLOGY   (India)

Author keywords

AVISPA; biometrics; cryptanalysis; security; smart cards; user authentication; wireless sensor networks

Indexed keywords

AUTHENTICATION; BIOMETRICS; COPYRIGHTS; CRYPTOGRAPHY; SMART CARDS; WIRELESS SENSOR NETWORKS;

AVISPA; CRYPTANALYSIS; MAN IN THE MIDDLE ATTACKS; SECURITY; SECURITY REQUIREMENTS; USER AUTHENTICATION; USER AUTHENTICATION SCHEME; WIRELESS SENSOR NETWORK (WSNS);

NETWORK SECURITY;

EID: 84921852751     PISSN: 10745351     EISSN: 10991131     Source Type: Journal    
DOI: 10.1002/dac.2933     Document Type: Article

References (55)

1. Liu G, Xu B, Chen H. An indicator kriging method for distributed estimation in wireless sensor networks. International Journal of Communication Systems 2014; 27(1):68–80.
2. Xue L, Guan X, Liu Z, Yang B. TREE: routing strategy with guarantee of QOS for industrial wireless sensor networks. International Journal of Communication Systems 2014; 27(3):459–481.
3. Gao D, Zhu W, Xu X, Chao HC. A hybrid localization and tracking system in camera sensor networks. International Journal of Communication Systems 2014; 27(4):606–622.
4. Cheng ZY, Liu Y, Chang CC, Guo C. A fault-tolerant group key agreement protocol exploiting dynamic setting. International Journal of Communication Systems 2013; 26(2):259–275.
5. Shi L, Zhang B, Mouftah HT, Ma J. DDRP: an efficient data-driven routing protocol for wireless sensor networks with mobile sinks. International Journal of Communication Systems 2013; 26(10):1341–1355.
6. Liu CX, Liu Y, Zhang ZJ, Cheng ZY. High energy-efficient and privacy-preserving secure data aggregation for wireless sensor networks. International Journal of Communication Systems 2013; 26(3):380–394.
7. Chen H, Deng D, Cheng R, Chilamkurti N, Yu Q. Recent issues in wireless sensor networks. International Journal of Communication Systems 2013; 26(9):1089–1091.
8. Zhang J, Shen X, Zeng H, Dai G, Bo C, Chen F, Lv C. Energy-efficient and localized lossy data aggregation in asynchronous sensor networks. International Journal of Communication Systems 2013; 26(8):989–1010.
9. Wang Y, Shi P, Li K, Chen Z. An energy efficient medium access control protocol for target tracking based on dynamic convey tree collaboration in wireless sensor networks. International Journal of Communication Systems 2012; 25(9):1139–1159.
10. Akyildiz IF, Su W, Sankarasubramaniam Y, Cayirci E. Wireless sensor networks: a Survey. Computer Networks 2002; 38(4):393–422.
11. Chatterjee S, Das AK, Sing JK. Analysis formal security verification of access control schemes in wireless sensor networks: a critical survey. Journal of Information Assurance and Security 2013; 8(1):33–57.
12. Chatterjee S, Das AK, Sing JK. A survey on user access control in wireless sensor networks with formal security verification. International Journal of Trust Management in Computing and Communications 2014. In Press.
13. Das AK. A survey on analytic studies of key distribution mechanisms in wireless sensor networks. Journal of Information Assurance and Security 2010; 5(5):526–553.
14. Perrig A, Stankovic J, Wagner D. Security in wireless sensor networks. Communications of the ACM 2004; 47(6):53–57.
15. Ameen MA, Liu J, Kwak K. Security and privacy issues in wireless sensor networks for healthcare applications. Journal of Medical Systems 2012; 36(1):93–101.
16. Das AK, Sharma P, Chatterjee S, Sing JK. A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications 2012; 35(5):1646–1656.
17. Chen TH, Shih WK. A robust mutual authentication protocol for wireless sensor networks. ETRI Journal 2010; 32(5):704–712.
18. Fan R, Ping LD, Fu JQ, Pan XZ. A secure and efficient user authentication protocol for two-tieres wireless sensor networks. Second Pacific-Asia Conference on Circuits, Communications and System (PACCS 2010), Beijing, China, 2010; 425–428.
19. He D, Gao Y, Chan S, Chen C, Bu J. An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc & Sensor Wireless Networks 2010; 10(4):361–371.
20. Khan MK, Alghathbar K. Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks. Sensors 2010; 10:2450–2459.
21. Lee CC, Li CT, Chen SD. Two attacks on a two-factor user authentication in wireless sensor networks. Parallel Processing Letters 2011; 21(1):21–26.
22. Vaidya B, Makrakis D, Mouftah HT. Improved two-factor user authentication in wireless sensor networks. Second International Workshop on Network Assurance and Security Services in Ubiquitous Environments, Niagara Falls, ON, Canada, 2010; 600–606.
23. Wong K, Zheng Y, Cao J, Wang S. A dynamic user authentication scheme for wireless sensor networks. Proceedings of IEEE International Conference on Sensor Networks, Ubiquitous, Trustworthy Computing, 1, Taichung, Taiwan, 2006; 244–251.
24. Das AK, Chatterjee S, Sing JK. Formal security verification of a dynamic password-based user authentication scheme for hierarchical wireless sensor networks. International Symposium on Security in Computing and Communications (SSCC 2013), Communications in Computer and Information Science Series (CCIS), Vol. 377, Mysore, India, 2013; 243–254.
25. Wang D, Wang P. Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Networks 2014; 20: 1–15. In Press. Available from: http://dx.doi.org/10.1016/j.adhoc.2014.03.003 [Accessed on April 2014]
26. Yuan J, Jiang C, Jiang Z. A biometric-based user authentication for wireless sensor networks. Wuhan University Journal of Natural Sciences 2010; 15(3):272–276.
27. Das ML. Two-factor user authentication in wireless sensor networks. IEEE Transactions on Wireless Communications 2009; 8(3):1086–1090.
28. Das AK, Chatterjee S, Sing JK. A new biometric-based remote user authentication scheme in hierarchical wireless body area sensor networks. Ad Hoc & Sensor Wireless Networks 2014. In Press.
29. Althobaiti O, Al-Rodhaan M, Al-Dhelaan A. An efficient biometric authentication protocol for wireless sensor networks. International Journal of Distributed Sensor Networks 2013; 2013:1–13. Article ID 407971, Available from: http://dx.doi.org/10.1155/2013/407971 [Accessed on April 2013].
30. Das AK. Cryptanalysis of an efficient biometric authentication protocol for wireless sensor networks. In Security in Computing and Communications, Communications in Computer and Information Science, Vol. 467, Mauri J, Thampi S, Rawat D, Jin D (eds). Springer: Berlin, Heidelberg, 2014; 1–9. Available from: http://dx.doi.org/10.1007/978-3-662-44966-0_{1} [Accessed on September 2014].
31. Das AK, Bruhadeshwar B. A biometric-based user authentication scheme for heterogeneous wireless sensor networks. 27th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2013, Barcelona, Spain, 2013; 291–296.
32. Das AK. A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Networking and Applications 2014; 1–22. Available from: http://dx.doi.org/10.1007/s12083-014-0324-9 [Accessed on August 2013].
33. He D, Kumar N, Chilamkurti N. A secure temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. International Symposium on Wireless and Pervasive Computing (ISWPC 2013), Taipei, Taiwan, 2013; 1–6.
34. Das AK, Goswami A. A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Journal of Medical Systems 2013; 37(3):1–16.
35. Sarkar P. A simple and generic construction of authenticated encryption with associated data. ACM Transactions on Information and System Security 2010; 13(4):33.
36. Stinson DR. Some observations on the theory of cryptographic hash functions. Designs, Codes and Cryptography 2006; 38(2):259–277.
37. Odelu V, Das AK, Goswami A. A secure effective key management scheme for dynamic access control in a large leaf class hierarchy. Information Sciences 2014; 269(C):270–285.
38. Wu S, Chen K. An efficient key-management scheme for hierarchical access control in e-medicine system. Journal of Medical Systems 2012; 36(4):2325–2337.
39. Burnett A, Byrne F, Dowling T, Duffy A. A biometric identity based signature scheme. International Journal of Network Security 2007; 5(3):317–326.
40. Dodis Y, Reyzin L, Smith A. Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. Proceedings of the Advances in Cryptology (Eurocrypt'04), LNCS, Vol. 3027, Interlaken, Switzerland, 2004; 523–540.
41. He D, Kumar N, Lee JH, Sherratt RS. Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Transactions on Consumer Electronics 2014; 60(1):30–37.
42. Standard SH. FIPS PUB 180-1,National Institute of Standards and Technology (NIST), U.S. Department of Commerce, 1995.
43. Kocher P, Jaffe J, Jun B. Differential power analysis. Proceedings of Advances in Cryptology - CRYPTO'99, LNCS, Vol. 1666, Santa Barbara, California, USA, 1999; 388–397.
44. Messerges TS, Dabbish EA, Sloan RH. Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers 2002; 51(5):541–552.
45. Dolev D, Yao A. On the security of public key protocols. IEEE Transactions on Information Theory 1983; 29(2):198–208.
46. Chuang YH, Tseng YM. An efficient dynamic group key agreement protocol for imbalanced wireless networks. International Journal of Network Management 2010; 20(4):167–180.
47. Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuellar J, Drielsma PH, Heám PC, Kouchnarenko O, Mantovani J, Mödersheim S, von Oheimb D, Rusinowitch M, Santiago J, Turuani M, Viganò L, Vigneron L. The avispa tool for the automated validation of internet security protocols and applications. In 17th International Conference on Computer Aided Verification (CAV'05), vol. 3576, Lecture Notes in Computer Science. Springer-Verlag: Edinburgh, Scotland, UK, 2005; 281–285.
48. Automated validation of internet security protocols and applications. Available from: http://www.avispa-project.org/ [Accessed on January 2014].
49. von Oheimb D. The high-level protocol specification language HLPSL developed in the EU project avispa. Proceedings of APPSEM 2005 Workshop, Tallinn, 2005; 1–17.
50. Basin D, Modersheim S, Vigano L. OFMC: a symbolic model checker for security protocols. International Journal of Information Security 2005; 4(3):181–208.
51. AVISPA Web Tool. Available from: http://www.avispa-project.org/web-interface/expert.php/ [Accessed on July 2014].
52. Yoo SG, Park KY, Kim J. A security-performance-balanced user authentication scheme for wireless sensor networks. International Journal of Distributed Sensor Networks 2012; 2012:11. Article ID 382810, DOI: 10.1155/2012/382810.
53. Sun DZ, Li JX, Feng ZY, Cao ZF, Xu GQ. On the security and improvement of a two-factor user authentication scheme in wireless sensor networks. Personal and Ubiquitous Computing 2013; 17(5):895–905.
54. Xue K, Ma C, Hong P, Ding R. A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network and Computer Applications 2013; 36(1):316–323.
55. Jiang Q, Ma J, Lu X, Tian Y. An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking and Applications 2014; 1–12. DOI: 10.1007/s12083-014-0285-z.