An efficient and novel three-factor user authentication scheme for large-scale heterogeneous wireless sensor networks

International Journal of Communication Networks and Distributed Systems

Volumn 15, Issue 1, 2015, Pages 22-60

  Das, Ashok Kumar ^a  

^a INTERNATIONAL INSTITUTE OF INFORMATION TECHNOLOGY   (India)

Author keywords

Biometrics; Hash function; Passwords; Smart cards; User authentication; Wireless security; Wireless sensor networks; WSNs

Indexed keywords

AUTHENTICATION; BIOMETRICS; HASH FUNCTIONS; SENSOR NODES; SMART CARDS; WIRELESS SENSOR NETWORKS;

HETEROGENEOUS WIRELESS SENSOR NETWORKS; PASSWORD-BASED SCHEMES; PASSWORDS; UNCONDITIONAL SECURITY; USER AUTHENTICATION; USER AUTHENTICATION SCHEME; WIRELESS SECURITY; WSNS;

NETWORK SECURITY;

EID: 84938898177     PISSN: 17543916     EISSN: 17543924     Source Type: Journal    
DOI: 10.1504/IJCNDS.2015.070286     Document Type: Article

References (60)

1. Advanced Encryption Standard (2001) FIPS PUB 197, National Institute of Standards and Technology (NIST), US Department of Commerce, November [online] http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf (accessed November 2010).
2. Akyildiz, I. F., Su, W., Sankarasubramaniam, Y. and Cayirci, E. (2002) 'A survey on sensor networks', IEEE Communications Magazine, August, Vol. 40, No. 8, pp. 102-114.
3. AVISPA, 'Automated validation of internet security protocols and applications' [online] http://www.AVISPA-project.org/(accessed October 2011).
4. AVISPA, 'AVISPA web tool' [online] http://www.AVISPA-project.org/webinterface/expert.php/(accessed April 2014).
5. Basin, D., Modersheim, S. and Vigano, L. (2005) 'OFMC: a symbolic model checker for security protocols', International Journal of Information Security, Vol. 4, No. 3, pp. 181-208.
6. Burnett, A., Byrne, F., Dowling, T. and Duffy, A. (2007) 'A biometric identity based signature scheme', International Journal of Network Security, Vol. 5, No. 3, pp. 317-326.
7. Chan, H., Perrig, A. and Song, D. (2003) 'Random key predistribution schemes for sensor networks', in IEEE Symposium on Security and Privacy, Berkeley, California, pp. 197-213.
8. Chandrasekar, R., Misra, S. and Obaidat, M. S. (2008) 'FORK: a novel two-pronged strategy for an agent-based intrusion detection scheme in ad-hoc networks', Computer Communications, Vol. 31, No. 16, pp. 3855-3869.
9. Chandrasekar, R., Obaidat, M. S., Misra, S. and Pea-Mora, F. (2008) 'A secure data-centric scheme for group-based routing in heterogeneous ad-hoc sensor networks and its simulation analysis', Simulation: Transactions of the Society for Modeling and Simulation International, Vol. 84, Nos. 2-3, pp. 131-146.
10. Chang, Y.-F., Yu, S.-H. and Shiao, D.-R. (2013) 'An uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care', Journal of Medical Systems, Vol. 37, No. 2, pp. 1-9.
11. Chatterjee, S., Das, A. K. and Sing, J. K. (2015) A secure and effective access control scheme for distributed wireless sensor networks', International Journal of Communication Networks and Distributed Systems, Vol. 14, No. 1, pp. 40-73.
12. Chen, T.-H. and Shih, W.-K. (2010) 'A robust mutual authentication protocol for wireless sensor networks', ETRI Journal, October, Vol. 32, No. 5, pp. 704-712.
13. Cheng, Y. and Agrawal, D. P. (2007) 'An improved key distribution mechanism for large-scale hierarchical wireless sensor networks', Ad Hoc Networks, Vol. 5, No. 1, pp. 35-48.
14. Crossbow Technology Inc. (2014) 'Wireless sensor networks' [online] http://www.xbow.com (accessed January).
15. Das, A. K. (2011) 'Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards', IET Information Security, Vol. 5, No. 3, pp. 145-151.
16. Das, A. K. (2014) 'A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks', Peer-to-Peer Networking and Applications, DOI: 10.1007/s12083-014-0324-9, in press.
17. Das, A. K. (2015a) 'A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks', Wireless Personal Communications, DOI: 10.1007/s11277-015-2288-3, in press.
18. Das, A. K. (2015b) 'A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor', International Journal of Communication Systems, DOI: 10.1002/dac.2933, in press.
19. Das, A. K. and Bruhadeshwar, B. (2013) 'A biometric-based user authentication scheme for heterogeneous wireless sensor networks', in 27th IEEE International Conference on Advanced Information Networking and Applications Workshops (AINA Workshops), Barcelona, Spain, pp. 291-296.
20. Das, A. K. and Goswami, A. (2013) 'A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care', Journal of Medical Systems, Vol. 37, No. 3, pp. 1-16.
21. Das, M. L. (2009) 'Two-factor user authentication in wireless sensor networks', IEEE Transactions on Wireless Communications, Vol. 8, No. 3, pp. 1086-1090.
22. Dhurandher, S. K., Misra, S., Obaidat, M. S. and Gupta, N. (2009) 'An ant colony optimization approach for reputation and quality-of-service-based security in wireless sensor networks', Security and Communication Networks, Vol. 2, No. 2, pp. 215-224.
23. Diffie, W. and Hellman, M. E. (1976) 'New directions in cryptography', IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644-654.
24. Dodis, Y., Reyzin, L. and Smith, A. (2004) 'Fuzzy extractors: how to generate strong keys from biometrics and other noisy data', in Proceedings of the Advances in Cryptology (Eurocrypt '04), LNCS, Vol. 3027, pp. 523-540, Interlaken, Switzerland, Springer-Verlag.
25. Dolev, D. and Yao, A. (1983) 'On the security of public key protocols', IEEE Transactions on Information Theory, Vol. 29, No. 2, pp. 198-208.
26. Eschenauer, L. and Gligor, V. D. (2002) 'A key management scheme for distributed sensor networks', in 9th ACM Conference on Computer and Communication Security, Washington, DC, USA, pp. 41-47, November.
27. Fan, R., Ping, L.-D., Fu, J.-Q. and Pan, X.-Z. (2010) 'A secure and efficient user authentication protocol for two-tieres wireless sensor networks', in Second Pacific-Asia Conference on Circuits, Communications and System (PACCS), Beijing, China, pp. 425-428.
28. Feng, Y. C., Yuen, P. C. and Jain, A. K. (2010) 'A hybrid approach for generating secure and discriminating face template', IEEE Transactions on Information Forensics and Security, Vol. 5, No. 1, pp. 103-117.
29. He, D., Gao, Y., Chan, S., Chen, C. and Bu, J. (2010) 'An enhanced two-factor user authentication scheme in wireless sensor networks', Ad Hoc & Sensor Wireless Networks, Vol. 10, No. 4, pp. 361-371.
30. Jain, A. K., Nandakumar, K. and Nagar, A. (2008) 'Biometric template security', EURASIP Journal on Advances in Signal Processing, Article ID 579416, pp. 1-17, 17 pp., DOI: 10.1155/2008/579416.
31. Jain, A. K., Ross, A. and Prabhakar, S. (2003) 'An introduction to biometric recognition', IEEE Transactions on Circuits and Systems for Video Technology, Vol. 14, No. 1, pp. 4-20.
32. Jiang, Q., Ma, J., Lu, X. and Tian, Y. (2014) 'An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks', Peer-to-Peer Networking and Applications, DOI: 10.1007/s12083-014-0285-z, in press.
33. Jina, A. T. B., Linga, D. N. C. and Goh, A. (2004) 'Biohashing: two factor authentication featuring fingerprint data and tokenised random number', Pattern Recognition, Vol. 37, No. 11, pp. 2245-2255.
34. Khan, M. K. and Alghathbar, K. (2010) 'Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks', Sensors, Vol. 10, No. 3, pp. 2450-2459.
35. Khan, M. K., Zhang, J. and Wang, X. (2008) 'Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices', Chaotic, Solitons and Fractals, Vol. 35, No. 3, pp. 519-524.
36. Kocher, P., Jaffe, J. and Jun, B. (1999) 'Differential power analysis', in Proceedings of Advances Cryptology, Santa Barbara, California, USA, LNCS, Vol. 1666, Springer-Verlag, pp. 388-397.
37. Lee, C.-C., Li, C.-T. and Chen, S.-D. (2011) 'Two attacks on a two-factor user authentication in wireless sensor networks', Parallel Processing Letters, Vol. 21, No. 1, pp. 21-26.
38. Li, C.-T. and Hwang, M.-S. (2010) 'An efficient biometric-based remote user authentication scheme using smart cards', Journal of Network and Computer Applications, Vol. 33, No. 1, pp. 1-5.
39. Lin, C.-H. and Lai, Y.-Y. (2004) 'A flexible biometric remote user authentication scheme', Computer Standards and Interfaces, Vol. 27, No. 1, pp. 19-23.
40. Lumini, A. and Nanni, L. (2007) 'An improved biohashing for human authentication', Pattern Recognition, Vol. 40, No. 3, pp. 1057-1065.
41. Lv, C., Ma, M., Li, H., Ma, J. and Zhang, Y. (2013) 'An novel three-party authenticated key exchange protocol using one-time key', Journal of Network and Computer Applications, Vol. 36, No. 1, pp. 498-503.
42. Maltoni, D., Maio, D., Jain, A. K. and Prabhakar, S. (2009) Handbook of Fingerprint Recognition, 2nd ed., Springer-Verlag, New York.
43. Messerges, T. S., Dabbish, E. A. and Sloan, R. H. (2002) Examining smart-card security under the threat of power analysis attacks', IEEE Transactions on Computers, Vol. 51, No. 5, pp. 541-552.
44. Nagar, A., Nandakumar, K. and Jain, A. K. (2010) 'A hybrid biometric cryptosystem for securing fingerprint minutiae templates', Pattern Recognition Letters, Vol. 31, No. 8, pp. 733-741.
45. Narula, P., Dhurandher, S. K., Misra, S. and Woungang, I. (2008) 'Security in mobile ad-hoc networks using soft encryption and trust-based multi-path routing', Computer Communications, Vol. 31, No. 4, pp. 760-769.
46. Newsome, J., Shi, E., Song, D. and Perrig, A. (2004) 'The Sybil attack in sensor networks: Analysis and defenses', in Proceedings of third IEEE International Conference on Information Processing in Sensor Networks (IPSN), Berkeley, California, USA, pp. 259-268, 26-27 April.
47. Nyang, D. H. and Lee, M.-K. (2009) 'Improvement of Das's two-factor authentication protocol in wireless sensor networks', in Cryptology ePrint Archive, Report 2009/631.
48. Parno, B., Perrig, A. and Gligor, V. (2005) 'Distributed detection of node replication attacks in sensor networks', in IEEE Symposium on Security and Privacy, 8-11 May, pp. 49-63.
49. Pasca, V., Jurcut, A., Dojen, R. and Coffey, T. (2008) 'Determining a parallel session attack on a key distribution protocol using a model checker', in Proceedings of the 6th International Conference on Advances in Mobile Computing and Multimedia (MoMM), Linz, Austria, pp. 150-155. Perceptual Hashing [online] http://www.amsqr.com/2013/01/perceptualhashing.html (accessed November 2013).
50. Prabhakar, S., Pankanti, S. and Jain, A. K. (2003) 'Biometric recognition: security and privacy concerns', IEEE Security & Privacy, Vol. 1, No. 2, pp. 33-42.
51. Ratha, N. K., Karu, K., Chen, S. and Jain, A. K. (1996) 'A real-time matching system for large fingerprint databases', IEEE Transactions on Pattern Analysis and Machine Intelligence, Vol. 18, No. 8, pp. 799-813.
52. Rivest, R. L., Shamir, A. and Adleman, L. M. (1978) 'A method for obtaining digital signatures and public-key cryptosystems', Communications of the ACM, Vol. 21, No. 2, pp. 120-126.
53. Secure Hash Standard (1995) FIPS PUB 180-1, National Institute of Standards and Technology (NIST), US Department of Commerce, April [online] http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf (accessed January 2010).
54. Vaidya, B., Makrakis, D. and Mouftah, H. T. (2010) 'Improved two-factor user authentication in wireless sensor networks', in Second International Workshop on Network Assurance and Security Services in Ubiquitous Environments, Niagara Falls, Ontario, Canada, pp. 600-606.
55. Von Oheimb, D. (2005) 'The high-level protocol specification language HLPSL developed in the EU project AVISPA', in Proceedings of APPSEM 2005 Workshop, Frauenchiemsee, Germany.
56. Watro, R., Kong, D., Cuti, S., Gardiner, C., Lynn, C. and Kruus, P. (2004) 'TinyPK: securing sensor networks with public key technology', in Proceedings of the 2nd ACM Workshop on Security of ad hoc and Sensor Networks, SASN, pp. 59-64, Washington, DC, USA, October.
57. Wong, K., Zheng, Y., Cao, J. and Wang, S. (2006) 'A dynamic user authentication scheme for wireless sensor networks', in Proceedings of IEEE International Conference on Sensor Networks, Ubiquitous, Trustworthy Computing (SUTC 2006), IEEE Computer Society, Taichung, Taiwan, pp. 244-251.
58. Xue, K., Ma, C., Hong, P. and Ding, R. (2013) 'A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks', Journal of Network and Computer Applications, Vol. 6, No. 1, pp. 316-323.
59. Yuan, J., Jiang, C. and Jiang, Z. (2010) 'A biometric-based user authentication for wireless sensor networks', Wuhan University Journal of Natural Sciences, Vol. 15, No. 3, pp. 272-276.
60. Zhu, B., Setia, S., Jajodia, S., Roy, S. and Wang, L. (2010) 'Localized multicast: efficient and distributed replica detection in large-scale sensor networks', IEEE Transactions on Mobile Computing, Vol. 9, No. 7, pp. 913-926.