KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Biometric-based User Authentication and Key Agreement Scheme for Heterogeneous Wireless Sensor Networks

  • Chen, Ying (School of Software, Nanchang Hangkong University) ;
  • Ge, Yangming (School of Software, Nanchang Hangkong University) ;
  • Wang, Wenyuan (School of Software, Nanchang Hangkong University) ;
  • Yang, Fengyu (School of Software, Nanchang Hangkong University)
  • Received : 2017.08.28
  • Accepted : 2017.11.28
  • Published : 2018.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

Heterogeneous wireless sensor networks (HEWSN) is a kind of wireless sensor networks (WSN), each sensor may has different attributes, HEWSN has been widely used in many aspects. Due to sensors are deployed in unattended environments and its resource constrained feature, the design of security and efficiency balanced authentication scheme for HEWSN becomes a vital challenge. In this paper, we propose a secure and lightweight user authentication and key agreement scheme based on biometric for HEWSN. Firstly, fuzzy extractor is adopted to handle the user's biometric information. Secondly, we achieve mutual authentication and key agreement among three entities, which are user, gateway and cluster head in the four phases. Finally, formal security analysis shows that the proposed scheme defends against various security pitfalls. Additionally, comparison results with other surviving relevant schemes show that our scheme is more efficient in term of computational cost, communication cost and estimated time. Therefore, the proposed scheme is well suitable for practical application in HEWSN.

Keywords

References

  1. S. Kumari, M. K. Khan and M. Atiquzzaman,"User authentication schemes for wireless sensor networks: A review," Ad Hoc Networks, vol.27, pp.159-194, 2015. https://doi.org/10.1016/j.adhoc.2014.11.018
  2. Y. T. Tsou, C. S. Lu and S. Y. Kuo,"SER: Secure and efficient retrieval for anonymous range query in wireless sensor networks," Computer Communications, vol.108, pp.1-16, 2017. https://doi.org/10.1016/j.comcom.2017.04.007
  3. M. S. Farash, M. Turkanovic and S. Kumari, "An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment," Ad Hoc Networks,vol.36,pp.152-176, 2016. https://doi.org/10.1016/j.adhoc.2015.05.014
  4. W. H. Wong, Y. Zheng and J. Cao, "A Dynamic User Authentication Scheme for Wireless Sensor Networks," in Proc. of IEEE Conf. on Sensor Networks, Ubiquitous, and Trustworthy Computing,vol.1,pp.244-151, 2006.
  5. M. L. Das,"Two-factor user authentication in wireless sensor networks," IEEE Transactions on Wireless Communications, vol.8, no.3, pp.1086-1090,2009. https://doi.org/10.1109/TWC.2008.080128
  6. T.H. Chen and W. K. Shih,"A Robust Mutual Authentication Protocol for Wireless Sensor Networks," Etri Journal, vol.32, no.5, pp.704-712, 2010. https://doi.org/10.4218/etrij.10.1510.0134
  7. C. T. Li, M. S. Hwang, "An efficient biometrics-based remote user authentication scheme using smart cards," Journal of Network & Computer Applications, vol.33, no.1, pp.1-5,2010. https://doi.org/10.1016/j.jnca.2009.08.001
  8. J.J Yuan and J. Jiang,"A Biometric-Based User Authentication for Wireless Sensor Networks," Wuhan University Journal of Natural Sciences, vol.15, no.3, pp.272-276, 2010. https://doi.org/10.1007/s11859-010-0318-2
  9. H. L. Yeh, T. H. Chen and P.C. Liu, "A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography," Sensors, vol.11, no.5, pp.4767-4779, 2011. https://doi.org/10.3390/s110504767
  10. E. J. Yoon and K. Y. Yoo, "Cryptanalysis of robust mutual authentication protocol for wireless sensor networks," in Proc. of IEEE International Conf. on Cognitive Informatics and Cognitive Computing, pp.392-369, 2011.
  11. X. Li, J. W. Niu, J. Ma, et al. "Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards," Journal of Network & Computer Applications, vol. 34, no. 1, pp.73-79, 2011. https://doi.org/10.1016/j.jnca.2010.09.003
  12. D. He,"Robust biometric-based user authentication scheme for wireless sensor networks," Ad hoc & Sensor Wireless Networks, vol.25, no.3, pp.309-321, 2012.
  13. E. J. Yoon and C. Kim, "Advanced Biometric-Based User Authentication Scheme for Wireless Sensor Networks," Sensor Letters, vol.11, no.9, pp.1836-1843, 2013. https://doi.org/10.1166/sl.2013.3014
  14. W. Shi and P. Gong, "A New User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography," International Journal of Distributed Sensor Networks, no.730831, pp.51-59, 2013.
  15. K. Xue, C. Ma and P. Hong, "A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks," Journal of Network & Computer Applications, vol.36, no.1, pp.316-323, 2013. https://doi.org/10.1016/j.jnca.2012.05.010
  16. Y. Choi, D. Lee, J. Kim, et al. "Security Enhanced User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography," Sensors, vol.14, no.6, pp. 10081, 2014. https://doi.org/10.3390/s140610081
  17. D. Wang and P. Wang,"On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions," Computer Networks, vol.73, pp.41-57, 2014. https://doi.org/10.1016/j.comnet.2014.07.010
  18. K. Sheetal and K. S. Sandeep,"Advanced password based authentication scheme for wireless sensor networks," Journal of Information Security and Applications, vol.20, pp.37-46, 2015. https://doi.org/10.1016/j.jisa.2014.10.008
  19. I. P. Chang, T. F. Lee, T. H. Lin, et al. "Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks," Sensors, vol.15, no.12, pp.29841-29854, 2015. https://doi.org/10.3390/s151229767
  20. Y. Choi, Y. Lee and D. Won, "Security improvement on biometric based authentication scheme for wireless sensor networks using fuzzy extraction," International Journal of Distributed Sensor Networks, vol.2016, no.4, pp.1-16, 2016.
  21. Y. H. Park, S. Y. Lee and C. K. Kim,"Secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks," International Journal of Distributed Sensor Networks, vol.12, no.7, 2016.
  22. C. C. Chang, W. Y. Hsueh and T. F. Cheng, "A Dynamic User Authentication and Key Agreement Scheme for Heterogeneous Wireless Sensor Networks," Wireless Personal Communications, vol.89, no.2, pp.447-465, 2016. https://doi.org/10.1007/s11277-016-3281-1
  23. J. Moon, D. Lee and Y. Lee, "Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks," Sensors, vol.17, no.5, pp.1-24, 2017. https://doi.org/10.1109/JSEN.2017.2761499
  24. X. Li, M. H. Ibrahim and S. Kumari, "Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks," Computer Networks, 2017.
  25. X. Li, J. Niu and S. Kumari, "A Three-factor Anonymous Authentication Scheme for Wireless Sensor Networks in Internet of Things Environments," Journal of Network & Computer Applications, article in press.
  26. J. Srinivas, S. M. D. Mukhopadhyay, "Secure and efficient user authentication scheme for multi-gateway wireless sensor networks," Ad Hoc Networks, vol.54, pp.147-169, 2017. https://doi.org/10.1016/j.adhoc.2016.11.002
  27. A. K. Das, "A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor," International Journal of Communication Systems, pp.1-15, 2015.
  28. C. Wang, X, Zhang and Z. Zheng, "Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme," Plos One, vol.11, no.2, 2016.
  29. Y. Dodis, B. Kanukurthi and J. Katz, "Robust Fuzzy Extractors and Authenticated Key Agreement From Close Secrets," IEEE Transactions on Information Theory, vol.58, no.9, pp.6207-6222, 2012. https://doi.org/10.1109/TIT.2012.2200290
  30. J. H. Yoon and J. H. Kim,"A closed-form analytic correction to the Black-Scholes-Merton price for perpetual American options," Applied Mathematics Letters, vol.26, no.12, pp.1146-1150, 2013. https://doi.org/10.1016/j.aml.2013.06.012
  31. H. J. Mahanta, A. K. Azad and A. K. Khan, "Power analysis attack: A vulnerability to smart card security," in Proc. of International Conf. on Signal Processing and Communication Engineering Systems, pp.506-510, 2015.
  32. T. Hasegawa, J. Nakajima and M. Matsui, "A practical implementation of elliptic curve cryptosystems over GF(p) on a 16-bit microcomputer," in Proc. of International Workshop on Public Key Cryptography.Spring Berlin Heidelberg, pp.182-194, 1998.
  33. P. Mohit, R. Amin, A. Karati, et al. "A standard mutual authentication protocol for cloud comput- ing based health care system," vol.41, no.4, pp.1-13, 2017. https://doi.org/10.1007/s10916-016-0650-y
  34. Advanced Encryption Standard (AES). Retrieved on June 26, 2017
  35. K. Neal, M Alfred, V. Scott., "The State of Elliptic Curve Cryptography," Designs Codes & Cryptography, vol.19, no.2, pp.173-193, 2000. https://doi.org/10.1023/A:1008354106356
  36. Secure hash standard. Retrieved on June 26, 2017 from Article (CrossRef Link)

Cited by

  1. A Secure and Lightweight Three-Factor Remote User Authentication Protocol for Future IoT Applications vol.2021, pp.None, 2021, https://doi.org/10.1155/2021/8871204