This article is
- freely available
Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’
Center of Excellence in Information Assurance (CoEIA), King Saud University, Saudi Arabia
Information Systems Department, College of Computer and Information Sciences, King Saud University, Saudi Arabia
* Author to whom correspondence should be addressed.
Received: 5 January 2010; in revised form: 4 March 2010 / Accepted: 12 March 2010 / Published: 23 March 2010
Abstract: User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.
Keywords: authentication; wireless sensor network; security; smart card; cryptanalysis
Article StatisticsClick here to load and display the download statistics.
Notes: Multiple requests from the same IP address are counted as one view.
Cite This Article
MDPI and ACS Style
Khan, M.K.; Alghathbar, K. Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’. Sensors 2010, 10, 2450-2459.
Khan MK, Alghathbar K. Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’. Sensors. 2010; 10(3):2450-2459.
Khan, Muhammad Khurram; Alghathbar, Khaled. 2010. "Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’." Sensors 10, no. 3: 2450-2459.