Sensors 2010, 10(3), 2450-2459; doi:10.3390/s100302450
Article

Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’

1,* email and 1,2email
Received: 5 January 2010; in revised form: 4 March 2010 / Accepted: 12 March 2010 / Published: 23 March 2010
(This article belongs to the Section Physical Sensors)
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Abstract: User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.
Keywords: authentication; wireless sensor network; security; smart card; cryptanalysis
PDF Full-text Download PDF Full-Text [76 KB, uploaded 21 June 2014 02:58 CEST]

Export to BibTeX |
EndNote


MDPI and ACS Style

Khan, M.K.; Alghathbar, K. Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’. Sensors 2010, 10, 2450-2459.

AMA Style

Khan MK, Alghathbar K. Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’. Sensors. 2010; 10(3):2450-2459.

Chicago/Turabian Style

Khan, Muhammad Khurram; Alghathbar, Khaled. 2010. "Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’." Sensors 10, no. 3: 2450-2459.

Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert