Next Article in Journal
Estimation of Biological Oxygen Demand and Chemical Oxygen Demand for Combined Sewer Systems Using Synchronous Fluorescence Spectra
Previous Article in Journal
Near-Infrared Fluorescence Detection of Acetylcholine in Aqueous Solution Using a Complex of Rhodamine 800 and p-Sulfonato-calix[8]arene
Sensors 2010, 10(3), 2450-2459; doi:10.3390/s100302450

Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’

1,*  and 1,2
1 Center of Excellence in Information Assurance (CoEIA), King Saud University, Saudi Arabia 2 Information Systems Department, College of Computer and Information Sciences, King Saud University, Saudi Arabia
* Author to whom correspondence should be addressed.
Received: 5 January 2010 / Revised: 4 March 2010 / Accepted: 12 March 2010 / Published: 23 March 2010
(This article belongs to the Section Chemical Sensors)
View Full-Text   |   Download PDF [76 KB, uploaded 21 June 2014]


User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.
Keywords: authentication; wireless sensor network; security; smart card; cryptanalysis authentication; wireless sensor network; security; smart card; cryptanalysis
This is an open access article distributed under the Creative Commons Attribution License (CC BY 3.0).

Share & Cite This Article

Further Mendeley | CiteULike
Export to BibTeX |
EndNote |
MDPI and ACS Style

Khan, M.K.; Alghathbar, K. Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’. Sensors 2010, 10, 2450-2459.

View more citation formats

Related Articles

Article Metrics

For more information on the journal, click here


[Return to top]
Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert