Next Article in Journal
Estimation of Biological Oxygen Demand and Chemical Oxygen Demand for Combined Sewer Systems Using Synchronous Fluorescence Spectra
Previous Article in Journal
Near-Infrared Fluorescence Detection of Acetylcholine in Aqueous Solution Using a Complex of Rhodamine 800 and p-Sulfonato-calix[8]arene
Article Menu

Export Article

Open AccessArticle

Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’

Center of Excellence in Information Assurance (CoEIA), King Saud University, Saudi Arabia
Information Systems Department, College of Computer and Information Sciences, King Saud University, Saudi Arabia
Author to whom correspondence should be addressed.
Sensors 2010, 10(3), 2450-2459;
Received: 5 January 2010 / Revised: 4 March 2010 / Accepted: 12 March 2010 / Published: 23 March 2010
(This article belongs to the Section Chemical Sensors)
PDF [76 KB, uploaded 21 June 2014]


User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs. View Full-Text
Keywords: authentication; wireless sensor network; security; smart card; cryptanalysis authentication; wireless sensor network; security; smart card; cryptanalysis
This is an open access article distributed under the Creative Commons Attribution License (CC BY 3.0).

Share & Cite This Article

MDPI and ACS Style

Khan, M.K.; Alghathbar, K. Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’. Sensors 2010, 10, 2450-2459.

Show more citation formats Show less citations formats

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top