IIIT Hyderabad Publications |
|||||||||
|
Design and Analysis of Three-Factor User Authentication Schemes for Wireless Sensor NetworksAuthor: Anil Kumar Sutrala Date: 2018-07-16 Report no: IIIT/TH/2018/38 Advisor:Ashok Kumar Das AbstractAuthentication refers to the process of verifying an identity claimed by or for a system entity. The validation mechanism can involve several factors with the level of security being proportional to the number and types of factors involved. Mutual authentication is a type of authentication which allows the involved entities simultaneously authenticate each other in order to establish a secure communication between them. User authentication in Wireless Sensor Network (WSN) plays a very important role in which a legal registered user is allowed to access the real-time sensing information from the sensor nodes inside WSN. To allow such access, a user needs to be authenticated by the accessed sensor nodes as well as gateway nodes inside WSN. Due to resource limitations and vulnerability to physical capture of some sensor nodes by an attacker, design of secure user authentication schemes in WSN still continues to be an important and challenging research area in recent years. In this thesis, we study the importance of authentication and key agreement problem in the multi-gateway based WSN architectures and Wireless Medical Sensor Network (WMSN). The first study presents a new Elliptic Curve Cryptography (ECC) based user authenticated key agreement protocol in a hierarchical WSN so that a legal user can only access the live data from some designated sensor nodes as and when he/she needs it. The proposed scheme is also three-factor as it applies smart card, password and personal biometrics of a user. The proposed scheme maintains low computation cost for the resource constrained sensor nodes as it uses efficient one-way cryptographic hash function and bitwise exclusive- OR (XOR) operations for sensor nodes only. The security analysis with the help of the broadly-accepted Burrows-Abadi-Needham (BAN) logic, formal security verification using the popular simulation tool, called Automated Validation of Internet Security Protocols and Applications (AVISPA) as well as informal security analysis show that the proposed scheme is resilient against several well-known attacks needed for a user authentication scheme in WSNs. The comparison of security and functionality requirements, communication and computation costs among the proposed scheme and other related existing user authentication schemes in WSNs shows that there is a better trade-off among these parameters. In the second study, we present a new three-factor user authentication scheme based on the multi-gateway WSN architecture. The proposed scheme is lightweight in nature as it uses only the one-way hash function, bitwise XOR and symmetric encryption/decryption operations for the resource-limited sensor nodes. Through the widely-accepted BAN logic, we prove that our scheme provides the secure mutual authentication. We then present the formal security verification of our proposed scheme using AVISPA tool which is a powerful validation tool for network security applications and show that our scheme is secure. In addition, the rigorous informal security analysis shows that our scheme is also secure against possible other known attacks including the sensor node capture attack. Furthermore, we present the additional functionality features that our scheme offers, which are efficient in communication and computation. Finally, in the third study, we focus on designing an efficient and more secure authentication scheme in WMSN which is a professional application of the traditional wireless body area sensor networks in healthcare applications. Since the vital signs parameters are sensitive to the patients’ health status and these information must not be revealed to the others except the healthcare professionals, the protection of patients’ privacy becomes another key issue for WMSN applications. Thus, user authentication with anonymity property is the most basic and commonly used method in order to resolve the security and privacy issues of WMSNs. He et al. presented a user authentication protocol for healthcare applications using WMSNs to protect the security and privacy problems. However, Li et al. showed that 1) their scheme is incorrect in authentication and session key agreement phase, 2) it has no wrong password detection mechanism and 3) it is vulnerable to denial-of-service caused by password change with wrong password. We then review Li et al.’s scheme and show that their scheme is still vulnerable to privileged-insider attack and sensor node capture attack, and it also fails to provide user anonymity property. Moreover, we find that He et al.’s scheme is still vulnerable to the same attacks as we find out in Li et al.’s scheme. To remedy the security weaknesses found in both He et al.’s scheme and Li et al.’s scheme, we present a secure biometrics-based user authentication scheme in WMSNs using smart card. Through the rigorous formal and informal security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the most-widely accepted AVISPA tool and the simulation results reveal that our scheme is secure. Our scheme is also efficient in computation and communication as compared to He et al.’s scheme, Li et al.’s scheme and other related schemes. Full thesis: pdf Centre for Security, Theory and Algorithms |
||||||||
Copyright © 2009 - IIIT Hyderabad. All Rights Reserved. |