Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

Nam, Junghyun; Choo, Kim‐Kwang Raymond; Han, Sangchul; Kim, Moonseong; Paik, Juryon; Won, Dongho

doi:10.1371/journal.pone.0116709

Cited by 56 publications

(28 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, it is also necessary to keep the doctor's identity confidential in order to protect the privacy of the patient. In PriAuth, Elliptic Curve Cryptography (ECC) is adopted as the method used to protect the identities of the data transmission participants, which is similar to [15][16][17][18][19][20][21].…”

Section: Wireless Communications and Mobile Computingmentioning

confidence: 99%

“…Some of the schemes fail to enable the anonymity of the user or sensor, such as [37][38][39]. We adopt the ECC based method to enable the anonymity, which is similar to [15][16][17][18][19][20][21] because "ECC requires smaller keys compared to non-ECC cryptography (based on plain Galois fields) to provide equivalent security" [40]. The gateway has a public key that is known by every user; all the identities are encrypted by an XOR method with a new key which is generated from gateway's public key before the identities are sent to the gateway.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Chen

Martínez-Ortega

Castillejo

et al. 2017

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

In a wearable sensor-based deployment, sensors are placed over the patient to monitor their body health parameters. Continuous physiological information monitored by wearable sensors helps doctors have a better diagnostic and a suitable treatment. When doctors want to access the patient's sensor data remotely via network, the patient will authenticate the identity of the doctor first, and then they will negotiate a key for further communication. Many lightweight schemes have been proposed to enable a mutual authentication and key establishment between the two parties with the help of a gateway node, but most of these schemes cannot enable identity confidentiality. Besides, the shared key is also known by the gateway, which means the patient's sensor data could be leaked to the gateway. In PriAuth, identities are encrypted to guarantee confidentiality. Additionally, Elliptic Curve Diffie-Hellman (ECDH) key exchange protocol has been adopted to ensure the secrecy of the key, avoiding the gateway access to it. Besides, only hash and XOR computations are adopted because of the computability and power constraints of the wearable sensors. The proposed scheme has been validated by BAN logic and AVISPA, and the results show the scheme has been proven as secure.

show abstract

Section: Wireless Communications and Mobile Computingmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Chen

Martínez-Ortega

Castillejo

et al. 2017

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…A user anonymous authentication scheme has been presented to handle remote medical services applying in WSN to resolve this issues. Nam et al [22] pointed out some flaws in [21] for user anonymity and smart card theft. By exploiting symmetric encryption and secure key management for message integrity, Xue et al [23] presented a temporary credential-based secure key using a one-way hash function and XOR operations.…”

Section: Literature Reviewmentioning

confidence: 99%

Secure Authentication and Prescription Safety Protocol for Telecare Health Services Using Ubiquitous IoT

et al. 2017

View full text Add to dashboard Cite

Internet-of-Things (IoT) include a large number of devices that can communicate across different networks. Cyber-Physical Systems (CPS) also includes a number of devices connected to the internet where wearable devices are also included. Both systems enable researchers to develop healthcare systems with additional intelligence as well as prediction capabilities both for lifestyle and in hospitals. It offers as much persistence as a platform to ubiquitous healthcare by using wearable sensors to transfer the information over servers, smartphones, and other smart devices in the Telecare Medical Information System (TMIS). Security is a challenging issue in TMIS, and resourceful access to health care services requires user verification and confidentiality. Existing schemes lack in ensuring reliable prescription safety along with authentication. This research presents a Secure Authentication and Prescription Safety (SAPS) protocol to ensure secure communication between the patient, doctor/nurse, and the trusted server. The proposed procedure relies upon the efficient elliptic curve cryptosystem which can generate a symmetric secure key to ensure secure data exchange between patients and physicians after successful authentication of participants individually. A trusted server is involved for mutual authentication between parties and then generates a common key after completing the validation process. Moreover, the scheme is verified by doing formal modeling using Rubin Logic and validated using simulations in NS-2.35. We have analyzed the SAPS against security attacks, and then performance analysis is elucidated. Results prove the dominance of SAPS over preliminaries regarding mutual authentication, message integrity, freshness, and session key management and attack prevention.

show abstract

“…Especially in recent years, a lot of authentication and key exchange protocols have been proposed for various kinds of wireless networks to establish secure communication channels between their entities. For example, literature [26] presented a smart-card based user authentication scheme for Wireless Sensor Networks. Literature [27] presented an authenticated key exchange protocol for Wireless Body Area Network.…”

Section: Related Work and Comparisonmentioning

confidence: 99%

CP-ABE Based Privacy-Preserving User Profile Matching in Mobile Social Networks

Weirong

Chen

2016

PLoS ONE

View full text Add to dashboard Cite

Privacy-preserving profile matching, a challenging task in mobile social networks, is getting more attention in recent years. In this paper, we propose a novel scheme that is based on ciphertext-policy attribute-based encryption to tackle this problem. In our scheme, a user can submit a preference-profile and search for users with matching-profile in decentralized mobile social networks. In this process, no participant’s profile and the submitted preference-profile is exposed. Meanwhile, a secure communication channel can be established between the pair of successfully matched users. In contrast to existing related schemes which are mainly based on the secure multi-party computation, our scheme can provide verifiability (both the initiator and any unmatched user cannot cheat each other to pretend to be matched), and requires few interactions among users. We provide thorough security analysis and performance evaluation on our scheme, and show its advantages in terms of security, efficiency and usability over state-of-the-art schemes.

show abstract

Efficient and Anonymous Two-Factor User Authentication in Wireless Sensor Networks: Achieving User Anonymity with Lightweight Sensor Computation

Cited by 56 publications

References 31 publications

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Secure Authentication and Prescription Safety Protocol for Telecare Health Services Using Ubiquitous IoT

CP-ABE Based Privacy-Preserving User Profile Matching in Mobile Social Networks

Contact Info

Product

Resources

About