Provably secure user authentication and key agreement scheme for wireless sensor networks

Das, Ashok Kumar; Kumari, Saru; Odelu, Vanga; Li, Xiong; Wu, Fan; Huang, Xinyi

doi:10.1002/sec.1573

Cited by 89 publications

(42 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The protocol [81] uses the BAN-logic to prove that the protocol can resist numerous security attacks, which include the attacks, found in the Amin and Biswas's scheme [73]. There are seven authentication protocols [154,73,75,78,81,158,223] that use the Automated Validation of Internet Security Protocols and Application (AVISPA) security analyzer [220]. The AVISPA tool provides a modular and expressive formal language for specifying security protocols and properties.…”

Section: Formal Security Verification Techniquesmentioning

confidence: 99%

Authentication Protocols for Internet of Things: A Comprehensive Survey

Ferrag

Μαγλαράς

Janicke

et al. 2017

Security and Communication Networks

229

131

View full text Add to dashboard Cite

In this paper, a comprehensive survey of authentication protocols for Internet of Things (IoT) is presented. Specifically more than forty authentication protocols developed for or applied in the context of the IoT are selected and examined in detail. These protocols are categorized based on the target environment: (1) Machine to Machine Communications (M2M), (2) Internet of Vehicles (IoV), (3) Internet of Energy (IoE), and (4) Internet of Sensors (IoS). Threat models, countermeasures, and formal security verification techniques used in authentication protocols for the IoT are presented. In addition a taxonomy and comparison of authentication protocols that are developed for the IoT in terms of network model, specific security goals, main processes, computation complexity, and communication overhead are provided. Based on the current survey, open issues are identified and future research directions are proposed.

show abstract

Section: Formal Security Verification Techniquesmentioning

confidence: 99%

Authentication Protocols for Internet of Things: A Comprehensive Survey

Ferrag

Μαγλαράς

Janicke

et al. 2017

Security and Communication Networks

229

131

View full text Add to dashboard Cite

show abstract

“…From the table, it can be inferred that privacy is a problem that has not drawn enough attention from the researchers. In some schemes, [5] √ × √ Jung et al [6] √ × × Fan et al [7] × × × Amin and Biswas [8] × × × Nam et al [9] × × √ Lu et al [10] √ √ × Zhao et al [11] √ × × Hou et al [12] × × × Farash et al [13] × × × Turkanović et al [14] × × × PriAuth √ √ √ all the users share the same key to encrypt their identities, this means the encrypted identity could be decrypted by a malicious or curious user using the same key [5,6,10,13]. Some of the schemes fail to enable the anonymity of the user or sensor, such as [37][38][39].…”

Section: Related Workmentioning

confidence: 99%

“…Thus, only the gateway could learn the identities. As for the shared key between user and sensor, in some schemes, the gateway knows the shared key in schemes [6][7][8][11][12][13][14], while, in some others, the gateway does not know the key, they use Diffie-Hellman (DH) anonymous key agreement protocol to build the shared key [1,2,4,5,9,30]. As we have discussed, the gateway is not allowed to know the shared key in order to prevent a curious gateway from eavesdropping the sensor data.…”

Section: Related Workmentioning

confidence: 99%

“…Traceability means the adversary can track a user or a sensor according to their identities or masked identities like in the scheme [5,10,[29][30][31][32]. Once some fixed information about the identities is used in a scheme, then this scheme could probably be tracked by an adversary.…”

Section: Traceability Protectionmentioning

confidence: 99%

“…computational costs of different operations, and the operations' execution time is measured by simulation [3][4][5][6][7][8][9][10][11][12][13][14]. The execution time of XOR operation is very small compared to an elliptic curve point multiplication or hash operation; we neglect it when computing the time approximately [3].…”

Section: Computational Performancementioning

confidence: 99%

See 2 more Smart Citations

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Chen

Martínez-Ortega

Castillejo

et al. 2017

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

In a wearable sensor-based deployment, sensors are placed over the patient to monitor their body health parameters. Continuous physiological information monitored by wearable sensors helps doctors have a better diagnostic and a suitable treatment. When doctors want to access the patient's sensor data remotely via network, the patient will authenticate the identity of the doctor first, and then they will negotiate a key for further communication. Many lightweight schemes have been proposed to enable a mutual authentication and key establishment between the two parties with the help of a gateway node, but most of these schemes cannot enable identity confidentiality. Besides, the shared key is also known by the gateway, which means the patient's sensor data could be leaked to the gateway. In PriAuth, identities are encrypted to guarantee confidentiality. Additionally, Elliptic Curve Diffie-Hellman (ECDH) key exchange protocol has been adopted to ensure the secrecy of the key, avoiding the gateway access to it. Besides, only hash and XOR computations are adopted because of the computability and power constraints of the wearable sensors. The proposed scheme has been validated by BAN logic and AVISPA, and the results show the scheme has been proven as secure.

show abstract

Smart Home Device Security: A Survey of Smart Home Authentication Methods with a Focus on Mutual Authentication and Key Management Practices

Raju¹,

Moh²

2022

Cybersecurity in Smart Homes

View full text Add to dashboard Cite

Provably secure user authentication and key agreement scheme for wireless sensor networks

Cited by 89 publications

References 45 publications

Authentication Protocols for Internet of Things: A Comprehensive Survey

Authentication Protocols for Internet of Things: A Comprehensive Survey

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Smart Home Device Security: A Survey of Smart Home Authentication Methods with a Focus on Mutual Authentication and Key Management Practices

Contact Info

Product

Resources

About