SLUA-WSN: Secure and Lightweight Three-Factor-Based User Authentication Protocol for Wireless Sensor Networks

Yu, SungJin; Park, Young Ho

doi:10.3390/s20154143

Cited by 36 publications

(24 citation statements)

References 52 publications

(135 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…• The smart devices can be tampered, and physically captured by M A in the registration phase. Thus, M A can extract the secret credentials stored in its memory [34]- [36]. • M A can attempt "offline identity" and "offline password" guessing attacks.…”

Section: A Threat Modelmentioning

confidence: 99%

Lightweight Three-Factor-Based Privacy- Preserving Authentication Scheme for IoT-Enabled Smart Homes

Jho

2021

IEEE Access

Self Cite

View full text Add to dashboard Cite

Smart homes are an emerging paradigm of Internet of Things (IoT) in which users can remotely control various home devices via the internet anytime and anywhere. However, smart home environments are vulnerable to security attacks because an attacker can inject, insert, intercept, delete, and modify transmitted messages over an insecure channel. Thus, secure and lightweight authentication protocols are essential to ensure useful services in smart home environments. In 2021, Kaur and Kumar presented a two-factor based user authentication protocol for smart homes using elliptic curve cryptosystems (ECC). Unfortunately, we demonstrate that their scheme cannot resist security attacks such as impersonation and session key disclosure attacks, and also ensure secure user authentication. Moreover, their scheme is not suitable in smart home environments because it utilizes public-key cryptosystems such as ECC. Hence, we design a secure and lightweight three-factor based privacy-preserving authentication scheme for IoT-enabled smart home environments to overcome the security problems of Kaur and Kumar's protocol. We prove the security of the proposed scheme by using informal and formal security analyses such as the ROR model and AVISPA simulation. In addition, we compare the performance and security features between the proposed scheme and related schemes. The proposed scheme better provides security and efficiency compared with the previous schemes and is more suitable than previous schemes for IoTenabled smart home environments.

show abstract

Section: A Threat Modelmentioning

confidence: 99%

Lightweight Three-Factor-Based Privacy- Preserving Authentication Scheme for IoT-Enabled Smart Homes

Jho

2021

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…Recently, Yu et al [53] proposed SLUA-WSN which is a lightweight three-factor authentication scheme with escalated user authentication system security against attacks and protects user anonymity by employing symmetric and hash function along with fuzzy extractor for the user biometric feature. Their scheme is the best communication and computation cost of all the previous schemes in the state-of-art in the matter of robustness against sensor node capture, A4, A8, and A1, also it ensures F5, and F6.…”

Section: Symmetric Cryptography In Mobile Platformmentioning

confidence: 99%

Authentication in Wireless Body Area Network: Taxonomy and Open Challenges

Almuhaideb¹,

Alqudaihi²

2021

Journal on Internet of Things

View full text Add to dashboard Cite

Wearable body area network (WBAN) aids the communication between the health providers and patients by supporting health monitoring services. It assists the users to maintain their health status records by collecting the body signals and transmitting them for further processing measurements. However, sensor data are publicly transferred through insecure network that facilitates the attacker malicious acts like performing masquerading attack, man in the middle, and snooping. Several authentication techniques were suggested to levitate the security of the communication channels to preserve the user data from exposure. Moreover, authentication schemes aid plenty of security issues related to user and data privacy, anonymity, repudiation, confidentiality, and integrity, but they lack performance efficiency. On the other hand, it is very hard to find the balance between security and efficiency in most of the authentication schemes, especially for the WBAN platform that consists of memory and processing constraint devices. Therefore, this paper surveys and discusses the latest authentication schemes types, techniques, and system features. Also, it highlights their strengths and weaknesses towards common knowingly attacks and provides a comparison between the popular scheme validation proofs and simulation tools. Thence, this paper draws a path for the new direction of the authentication technologies, the authentication schemes open issues, and the potential future evolution in this area.

show abstract

“…In [34] scheme, they did not specify a method to prevent brute force attacks in case of the lost smart card. Their paper did not mention the concept of encrypting and locking smartcard data information with user biometric or password.…”

Section: Stolen Smartcard Attackmentioning

confidence: 99%

A Lightweight Three-Factor Authentication Scheme for WHSN Architecture

Almuhaideb¹,

Alqudaihi²

2020

Sensors

View full text Add to dashboard Cite

Wireless Healthcare Sensor Network (WHSN) is a benchmarking technology deployed to levitate the quality of lives for the patients and doctors. WHSN systems must fit IEEE 802.15.6 standard for specific application criteria, unlike some standard criteria that are difficult to meet. Therefore, many security models were suggested to enhance the security of the WHSN and promote system performance. Yu and Park proposed a three-factor authentication scheme based on the smart card, biometric, and password, and their scheme can be easily employed in three-tier WHSN architecture. Furthermore, they claimed that their scheme can withstand guessing attack and provide anonymity, although, after cryptanalysis, we found that their scheme lacks both. Accordingly, we suggested a three-factor authentication scheme with better system confusion due to multiplex parametric features, hash function, and higher key size to increase the security and achieve anonymity for the connected nodes. Moreover, the scheme included initialization, authentication, re-authentication, secure node addition, user revocation, and secure data transmission via blockchain technology. The formal analysis of the scheme was conducted by BAN logic (Burrows Abadi Nadeem) and the simulation was carried out by Tamarin prover to validate that the proposed scheme is resistant to replay, session hijacking, and guessing attacks, plus it provides anonymity, perfect forward secrecy, and authentication along with the key agreement.

show abstract

SLUA-WSN: Secure and Lightweight Three-Factor-Based User Authentication Protocol for Wireless Sensor Networks

Cited by 36 publications

References 52 publications

Lightweight Three-Factor-Based Privacy- Preserving Authentication Scheme for IoT-Enabled Smart Homes

Lightweight Three-Factor-Based Privacy- Preserving Authentication Scheme for IoT-Enabled Smart Homes

Authentication in Wireless Body Area Network: Taxonomy and Open Challenges

A Lightweight Three-Factor Authentication Scheme for WHSN Architecture

Contact Info

Product

Resources

About