An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment

The concept of Internet of Things (IOT), which is already at our front doors, is that every object in the Internet infrastructure (II) is interconnected into a global dynamic expanding network. Sensors and smart objects are beside classical computing devices key parties of the IOT. We can already exploit the benefits of the IOT by using various weareables or smart phones which are full of diverse sensors and actuators and are connected to the II via GPRS or Wi-Fi. Since sensors are a key part of IOT, thus are wireless sensor networks (WSN). Researchers are already working on new techniques and efficient approaches on how to integrate WSN better into the IOT environment. One aspect of it is the security aspect of the integration. Recently, Turkanovic et al.'s proposed a highly efficient and novel user authentication and key agreement scheme (UAKAS) for heterogeneous WSN (HWSN) which was adapted to the JOT notion. Their scheme presented a novel approach where a user from the JOT can authenticate with a specific sensor node from the HWSN without having to communicate with a gateway node. Moreover their scheme is highly efficient since it is based on a simple symmetric cryptosystem. Unfortunately we have found that Turkanovic et al.'s scheme has some security shortcomings and is susceptible to some cryptographic attacks. This paper focuses on overcoming the security weaknesses of Turkanovic et al.'s scheme, by proposing a new and improved UAKAS. The proposed scheme enables the same functionality but improves the security level and enables the HWSN to dynamically grow without influencing any party involved in the UAKAS. The results of security analysis by BAN-logic and AVISPA tools confirm the security properties of the proposed scheme. (C) 2015 Elsevier B.V. All rights reserved.