Understanding Node Capture Attacks in User Authentication Schemes for Wireless Sensor Networks

Despite decades of intensive research, it is still challenging to design a practical multi-factor user authentication scheme for wireless sensor networks (WSNs). This is because protocol designers are confronted with a long-standing security versus efficiency dilemma: sensor nodes are lightweight devices with limited storage and computation capabilities, while the security requirements are demanding as WSNs are generally deployed for sensitive applications. Hundreds of proposals have been proposed, yet most of them have been found to be problematic, and the same mistakes are repeated again and again. Two of the most common security failures are regarding smart card loss attacks and node capture attacks. The former has been extensively investigated in the literature, while little attention has been given to understanding the node capture attacks. To alleviate this undesirable situation, this article takes a substantial step towards systematically exploring node capture attacks against multi-factor user authentication schemes for WSNs. We first investigate the various causes and consequences of node capture attacks, and classify them into ten different types in terms of the attack targets, adversary's capabilities and vulnerabilities exploited. Then, we elaborate on each type of attack through examining 11 typical vulnerable protocols, and suggest corresponding countermeasures. Finally, we conduct a large-scale comparative measurement of 61 representative user authentication schemes for WSNs under our extended evaluation criteria. We believe that such a systematic understanding of node capture attacks would help design secure user authentication schemes for WSNs.

Automated summary

Despite years of research, designing a practical multi-factor user authentication scheme for wireless sensor networks is still challenging due to the security versus efficiency dilemma. Common security failures include smart card loss attacks and node capture attacks, with the latter receiving less attention compared to the former. This article systematically explores node capture attacks, providing insights for secure user authentication scheme design in WSNs.