期刊
SECURITY AND COMMUNICATION NETWORKS
卷 9, 期 16, 页码 3670-3687出版社
WILEY-HINDAWI
DOI: 10.1002/sec.1573
关键词
authentication; elliptic curve cryptography; key agreement; wireless sensor networks; formal security; AVISPA
资金
- Information Security Education & Awareness (ISEA) Phase II Project, Department of Electronics and Information Technology (DeitY), India
- University Distinguished Young Research Talent Training Program of Fujian Province
- Fujian Education and Scientific Research Program for Young and Middle-aged Teachers [JA14369]
In recent years, user authentication has emerged as an interesting field of research in wireless sensor networks. Most recently, in 2016, Chang and Le presented a scheme to authenticate the users in wireless sensor network using a password and smart card. They proposed two protocols P-1 and P-2. P-1 is based on exclusive or (XOR) and hash functions, while P-2 deploys elliptic curve cryptography in addition to the two functions used in P-1. Although their protocols are efficient, we point out that both P-1 and P-2 are vulnerable to session specific temporary information attack and offline password guessing attack, while P-1 is also vulnerable to session key breach attack. In addition, we show that both the protocols P-1 and P-2 are inefficient in authentication and password change phases. To withstand these weaknesses found in their protocols, we aim to design a new authentication and key agreement scheme using elliptic curve cryptography. Rigorous formal security proofs using the broadly accepted, the random oracle models, and the Burrows-Abadi-Needham logic and verification using the well-known Automated Validation of Internet Security Protocols and Applications tool are preformed on our scheme. The analysis shows that our designed scheme has the ability to resist a number of known attacks comprising those found in both Chang-Le's protocols. Copyright (C) 2016 John Wiley & Sons, Ltd.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据