Secure biometric-based authentication scheme with smart card revocation/reissue for wireless sensor networks

Wireless sensor networks (WSNs) are ad-hoc networks composed primarily of a large number of sensor nodes with limited power, computation, storage and communication capabilities. The issue of securing and authenticating communications in such a network is problematic, and thus an adversary has an opportunity to capture a sensor node directly from the target field and extract all the information from its memory. In 2013, Yoon and Kim proposed an advanced biometric-based user authentication scheme for WSNs. Choi et al. analyzed Yoon and Kim's scheme and performed a security cryptanalysis in 2016. They demonstrated that Yoon and Kim's scheme had several security problems, and proposed instead an improved biometric-based user authentication scheme using fuzzy extraction. However, we cryptanalyze Choi et al.' s scheme and demonstrate that their scheme is vulnerable to insider attack and has a problem with smart card revocation/reissue. To overcome these drawbacks, we propose a secure biometric-based authentication scheme in WSNs that is secure against inside adversaries and provides secure and efficient smart card revocation/reissue.