Secure and efficient user authentication scheme for multi-gateway wireless sensor networks

By utilizing Internet of Things (IoT), the collected information from the sensor nodes in wireless sensor networks (WSNs) could be provided to the users who are permitted to get access of sensor nodes. As the information from the sensors are transmitted via public network and sensor nodes have limited battery, shift the focus on security and efficiency in WSNs. User authentication is the security task for limiting the access. It is achieved by equipping authorized users with passwords, tokens or biometrics. However, password and token are easy being stolen and forgotten; even biometrics inherit some limitation. More suitable approach is to combine both password and biometric authenticator to harvest benefits in security. This paper proposes a novel authentication and key agreement scheme for WSNs using biohashing. Biohashing facilitates elimination of false accept rates without increasing occurrence of false rejection rate. Additionally, biohashing has highly clear separation of imposter populations and genuine, and zero equal error rate level. The proposed scheme also supports dynamic node addition and user friendly password change mechanism. Using the BAN-logic, we prove that the proposed scheme provides mutual authentication. In addition, we simulate proposed scheme for the security against man-in-the middle attack and replay attack using the AVISPA tool, and the simulation results show that our scheme is safe. Through the informal security analysis, we show that the proposed scheme is secure against the known attacks for authentication protocols. (C) 2016 Elsevier B.V. All rights reserved.