期刊
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS
卷 34, 期 -, 页码 133-141出版社
ELSEVIER SCIENCE BV
DOI: 10.1016/j.jisa.2017.04.002
关键词
Iot; Wireless sensor network; Authentication Key agreement; Integrity
资金
- Ministry of Science and Technology [MOST 104-2221-E-025-006, MOST 105-2221-E-034-014-]
In 2014, Turkanovic et al. applied the Internet of Things (IoT) notion to wireless sensor networks (WSNs) and proposed a user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks with lightweight computational operations. In 2015, Chang et al. find that Turkanovic et al.'s scheme possesses two drawbacks that can be overcome with simple modification. After further analyzing Turkanovic et al.'s scheme, we find that their scheme suffers from two fatal security flaws. First, user anonymity is not provided as claimed. Second, an attacker can obtain the session key shared between a normal sensor node and the user who has ever connected to a compromised sensor node. In this paper, we explicitly show the found security flaws and propose an improvement by taking the following into consideration: (1) user anonymity, (2) no complex computations, (3) mutual authentication between any two of a gateway node, a sensor node, and the user, (4) user friendly, and (5) ensuring the correctness of the session key earlier. (C) 2017 Elsevier Ltd. All rights reserved.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据