Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks

Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In this work, we investigate two recent proposals in the area of smart-card-based password authentication for security-critical real-time data access applications in hierarchical wireless sensor networks (HWSN). Firstly, we analyze an efficient and DoS-resistant user authentication scheme introduced by Fan et al. in 2011. This protocol is the first attempt to address the problems of user authentication in HWSN and only involves lightweight cryptographic primitives, such as one-way hash function and XOR operations, and thus it is claimed to be suitable for the resource-constrained HWSN environments. However, it actually has several security loopholes being overlooked, and we show it is vulnerable to user anonymity violation attack, smart card security breach attack, sensor node capture attack and privileged insider attack, as well as its other practical pitfalls. Then, A.K. Das et al.'s protocol is scrutinized, and we point out that it cannot achieve the claimed security goals: (1) It is prone to smart card security breach attack; (2) it fails to withstand privileged insider attack; and (3) it suffers from the defect of server master key disclosure. Our cryptanalysis results discourage any practical use of these two schemes and reveal some subtleties and challenges in designing this type of schemes. Furthermore, using the above two foremost schemes as case studies, we take a first step towards investigating the underlying rationale of the identified security failures, putting forward three basic principles which we believe will be valuable to protocol designers for advancing more robust two-factor authentication schemes for HWSN in the future. (C) 2014 Elsevier B.V. All rights reserved.