Center of Excellence in Information Assurance (CoEIA), King Saud University, Saudi Arabia.
Sensors (Basel). 2010;10(3):2450-9. doi: 10.3390/s100302450. Epub 2010 Mar 23.
User authentication in wireless sensor networks (WSN) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules; authenticating remote users in such resource-constrained environments is a paramount security concern. Recently, M.L. Das proposed a two-factor user authentication scheme in WSNs and claimed that his scheme is secure against different kinds of attack. However, in this paper, we show that the M.L. Das-scheme has some critical security pitfalls and cannot be recommended for real applications. We point out that in his scheme: users cannot change/update their passwords, it does not provide mutual authentication between gateway node and sensor node, and is vulnerable to gateway node bypassing attack and privileged-insider attack. To overcome the inherent security weaknesses of the M.L. Das-scheme, we propose improvements and security patches that attempt to fix the susceptibilities of his scheme. The proposed security improvements can be incorporated in the M.L. Das-scheme for achieving a more secure and robust two-factor user authentication in WSNs.
在无线传感器网络(WSN)中,用户认证是一个关键的安全问题,因为它们在野外无人值守且环境恶劣。由于传感器节点配备了有限的计算能力、存储和通信模块,因此在这种资源受限的环境中对远程用户进行认证是一个至关重要的安全问题。最近,M.L. Das 在 WSN 中提出了一种两因素用户认证方案,并声称他的方案可以抵御各种类型的攻击。然而,在本文中,我们表明 M.L. Das 方案存在一些严重的安全缺陷,不建议用于实际应用。我们指出,在他的方案中:用户无法更改/更新他们的密码,它没有提供网关节点和传感器节点之间的相互认证,并且容易受到网关节点旁路攻击和特权内部人员攻击。为了克服 M.L. Das 方案的固有安全弱点,我们提出了改进和安全补丁,试图修复他的方案的弱点。所提出的安全改进可以被合并到 M.L. Das 方案中,以实现 WSN 中更安全和强大的两因素用户认证。