A secure three-factor anonymous roaming authentication protocol using ECC for space information networks

The wireless sensor network is a network composed of sensor nodes self-organizing through the application of wireless communication technology. The application of wireless sensor networks (WSNs) requires high security, but the transmission of sensitive data may be exposed to the adversary. Therefore, to guarantee the security of information transmission, researchers propose numerous security authentication protocols. Recently, Wu et al. proposed a new three-factor authentication protocol for WSNs. However, we find that their protocol cannot resist key compromise impersonation attacks and known session-specific temporary information attacks. Meanwhile, it also violates perfect forward secrecy and anonymity. To overcome the proposed attacks, this paper proposes an enhanced protocol in which the security is verified by the formal analysis and informal analysis, Burross-Abadii-Needham (BAN) logic, and ProVerif tools. The comparison of security and performance proves that our protocol has higher security and lower computational overhead.

Download Full-text

Mutual Connection in 5G Based Space Information Networks: Opportunities and Challenges

Communications in Computer and Information Science - Space Information Networks ◽

10.1007/978-981-15-3442-3_14 ◽

2020 ◽

pp. 175-182

Author(s):

Yuan Gao ◽

Jiang Cao ◽

Junsong Yin ◽

Su Hu ◽

Wanbin Tang ◽

...

Keyword(s):

Information Networks ◽

Space Information Networks

Download Full-text

Three-Factor User-Authentication Protocol for Wireless Sensor Networks—A Review

Algorithms for Intelligent Systems - Proceedings of the International Conference on Paradigms of Communication, Computing and Data Sciences ◽

10.1007/978-981-16-5747-4_11 ◽

2022 ◽

pp. 123-136

Author(s):

Vaishnavi Mishra ◽

Abhay S. Gandhi

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

User Authentication ◽

Authentication Protocol ◽

Wireless Sensor ◽

Three Factor

Download Full-text

Space Information Networks

IEEE Wireless Communications ◽

10.1109/mwc.2019.8700134 ◽

2019 ◽

Vol 26 (2) ◽

pp. 8-9 ◽

Cited By ~ 1

Author(s):

Lin Bai ◽

Tomaso de Cola ◽

Quan Yu ◽

Wei Zhang

Keyword(s):

Information Networks ◽

Space Information Networks

Download Full-text

Cryptanalysis and Security Improvement of Two Authentication Schemes for Healthcare Systems Using Wireless Medical Sensor Networks

Security and Communication Networks ◽

10.1155/2020/5047379 ◽

2020 ◽

Vol 2020 ◽

pp. 1-11 ◽

Cited By ~ 3

Author(s):

Jiaqing Mo ◽

Zhongwang Hu ◽

Yuhua Lin

Keyword(s):

Healthcare Systems ◽

Authentication Protocol ◽

Medical Professional ◽

Healthcare Data ◽

Insider Attack ◽

Medical Sensor Networks ◽

Authentication Schemes ◽

Guessing Attack ◽

Privileged Insider Attack ◽

Three Factor

Wireless medical sensor networks (WMSNs) play an important role in collecting healthcare data of the remote patient and transmitting them to the medical professional for proper diagnosis via wireless channel. To protect the patient's healthcare data which is private-related and sensitive, some authentication schemes for healthcare systems using WMSN have been proposed to ensure the secure communication between the medical sensors and the medical professional. Since cryptanalyzing the security defects of authenticated protocols is crucial to put forward solutions and propose truly robust protocols, we scrutinize two state-of-the-art authentication protocols using WMSN for healthcare systems. Firstly, we examine Ali et al.’s enhanced three-factor based authentication protocol and show that although it provides a formal proof and a security verification, it still fails to resist offline dictionary guessing attack, desynchronization attack, and privileged insider attack and contains a serious flaw in the password change phase. Secondly, we investigate Shuai et al.’s lightweight and three-factor based authentication protocol and point out that it cannot achieve high security level as they claimed; it is actually subject to offline dictionary guessing attack and privileged insider attack, and it also has a design flaw in the password change phase. In addition, we suggest several countermeasures to thwart these security weaknesses in these two schemes for WMSN and the similar kinds.

Download Full-text