Paper 2009/631

Improvement of Das's Two-Factor Authentication Protocol in Wireless Sensor Networks

DaeHun Nyang and Mun-Kyu Lee

Abstract

User authentication is essential for customized services and privileged access control in wireless sensor network. In 2009, Das proposed a novel two-factor authentication scheme for wireless sensor network, where a user must prove the possession of both a password and a smart card. His scheme is well-designed for sensor nodes which typically have limited resources in the sense that its authentication procedure requires no public key operations but it utilizes only cryptographic hash function. In this letter, we point out that Das's protocol is vulnerable to an off-line password guessing attack, and also show a countermeasure to overcome the vulnerability without sacrificing any efficiency and usability. Besides the patch, we suggest a method to protect query response messages from wireless a sensor node to a user, which is necessary in serving a user in a confidential and authentic way.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Unknown where it was published
Keywords
Wireless sensor networkauthenticationpasswordsmart card
Contact author(s)
mklee @ inha ac kr
History
2009-12-26: received
Short URL
https://ia.cr/2009/631
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2009/631,
      author = {DaeHun Nyang and Mun-Kyu Lee},
      title = {Improvement of Das's Two-Factor Authentication Protocol in Wireless Sensor Networks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/631},
      year = {2009},
      url = {https://eprint.iacr.org/2009/631}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.