Cryptology ePrint Archive: Report 2009/631
Improvement of Das's Two-Factor Authentication Protocol in Wireless Sensor Networks
DaeHun Nyang and Mun-Kyu Lee
Abstract: User authentication is essential for customized services
and privileged access control in wireless sensor network.
In 2009, Das proposed a novel two-factor authentication scheme
for wireless sensor network, where a user must prove the possession of both a password and a smart card.
His scheme is well-designed for sensor nodes which typically have limited resources
in the sense that its authentication procedure requires no public key operations
but it utilizes only cryptographic hash function.
In this letter, we point out that Das's protocol is vulnerable to an off-line password guessing attack,
and also show a countermeasure to overcome the vulnerability without sacrificing any efficiency and usability.
Besides the patch, we suggest a method to protect query response messages
from wireless a sensor node to a user, which is necessary in serving a user in a confidential and authentic way.
Category / Keywords: applications / Wireless sensor network, authentication, password, smart card
Date: received 21 Dec 2009
Contact author: mklee at inha ac kr
Available format(s): PDF | BibTeX Citation
Version: 20091226:165426 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]