An efficient mutual authentication and key agreement scheme without password for wireless sensor networks

The Journal of Supercomputing - Wireless sensor networks (WSNs) are usually deployed in hostile or unattended areas, and users need to obtain real-time data from WSNs. The data collected by sensor...     

A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps

Spread of wireless network technology has opened new doors to utilize sensor technology in various areas via Wireless Sensor Networks (WSNs). Many authentication protocols for among the service seeker users, sensing component sensor nodes (SNs) and the service provider base-station or gateway node (GWN) are available to realize services from WSNs efficiently and without any fear of deceit. Recently, Li et al. and He et al. independently proposed mutual authentication and key agreement schemes for WSNs. We find that both the schemes achieve mutual authentication, establish session key and resist many known attacks but still have security weaknesses. We show the applicability of stolen verifier, user impersonation, password guessing and smart card loss attacks on Li et al.’s scheme. Although their scheme employs the feature of dynamic identity, an attacker can reveal and guess the identity of a registered user. We demonstrate the susceptibility of He et al.’s scheme to password guessing attack. In both the schemes, the security of the session key established between user and SNs is imperfect due to lack of forward secrecy and session-specific temporary information leakage attack. In addition both the schemes impose extra computational load on resource scanty sensor-nodes and are not user friendly due to absence of user anonymity and lack of password change facility. To handle these drawbacks, we design a mutual authentication and key agreement scheme for WSN using chaotic maps. To the best of our knowledge, we are the first to propose an authentication scheme for WSN based on chaotic maps. We show the superiority of the proposed scheme over its predecessor schemes by means of detailed security analysis and comparative evaluation. We also formally analyze our scheme using BAN logic.     

一种高效无线传感器网络认证及密钥协商方案

随着无线传感器网络在社会各个领域的渗透,其安全机制的研究一直是无线传感器网络的研究热点。在分析了无线传感器网络中认证及密钥协商方案设计时应满足条件的基础上,基于单向HASH函数和对称密码算法,设计了无线传感器网络中传感器节点间一种高效的认证及密钥协商方案。并从互认证、会话密钥、可抵御攻击等方面对该方案的安全性进行了分析,说明了该方案的安全性能较好,可有效抵御典型攻击行为;详细比较该方案和现有类似方案的运行性能,结果表明,该方案在存储容量需求、计算复杂性和通信带宽需求方面均优于现有方案。     

基于ECC的密钥协商及双向认证方案

针对当前移动通信系统中认证和密钥协商协议存在的安全缺陷,提出一种基于椭圆曲线密码体制的双向认证和密钥协商方案,用于移动网络中任意用户之间,或用户与网络之间进行双向认证和会话密钥的安全协商.该方案采用ECC技术,能够在更小的密钥量下提供更大的安全性,减少对带宽的需求,降低移动终端的计算负担和存储要求.     

基于ECC的双向认证及密钥协商方案的分析与改进

针对当前移动通信中认证和密钥协商存在的问题和已有的解决方案,提出了一种改进的基于椭圆曲线密码体制ECC的密钥协商及双向认证方案.该方案用于移动网络中任意用户之间,或用户与网络之间进行双向认证和密钥的安全协商.采用ECC技术,能够在更小的密钥量下提供更大的安全性,减少对带宽的需求,降低通信双方的计算负担和存储要求,适用于无线网络环境.     

基于二元多项式的短波自组网密钥预分配方案

针对短波通信在传输过程中连通率低及容易遭受敌方截获和攻击的缺点,提出一种基于二元多项式的密钥预分配方案。该方案采用对称加密技术保证报文加/解密的效率;运用公钥密码体制复杂性提高会话密钥的安全性;引入hash函数对报文进行签名,验证报文的真实性与完整性;基于区域划分对节点进行分簇,实现节点之间100%的连通率。实验结果表明,该方案能有效抵御敌方的攻击,保证网络的安全通信。     

A dynamic password-based user authentication scheme for hierarchical wireless sensor networks

Most queries in wireless sensor network (WSN) applications are issued at the point of the base station or gateway node of the network. However, for critical applications of WSNs there is a great need to access the real-time data inside the WSN from the nodes, because the real-time data may no longer be accessed through the base station only. So, the real-time data can be given access directly to the external users (parties) those who are authorized to access data as and when they demand. The user authentication plays a vital role for this purpose. In this paper, we propose a new password-based user authentication scheme in hierarchical wireless sensor networks. Our proposed scheme achieves better security and efficiency as compared to those for other existing password-based approaches. In addition, our scheme has merit to change dynamically the user's password locally without the help of the base station or gateway node. Furthermore, our scheme supports dynamic nodes addition after the initial deployment of nodes in the existing sensor network.     

一种分层的无线传感器网络密钥管理方案*

针对现有密钥管理方案抗俘获性差和占据存储空间大等缺点,提出了一种分层的密钥管理方案。簇头节点采用了Blom矩阵,有效提高了簇头节点抗击俘获的能力;簇内节点利用中国剩余定理,在将复杂计算转交给基站的同时,降低了组密钥的存储空间。通过对比分析,该方案较好地满足了WSNs密钥管理的相关指标,提高了安全性能。     

新的无线传感器网络密钥预分配方案

基于二元对称多项式的随机密钥预分配方案为节点的通信提供了一种安全机制,但这些方案都存在t门限性质问题。为了更好地解决此问题,提高网络的安全阈值及节点的抗俘获能力,采用同化三元多项式代替二元对称多项式来建立节点间通信,并对共享密钥使用单向hash函数进行处理,提高了密钥破解难度。同时采用六边形部署模型,提高网络的安全连通率,减少被捕获节点的影响范围。分析结果表明,该方案提高了网络的安全性及节点的抗毁性,降低了节点间的通信开销。     

一种新的传感器网络密钥分配方案

密钥分配对于无线传感器网络（WSN）的安全起着基础性作用。由于传感器网络规模大、节点资源非常受限等特点,传统的基于公钥和可信任密钥分配中心等方式不能使用。提出了一种新的WSN密钥分配方案,并对其存储量、通信量、计算量和安全性进行了分析。该方案基于安全两方计算,计算负载小,安全性高,适合传感器网络。     

A fuzzy-based interleaved multi-hop authentication scheme in wireless sensor networks

In sensor networks, a compromised node can either generate fabricated reports with false votes or inject false votes into real reports, which causes severe damage such as false alarms, energy drain and information loss. An interleaved hop-by-hop authentication (IHA) scheme addresses the former attack by detecting and filtering false reports in a deterministic and hop-by-hop fashion. Unfortunately, in IHA, all en-route nodes must join to verify reports while only a few are necessary to the authentication procedure. In this paper, we propose a fuzzy-based interleaved multi-hop authentication scheme based on IHA. In our scheme, the fuzzy logic system only selects some nodes for verification based on the network characteristics. Moreover, we apply a voting method and a hash-based key assignment mechanism to improve network security. Through performance evaluation, the proposed scheme is found to save up to 13% of the energy consumption and to provide more network protection compared to IHA.     

基于标识的无线传感器网络密钥预分配方案

密钥分配是无线传感器网络中极具挑战性的安全问题之一.为了实现无线传感器网络中的安全通讯,需要对传感器结点间传递的信息进行加密.由于受每个传感器结点自身资源的限制,传统网络中使用的密钥分配策略,并不适用于无线传感器网络.提出了基于结点ID的密钥预分配方案,实现了非对称和对称密钥体制、分布式和集中式密钥管理的结合,有效地提高了传感器网络其安全性和连通性.     

安全的无线传感器网络密钥预分配方案

密钥管理是无线传感器网络(WSN)安全的核心问题。基于二元对称多项式的随机密钥预分配方案为节点的通信提供了一种安全机制,但这些方案都存在“t-security”问题,很难抵制节点的捕获攻击。为了更好地解决该问题,提高网络的安全阈值及节点的抗捕获能力,采用可转化三元多项式代替二元对称多项式来建立节点间通信,并引入密钥分发节点进行分簇网络密钥分发。同时,由于对节点密钥采用单向Hash函数进行处理,提高了密钥破解难度。分析结果表明,该方案提高了网络的安全性及节点的抗毁性与可扩展性,降低了传感器普通节点的存储与计算开销。     

一种新的无线传感器网络密钥预分配方案

针对无线传感器网络资源有限的特点,给出了一种基于平面格的密钥预分配方案,该方案存储开销与能量消耗较小,能确保所有邻近节点直接建立对偶密钥,但安全性能较差。然后将方案扩展到三维格上,提出了基于三维格的密钥预分配方案,分析结果表明方案具有较好的可扩展性与抵抗攻击的能力。     

A novel key pre-distribution scheme for wireless distributed sensor networks

A novel key pre-distribution scheme for sensor networks is proposed, which enables sensor nodes to communicate securely with each other using cryptographic techniques. The approach uses the rational normal curves in the projective space with the dimension n over the finite field F q . Both secure connectivity and resilience of the resulting sensor networks are analyzed. By choosing the parameters q and n properly, this key pre-distribution scheme has some advantages over the previous known schemes. In addit...     

无线通信漫游服务中匿名认证与密钥协商方案

利用单向哈希函数、消息加解密系统、数字签名技术和椭圆曲线上的离散对数难题为基本组件来构造方案,以满足无线通信环境下漫游服务中匿名认证和密钥协商协议对安全性和实用性的要求。新方案不仅满足更多匿名认证和密钥协商的安全属性要求,而且提供一系列附加功能以提高方案的强健性和用户友好性。最后,分析指出新方案可以抵抗已知的安全攻击,保护用户隐私,满足移动设备对低消耗的要求和用户对灵活性的需求。     

无线传感器网络中基于ID密钥管理方案

为了减少在密钥生成时的数据通信,在分析Park密钥预分配方案的基础上,提出一个基于传感器ID的密钥管理方案.该方案不仅明显降低了生成密钥时的通信开销,而且确保所有的节点均能建立安全链路.分析表明,该方案还具有较强的抵抗攻击能力.     

有效的无线传感器网络密钥管理算法

密钥管理算法是无线传感器网络安全的一个重要组成部分.提出了一个新的密钥管理算法,它通过将已存储的密钥部分地转化为即使被攻击者截获也无影响的特殊信息,来获取更加良好的安全性能,但同时又不降低网络的连通性能.为了验证此算法的性能,给出仿真和与其它算法进行性能对比的例子,仿真结果显示这种算法具有更好的性能.