Cryptanalysis of a privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security

Jongho Moon, Youngsook Lee, Hyungkyu Yang, Taeui Song, Dongho Won
{"title":"Cryptanalysis of a privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security","authors":"Jongho Moon, Youngsook Lee, Hyungkyu Yang, Taeui Song, Dongho Won","doi":"10.1109/ICOIN.2018.8343154","DOIUrl":null,"url":null,"abstract":"User authentication in wireless sensor networks is more complex than normal networks due to sensor network characteristics such as unmanned operation, limited resources, and unreliable communication. For this reason, various authentication protocols have been presented to provide secure and efficient communication. In 2017, Wu et al. presented a provable and privacy-preserving user authentication protocol for wireless sensor networks. Unfortunately, we found that Wu et al.'s protocol was still vulnerable against user impersonation attack, and had a problem in the password change phase. We show how an attacker can impersonate an other user and why the password change phase is ineffective.","PeriodicalId":228799,"journal":{"name":"2018 International Conference on Information Networking (ICOIN)","volume":"61 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on Information Networking (ICOIN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOIN.2018.8343154","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

Abstract

User authentication in wireless sensor networks is more complex than normal networks due to sensor network characteristics such as unmanned operation, limited resources, and unreliable communication. For this reason, various authentication protocols have been presented to provide secure and efficient communication. In 2017, Wu et al. presented a provable and privacy-preserving user authentication protocol for wireless sensor networks. Unfortunately, we found that Wu et al.'s protocol was still vulnerable against user impersonation attack, and had a problem in the password change phase. We show how an attacker can impersonate an other user and why the password change phase is ineffective.
基于物联网安全的无线传感器网络隐私保护和可验证用户认证方案的密码分析
由于传感器网络具有无人操作、资源有限、通信不可靠等特点,无线传感器网络中的用户认证比普通网络更加复杂。由于这个原因,已经提出了各种身份验证协议来提供安全和有效的通信。2017年,Wu等人提出了一种可证明且保护隐私的无线传感器网络用户认证协议。不幸的是,我们发现Wu等人的协议仍然容易受到用户冒充攻击,并且在密码更改阶段存在问题。我们将展示攻击者如何冒充其他用户,以及为什么密码更改阶段无效。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信