Visible to the public Cryptanalysis of a privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security

TitleCryptanalysis of a privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security
Publication TypeConference Paper
Year of Publication2018
AuthorsMoon, J., Lee, Y., Yang, H., Song, T., Won, D.
Conference Name2018 International Conference on Information Networking (ICOIN)
Keywordsauthentication, compositionality, cryptographic protocols, data privacy, Elliptic curve cryptography, Elliptic curves, Internet of Things, Internet of Things security, key agreement, Logic gates, message authentication, mobile devices, password, password change phase, Predictive Metrics, privacy-preserving cryptanalysis, privacy-preserving user authentication protocol, Protocols, provable security, provable user authentication scheme, pubcrawl, Resiliency, secure communication, sensor network characteristics, telecommunication security, user anonymity, user impersonation attack, Wireless sensor networks
AbstractUser authentication in wireless sensor networks is more complex than normal networks due to sensor network characteristics such as unmanned operation, limited resources, and unreliable communication. For this reason, various authentication protocols have been presented to provide secure and efficient communication. In 2017, Wu et al. presented a provable and privacy-preserving user authentication protocol for wireless sensor networks. Unfortunately, we found that Wu et al.'s protocol was still vulnerable against user impersonation attack, and had a problem in the password change phase. We show how an attacker can impersonate an other user and why the password change phase is ineffective.
DOI10.1109/ICOIN.2018.8343154
Citation Keymoon_cryptanalysis_2018