Study and development of authentication and key management scheme in wireless sensor networks

Abstract

Security and Privacy has turned into a challenging issue in public network regarding shared information, authentication, and key management. Thus, to overcome such challenges some cryptographic protocols can be designed which could secure the shared information over the uncertain public network. The unique characteristic of the sensor node is resource constraints, minimal storage capabilities, tiny size, lower battery capacities pose, and many other challenges in the WSN. In this context, broadly investigations on existing remote user authentication and key agreement schemes have done in the WSNs environment. Remote client, sensor node and Gateway Node (and#119866;and#119882;and#119873;) must be authenticated in WSNs for secure communication. User authentication and key agreement are the dominated methods which verify the users and sensor nodes before offering access to any network/internet. The primary objectives of this research are extensive studies of remote user authentication in WSNs using smart card, session key agreement between the entities with the help of trusted third party, dynamic keys management and further, designed some new protocols for overcome the shortcoming of related existing schemes to enhance the security features. Hence, as a first contribution in this research, a new improve and secure biometrics-based user authentication scheme in wireless sensor networks has been proposed using smart card in which attacker not just oppose against attacks like replay attack, Denial of service attack (DoS), masquerade attack, and man-in-the-middle (MITM) attack, but also can maintain the low computational overhead as well. Later, the proposed scheme is compared with other related schemes and found remarkably low computation and less communication overhead too. To prove the authentication among the participants, ProVerif simulation tool is used and to justify security properties, Burrows-Abadi-Needham (BAN) logic has been defined. Consequently, during this research, it has been found that to make a session key more secure.