Security Enhanced and Cost-effective User Authentication Scheme for Wireless Sensor Networks

Due to its significant advantages, wireless sensor networks (WSNs) are now widely deployed in various areas to collect and transmit the required data. To ensure only authorized users can login to WSNs, many user authentication schemes based on password and smart card have been proposed. Most recently, Farash et al. and Kumari et al. subsequently proposed an efficient user authentication and key agreement scheme for WSNs, respectively. Even though the two above schemes are claimed to be secure under reasonable assumptions, we find that they, in fact, cannot resist offline password guessing attack when the secret values stored in the smart card are revealed, and also fail to provide forward secrecy. To overcome these security weaknesses, we propose a novel user authentication scheme for WSNs by introducing Diffie-Hellman key exchange. The security analysis and performance discussion demonstrate that the proposed scheme is secure against various well known attacks, and also is efficient enough. Thus, it is more desirable for securing communications in WSMs.