Cryptanalysis and Improvement of the Robust User Authentication Scheme for Wireless Sensor Networks

Wireless sensor networks are widely used in industrial process control, human health care, environmental control, vehicular tracking and battlefield surveillance, etc. A wireless sensor network consists of lots of sensor nodes and a gateway node. The sensor node usually communicates with the gateway node and users over an ad hoc wireless network. However, due to the open environments, the wireless sensor networks are vulnerable to variety of security threats. Thus, it is a critical issue to adopt a suitable authentication mechanism for wireless sensor networks to enhance security. In 2009, Vaidya et al. proposed a robust user authentication schemes for wireless sensor networks. In this article, we will show that their scheme is vulnerable to the guessing attack and the impersonation attack. Since it needs a secure channel for communications in password changing phase, their scheme is also inconvenient and expensive for users to update passwords. We also propose an improved scheme to remedy the flaws. The improved scheme withstands the replay attack and off-line guessing attack and the users can freely update their passwords via public channels.