Secure Authentication Protocol for Wireless Sensor Networks in Vehicular Communications
<p>Vehicular communications system model.</p> "> Figure 2
<p>User registration phase of the Mohit et al.’s scheme.</p> "> Figure 3
<p>User login and authentication phase of the Mohit et al.’s scheme.</p> "> Figure 4
<p>Password change phase of the Mohit et al.’s scheme.</p> "> Figure 5
<p>User registration phase of the proposed scheme.</p> "> Figure 6
<p>User login and authentication phase of the proposed scheme.</p> "> Figure 7
<p>Password change phase of the proposed scheme.</p> "> Figure 8
<p>Role specification for session and environment.</p> "> Figure 9
<p>Role specification for user <math display="inline"><semantics> <mrow> <mi>U</mi> <mi>A</mi> </mrow> </semantics></math>.</p> "> Figure 10
<p>Role specification for <math display="inline"><semantics> <mrow> <mi>V</mi> <mi>S</mi> </mrow> </semantics></math>.</p> "> Figure 11
<p>Role specification for <math display="inline"><semantics> <mrow> <mi>S</mi> <mi>N</mi> </mrow> </semantics></math>.</p> "> Figure 12
<p>The result of analysis using OFMC and CL-AtSe</p> ">
Abstract
:1. Introduction
1.1. Threat Model
- An adversary can modify, eavesdrop, insert or delete the transmitted messages over a public channel.
- An adversary can perform various attacks such as impersonation, trace, smartcard stolen, and replay attacks.
1.2. Our Contributions
- We demonstrate that Mohit et al.’s scheme is vulnerable to various attacks such as impersonation and trace attacks. In addition, we point out that their scheme cannot provide mutual authentication, session key security and anonymity.
- We propose a secure authentication protocol for WSNs in vehicular communications to resolve these security weaknesses. Our proposed protocol prevents impersonation and trace attacks, and also achieves anonymity, session key security and secure mutual authentication. In addition, the proposed scheme is efficient because it utilizes only hash function and XOR operation in authentication phase.
- We prove that our protocol provides secure mutual authentication by using the broadly accepted Burrows–Abadi–Needham (BAN) logic [28]. We also perform an informal analysis to demonstrate the security of the proposed protocol against various attacks such as impersonation and trace attacks.
- We compare the performance of our scheme against those of related existing schemes and perform a formal security verification by using the widespread Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation software tool.
1.3. Paper Outline
2. System Model
- Untraceability and anonymity. In a modern vehicular communication system, user’s real identity and location data are very sensitive information. For these reason, an adversary cannot trace a user’s location and know the user’s real identity to guarantee a privacy of user.
- Secure mutual authentication. A secure mutual authentication is known for a essential security requirement in VANETs in order to guarantee that only the legitimate users should access the services and communicate securely with each other [32].
- Confidentiality. In our system, the user, sink node, and vehicle sense can freely communicate among themselves through a internet. However, an adversary can try to obtain various pieces of information from users such as traffic congestion, speed, and vehicle accident because it is transmitted in a public channel. Therefore, a confidentiality must be guaranteed and the transmitted data is only known to legitimate user in order to ensure a security.
3. Review of Mohit et al.’s Scheme
3.1. System Setup Phase
3.2. User Registration Phase
- Step 1:
- chooses an identity , password , and random nonce . then computes , and sends them to the sink node via a secure channel.
- Step 2:
- selects a random nonce and random number , and then computes , , , and . After that, stores in the smartcard and issues the smartcard to through a secure channel.
- Step 3:
- Upon receiving the smartcard, computes and stores it in the smartcard. Ultimately, the smartcard contains .
3.3. User Login and Authentication Phase
- Step 1:
- inserts the smartcard into a card reader and inputs and . The smartcard then computes , , , and . Then, the smartcard checks whether . If it is equal, the smartcard computes and generates a random nonce . The smartcard also computes , , and . Finally, the smartcard sends the login request message to via a public channel.
- Step 2:
- After receiving the login request message from , retrieves and . Then, computes and checks whether is equal to . Then, generates a random nonce and computes , , . Finally, sends to the vehicle sensor.
- Step 3:
- Upon receiving the message , the vehicle sensor retrieves and . Then, checks the freshness of . If it is fresh, sends and requests the sink node’s master key from . After receiving from through a secure channel, computes and checks whether . If it is verified, chooses a random nonce and computes , , and . Finally, sends to .
- Step 4:
- After receiving the message , retrieves and computes . Then, checks whether is correct. If it is correct, computes , and sends to .
- Step 5:
- Upon receiving the message from , retrieves and computes , and then checks whether is correct. If they are equal, mutual authentication has been successfully achieved.
3.4. Password Change Phase
- Step 1:
- inserts smartcard in the card reader and inputs the identity and password , and then submits to the card reader via a secure channel.
- Step 2:
- After receiving , the smartcard computes , , , and . It checks whether . If this is verified, the smartcard sends the authentication message and requests a new password from . After receiving the authentication message from smartcard, inputs the new password .
- Step 3:
- The smartcard calculates , , , , and by using the new password of . Finally, smartcard replaces with .
4. Cryptanalysis of Mohit et al.’s Scheme
4.1. Impersonation Attack
- Step 1:
- computes , , , , and , where , , and are messages of the previous session.
- Step 2:
- can obtain the secret parameters , , and and a random nonce . then chooses a random nonce and computes , , and . Finally, generates the login request message and sends it to the sink node .
- Step 3:
- After receiving the login request message from , retrieves , and . then computes and checks whether is equal to . Then, generates a random nonce and computes , , , and . Finally, sends to the vehicle sensor.
- Step 4:
- Upon receiving the message , the vehicle sensor retrieves and , and then checks the freshness of . If it is fresh, sends and requests the sink node’s master key from . After receiving from through a secure channel, computes and checks whether . If it is verified, chooses a random nonce and computes , , and . Finally, sends to .
- Step 5:
- After receiving the message , retrieves and computes and . Then, checks whether is correct. If it is correct, computes and and sends to .
- Step 6:
- Upon receiving the message from , successfully achieves mutual authentication.
4.2. Trace Attack and Anonymity Preservation
4.3. Mutual Authentication
4.4. Session Key Security
5. Proposed Protocol
5.1. User Registration Phase
- Step 1:
- The user selects the identity and password and then generates a random number to computes . Then, sends to the sink node via a secure channel.
- Step 2:
- After receiving the registration request message from , generates a random unique identity for and computes , and . After that, stores in a smartcard, which it issues to through a secure channel. Finally, stores in a database.
- Step 3:
- Upon receiving the smartcard from , calculates and stores in the smartcard. Consequently, stores in the smartcard.
5.2. Login and Authentication Phase
- Step 1:
- inserts the smartcard and inputs the identity and password into a smartcard reader. Then, computes , and and checks whether . If it is equal, generates a random nonce and computes , and . sends the login request message to through a public channel.
- Step 2:
- After receiving the login request message from , retrieves matched with in a database. Then, computes , and and checks whether . If it is correct, generates a random nonce and computes , and . also sends the authentication request message to via a public channel.
- Step 3:
- Upon receiving the message , computes and receives from . Then, computes and and checks whether . If they are equal, generates a random nonce and computes , and . Finally, sends to through a public channel.
- Step 4:
- After receiving the message from , computes and . Then, checks whether . If it is equal, computes and . After that, generates a new random unique identity and computes and . also sends the message to via an open channel.
- Step 5:
- Upon receiving the message , computes , and . Then, checks whether . If it is equal, updates to . Finally, computes and sends the confirmation message to .
- Step 6:
- After receiving the message from , computes and . Then, checks whether . If it is valid, replaces with .
5.3. Password Change Phase
- Step 1:
- inserts his or her smartcard into a card reader and inputs the identity and old password .
- Step 2:
- computes , and . Then, compares the computed with the stored in its memory. If it is valid, sends an authentication message to .
- Step 3:
- On receiving the message from the smartcard, inserts the new password in the smartcard.
- Step 4:
- Using the new password , computes , and . Finally, the smartcard replaces the old information with .
6. Security Analysis
6.1. Informal Security Analysis
6.1.1. Impersonation Attack
6.1.2. Trace Attack and Anonymity
6.1.3. Smartcard Stolen Attack
6.1.4. Replay Attack
6.1.5. Secure Mutual Authentication
6.2. Security Analysis Using BAN Logic
6.2.1. Postulates of BAN Logic
- 1.
- Message meaning rule :
- 2.
- Nonce verification rule :
- 3.
- Jurisdiction rule :
- 4.
- Freshness rule :
- 5.
- Belief rule :
6.2.2. Goals
- Goal 1:
- Goal 2:
- Goal 3:
- Goal 4:
- Goal 5:
- Goal 6:
6.2.3. Idealized Forms
- Msg1:
- :
- Msg2:
- :
- Msg3:
- :
- Msg4:
- :
- Msg5:
- :
6.2.4. Assumptions
- A1:
- A2:
- A3:
- A4:
- A5:
- A6:
- A7:
- A8:
- A9:
- A10:
- A11:
- A12:
6.2.5. Proof Using BAN Logic
- Step 1:
- According to , we can obtain
- Step 2:
- In conformity with the message meaning rule with and , we can get
- Step 3:
- According to the freshness rule with , we can get
- Step 4:
- According to the nonce verification rule with and , we can obtain
- Step 5:
- According to , we can get
- Step 6:
- In conformity with the message meaning rule with and , we can get
- Step 7:
- According to the freshness rule with , we can obtain
- Step 8:
- According to the nonce verification rule with and , we can get
- Step 9:
- According to , we can obtain
- Step 10:
- In conformity with the message meaning rule with and , we can obtain
- Step 11:
- According to the freshness rule with , we can get
- Step 12:
- According to the nonce verification rule with and , we can get
- Step 13:
- According to , we can obtain
- Step 14:
- In conformity with the message meaning rule with and , we can get
- Step 15:
- According to the freshness rule with , we can get
- Step 16:
- According to the nonce verification rule with and , we can get
- Step 17:
- According to the belief rule with , we can get
- Step 18:
- In conformity with the jurisdiction rule with and , we can obtain
- Step 19:
- In conformity with the belief rule with , we can get
- Step 20:
- According the jurisdiction rule with and , we can obtain
- Step 21:
- In conformity with the belief rule with , we can get
- Step 22:
- According the jurisdiction rule with and , we can obtain
7. Security Analysis Using the AVISPA Tool
7.1. HLPSL Specifications
7.2. Analysis of Simulation Results
8. Performance Analysis
8.1. Computation Cost
8.2. Security Properties
8.3. Communication Cost
9. Conclusions
Author Contributions
Funding
Acknowledgments
Conflicts of Interest
References
- Chatterjee, K.; De, A.; Gupta, D. A secure and efficient authentication protocol in wireless sensor network. Wirel. Pers. Commun. 2015, 81, 17–37. [Google Scholar] [CrossRef]
- Kim, J.; Lee, D.; Jeon, D.; Lee, Y.; Won, D. Security anaylsis and improvements two-factor mutual authentication with key agreement in wireless sensor networks. Sensors 2014, 14, 6443–6462. [Google Scholar] [CrossRef] [PubMed]
- Kumari, S.; Om, H. Authentication protocol for wireless sensor networks applications like safety monitoring in coal mines. Comput. Netw. 2016, 104, 137–154. [Google Scholar] [CrossRef]
- Wang, D.; Wang, P. On the anonymity of two-factor authentication schemes for wireless sensor networks. Comput. Netw. 2014, 73, 41–57. [Google Scholar] [CrossRef]
- Park, Y.; Park, Y. Three-factor user authentication and key agreement using elliptic curve cryptosystem in wireless sensor networks. Sensors 2016, 16, 2123. [Google Scholar] [CrossRef] [PubMed]
- Jiang, Q.; MA, P.F.; Lu, X.; Tian, Y.L. An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Netw. Appl. 2015, 8, 1070–1081. [Google Scholar] [CrossRef]
- Amin, R.; Biswas, G.P. A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Netw. 2016, 36, 58–80. [Google Scholar] [CrossRef]
- Amin, R.; Hafizul Islam, S.K.; Biswas, G.P.; Khan, M.K.; Leng, L.; Kumar, N. Design of an anonymity preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput. Netw. 2016, 101, 42–62. [Google Scholar] [CrossRef]
- Wong, K.H.; Zheng, Y.; Cao, J.; Wang, S. A dynamic user authentication scheme for wireless sensor networks. In Proceedings of the 2006 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC’06), Taichung, Taiwan, 5–7 June 2006; Volume 1, pp. 1–8. [Google Scholar]
- Das, M.L. Two-factor user authentication in wireless sensor networks. IEEE Trans. Wirel. Commun. 2009, 8, 1086–1090. [Google Scholar] [CrossRef]
- Chen, T.H.; Shih, W.K. A robust mutual authentication protocol for wireless sensor networks. ETRI J. 2010, 32, 704–712. [Google Scholar] [CrossRef]
- Khan, M.K.; Alghathbar, K. Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks. Sensors 2010, 10, 2450–2459. [Google Scholar] [CrossRef] [PubMed]
- Yeh, H.L.; Chen, T.H.; Liu, P.C.; Kim, T.H.; Wei, H.W. A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 2011, 11, 4767–4779. [Google Scholar] [CrossRef] [PubMed]
- Han, W. Weakness of a Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography. IACR Cryptol. ePrint Arch. 2011, 2011, 293. [Google Scholar]
- Shi, W.; Gong, P. A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. Int. J. Sens. Netw. 2013, 2013, 730831. [Google Scholar] [CrossRef]
- Choi, Y.; Lee, D.; Kim, J.; Nam, J.; Won, D. Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 2014, 14, 10081–10106. [Google Scholar] [CrossRef] [PubMed]
- Zhang, C.; Lin, X.; Lu, R.; Ho, P.H. RAISE: An efficient RSU-aided message authentication scheme in vehicular communication networks. In Proceedings of the 2008 IEEE International Conference on Communications, Beijing, China, 19–23 May 2008; pp. 1–7. [Google Scholar]
- Zhang, C.; Lin, X.; Lu, R.; Ho, P.H.; Shen, S. An Efficient Message Authentication Scheme for Vehicular Communications. IEEE Trans. Veh. Technol. 2008, 57, 3357–3368. [Google Scholar] [CrossRef] [Green Version]
- Lu, R.; Lin, X.; Zhu, H.; Ho, P.H.; Shen, X. ECPP: Efficient conditional privacy preservation protocol for secure vehicular communications. In Proceedings of the 2008 IEEE INFOCOM Conference on Computer Communications, Phoenix, AZ, USA, 13–18 April 2008; pp. 1–9. [Google Scholar]
- Huang, D.; Misra, S.; Verma, M.; Xue, G. PACP: An efficient pseudonymous authentication-based conditional privacy protocol for VANETs. IEEE Trans. Intell. Transp. Syst. 2011, 12, 736–746. [Google Scholar] [CrossRef]
- Chuang, M.C.; Lee, J.F. Team: Trust-extended authentication mechanism for vehicular ad hoc networks. IEEE Syst. J. 2014, 8, 749–758. [Google Scholar] [CrossRef]
- Kumari, S.; Karuppiah, M.; Li, X.; Wu, F.; Das, A.K.; Odelu, V. An enhanced and secure trust-extended authentication mechanism for vehicular ad-hoc networks. Secur. Commun. Netw. 2016, 9, 4255–4271. [Google Scholar] [CrossRef]
- Mohit, P.; Amin, R.; Biswas, G. Design of authentication protocol for wireless sensor network-based smart vehicular system. Veh. Commun. 2017, 9, 64–71. [Google Scholar] [CrossRef]
- Alshaer, H.; Elmirghani, J.M. Road safety based on efficient vehicular broadcast communications. In Proceedings of the 2009 IEEE Intelligent Vehicles Symposium, Xian, China, 3–5 June 2009; pp. 1155–1160. [Google Scholar]
- Alshaer, H. Securing vehicular ad-hoc networks connectivity with roadside units support. In Proceedings of the 2015 IEEE 8th GCC Conference & Exhibition, Muscat, Oman, 1–4 February 2015; pp. 1–6. [Google Scholar]
- Dolev, D.; Yao, A.C. On the security of public key protocols. IEEE Trans. Inf. Theory 1983, 29, 198–208. [Google Scholar] [CrossRef] [Green Version]
- Kocher, P.; Jaffe, J.; Jun, B. Differential power analysis. In Advances in Cryptology; Springer Science+Business Media: Berlin, Germany; New York, NY, USA, 1999; pp. 388–397. [Google Scholar]
- Burrows, M.; Abadi, M.; Needham, R. A logic of authentication. ACM Trans. Comput. Syst. 1990, 8, 18–36. [Google Scholar] [CrossRef]
- Zhang, L.; Wu, Q.; Domingo-Ferrer, J.; Qin, B.; Hu, C. Distributed Aggregate Privacy-Preserving Authentication in VANETs. IEEE Trans. Intell. Transp. Syst. 2016, 18, 516–526. [Google Scholar] [CrossRef]
- Zhang, L.; Wu, Q.; Solanas, A.; Domingo-Ferrer, J. A Scalable Robust Authentication Protocol for Secure Vehicular Communications. IEEE Trans. Veh. Technol. 2009, 59, 1606–1617. [Google Scholar] [CrossRef]
- Liu, J.; Li, J.; Zhang, L.; Dai, F.; Zhang, Y.; Meng, X.; Shen, J. Secure intelligent traffic light control using fog computing. Future Gener. Comput. Syst. 2018, 78, 817–824. [Google Scholar] [CrossRef]
- Riley, M.; Akkaya, K.; Fong, K. A survey of authentication schemes for vehicular ad hoc networks. Secur. Commun. Netw. 2011, 4, 1137–1152. [Google Scholar] [CrossRef]
- AVISPA. Automated Validation of Internet Security Protocols and Applications. Available online: http://www.avispa-project.org/ (accessed on 4 July 2018).
- SPAN: A Security Protocol Animator for AVISPA. Available online: http://www.avispa-project.org/ (accessed on 4 July 2018).
- Park, K.S.; Park, Y.H.; Park, Y.H.; Reddy, A.G.; Das, A.K. Provably secure and efficient authentication protocol for roaming service in global mobility networks. IEEE Access 2017, 5, 25110–25125. [Google Scholar] [CrossRef]
- Odelu, V.; Das, A.K.; Choo, K.R.; Kumar, N.; Park, Y.H. Efficient and secure time-key based single sign-on authentication for mobile devices. IEEE Access 2017, 5, 27707–27721. [Google Scholar] [CrossRef]
- Odelu, V.; Das, A.K.; Kumari, S.; Huang, X.; Wazid, M. Provably secure authenticated key agreement scheme for distributed mobile cloud computing services. Futuer Generat. Comput. Syst. 2017, 68, 74–88. [Google Scholar] [CrossRef]
- Park, K.S.; Park, Y.H.; Park, Y.H.; Das, A.K. 2PAKEP: Provably Secure and Efficient Two-Party Authenticated Key Exchange Protocol for Mobile Environment. IEEE Access 2018, 6, 30225–30241. [Google Scholar] [CrossRef]
- Banerjee, S.; Odelu, V.; Das, A.K.; Chattopadhyay, S.; Kumar, N.; Park, Y.H.; Tanwar, S. Design of an Anonymity-Preserving Group Formation Based Authentication Protocol in Global Mobility Networks. IEEE Access 2018, 6, 20673–20693. [Google Scholar] [CrossRef]
- Von Oheimb, D. The high-level protocol specification language HLPSL developed in the EU project avispa. In Proceedings of the APPSEM 2005 Workshop, Tallinn, Finland, 13–15 September 2005; pp. 1–2. [Google Scholar]
- Basin, D.; Modersheim, S.; Vigano, L. OFMC: A symbolic model checker for security protocols. Int. J. Inf. Secur. 2005, 4, 181–208. [Google Scholar] [CrossRef] [Green Version]
- Turuani, M. The CL-Atse porotocol analyser. In Proceedings of the International Coneference on Rewriting Techniques and Applications (RTA), Seattle, WA, USA, 12–14 August 2006; pp. 227–286. [Google Scholar]
- He, D.; Kumar, N.; Chen, J.; Lee, C.C.; Chilamkurti, N.; Yeo, S.S. Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimed. Syst. 2015, 21, 49–60. [Google Scholar] [CrossRef]
- Xue, K.; Ma, C.; Hong, P.; Ding, R. A temporal credential based mutual authentication and key agreement scheme for wireless sensor networks. J. Netw. Comput. Appl. 2013, 36, 316–323. [Google Scholar] [CrossRef]
- FIPS PUB 180-4: Secure Hash Standard (SHS). Available online: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf (accessd on 23 July 2018).
Notation | Description |
---|---|
Identity of user | |
Identity of sink node | |
Identity of vehicle sensor | |
Password of user | |
Registration authority | |
Random number by user | |
Random nonce by user | |
Random nonce by sink node | |
Random nonce by vehicle sensor | |
Master key of sink node | |
Unique temporary identity of user | |
One-way hash function | |
⊕ | Bitwise XOR operation |
Concatenation operation |
Notation | Description |
---|---|
Pbelieves the statement X | |
#X | The statement X is fresh |
Psees the statement X | |
P once said X | |
Pcontrols the statement X | |
Formula X is combined with the formula Y | |
Formula X is encrypted by the key K | |
P and Q communicate using K as the shared key | |
Session key used in the current authentication session |
Schemes | User | Sink Node | Sensor | Total Cost | Total Cost (s) |
---|---|---|---|---|---|
Shi et al. [15] | 0.3840 | ||||
Choi et al. [16] | 0.3900 | ||||
He et al. [43] | 0.0818 | ||||
Xue et al. [44] | 0.0150 | ||||
Kumari and Om [3] | 0.0120 | ||||
Mohit et al. [23] | 0.0100 | ||||
Ours | 0.0125 |
Security Property | Shi et al. [15] | Choi et al. [16] | He et al. [43] | Xue et al. [44] | Kumari and Om [3] | Mohit et al. [23] | Ours |
---|---|---|---|---|---|---|---|
Impersonation attack | ∘ | ∘ | ∘ | ∘ | × | × | ∘ |
Smartcard stolen attack | × | ∘ | ∘ | ∘ | ∘ | × | ∘ |
Password change attack | ∘ | × | × | × | ∘ | ∘ | ∘ |
Replay attack | ∘ | ∘ | ∘ | ∘ | ∘ | ∘ | ∘ |
Trace attack | × | × | × | × | × | × | ∘ |
Anonymity | × | × | ∘ | × | × | × | ∘ |
Mutual authentication | ∘ | ∘ | ∘ | ∘ | × | × | ∘ |
© 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Yu, S.; Lee, J.; Lee, K.; Park, K.; Park, Y. Secure Authentication Protocol for Wireless Sensor Networks in Vehicular Communications. Sensors 2018, 18, 3191. https://doi.org/10.3390/s18103191
Yu S, Lee J, Lee K, Park K, Park Y. Secure Authentication Protocol for Wireless Sensor Networks in Vehicular Communications. Sensors. 2018; 18(10):3191. https://doi.org/10.3390/s18103191
Chicago/Turabian StyleYu, SungJin, JoonYoung Lee, KyungKeun Lee, KiSung Park, and YoungHo Park. 2018. "Secure Authentication Protocol for Wireless Sensor Networks in Vehicular Communications" Sensors 18, no. 10: 3191. https://doi.org/10.3390/s18103191
APA StyleYu, S., Lee, J., Lee, K., Park, K., & Park, Y. (2018). Secure Authentication Protocol for Wireless Sensor Networks in Vehicular Communications. Sensors, 18(10), 3191. https://doi.org/10.3390/s18103191