| Summary: | User authentication in wireless sensor networks (WSNs) is a critical security issue due to their unattended and hostile deployment in the field. In order to protect the security of real-time data query from an external user, many two-factor (password and smart-card) user authentication schemes are proposed. However, most of them are insecure against various attacks. This paper summarizes attacks and security requirements for two-factor user authentication in WSNs. Based on security requirements, a user authentication and session key establishment scheme is also proposed, and this scheme can resist smart-card loss attack merely by using symmetric key techniques. Security and performance analysis demonstrate that, compared to the existing schemes, the proposed approach is more secure and highly efficient.
|
|---|