Password Renewal Enhancement for Dynamic Authentication in Wireless Sensor Networks

Farzad Kiani Computer Engineering Department,

Dokuz Eylul University, Izmir, Turkey

farzad.kiani@ogr.deu.edu.tr

Gokhan Dalkilic Computer Engineering Department,

Dokuz Eylul University, Izmir, Turkey

dalkilic@cs.deu.edu.tr

Abstract—Security approaches in wireless sensor networks due to limitation of energy and resource are different from traditional protocols in current networks. So, many security problems exist such as authentication, integrity, digital signature and etc., and there has been relatively little research suited for wireless sensor networks. We proposed an enhanced version of scheme on dynamically clustering in wireless sensor network protocol. In comparison with the previous scheme, our proposed scheme possesses many advantages, including resistance to the replay and forgery attacks, reduction of user’s password leakage risk, capability of renewing password, and better efficiency.

Keywords-Authentication, Time Stamp, Hash Function, WSN, Dynamic Clustering, Cluster Head, Base Station.

I. INTRODUCTION Sensor networks have provided us with several

applications in wireless environments. Because of their energy inhabitation, they received increasing attention lately in a way that energy management has become an important prerequisite in designing the protocols of these networks [1]. A wireless sensor network (WSN) typically consists of a large number of small, low-power communication devices called sensor nodes and one or more base station (BS) [2]. These sensor nodes monitor environmental conditions, such as temperature, humidity, pressure, motion, or vibration, at different locations. For some applications, such as military surveillance, the collected data is critical. Hence, security measures should be taken to protect the collected secrets by preventing unauthorized users from gaining the information.

Over the last few years, there has been a dramatic increase in the number of publications on user authentication [3-9]. Recently, [10] proposed a dynamic user authentication scheme for wireless sensor networks. The proposed scheme comes with several advantages. This scheme allows legitimate users to query sensor data at every sensor node and it imposes very little computational load for simple operations but could not conformable operate against replay and forgery attacks.

In [2], we are proposed a routing protocol based on static clustering for target tracking (Fig. 1). The protocol used tree structure for organizing clusters and sensor nodes. Its goal was prolonging life time in WSNs intelligently by turning on and off sensor nodes and dynamically distribution of cluster heads. Many protocols did not refine security of transmission

information [1, 2]. In this paper, we try to secure routes by using dynamic authentication scheme. Since, the protocol is executed in setup state; steady state applies the scheme in secondary phase. In the first phase, network structure is created. Thus, authentication scheme is realized in steady state for transmission information.

In section two, we considered related work. The scheme executes in four phases: Registration, Login and Authentication and Renewing Password, that is detailed in section three. Final section introduces conclusion and future works.

Figure 1. The protocol based on clustering [2].

II. RELATED WORK In this section, we have considered a dynamic user

authentication scheme for wireless sensor networks [10]. Authorized users can access any of the sensor nodes in WSNs using mobile devices, such as PDAs, PCs, etc. Before issuing a query to a sensor node, a user has to register at the BS via a secure channel. Upon successful registration, the user can login to a nearest sensor login-node to retrieve sensor data. The scheme is divided into three phases: registration, login, and authentication. Before we discuss the overall operations in the scheme, it may be helpful to understand the notations used in this scheme first. We list the notations and their corresponding definitions in Table I. Three phases will be shown later again.

2010 Second International Conference on Computational Intelligence, Communication Systems and Networks

978-0-7695-4158-7/10 $26.00 © 2010 IEEE

DOI 10.1109/CICSyN.2010.26

143

2010 Second International Conference on Computational Intelligence, Communication Systems and Networks

978-0-7695-4158-7/10 $26.00 © 2010 IEEE

DOI 10.1109/CICSyN.2010.26

143

2010 Second International Conference on Computational Intelligence, Communication Systems and Networks

978-0-7695-4158-7/10 $26.00 © 2010 IEEE

DOI 10.1109/CICSyN.2010.26

143

TABLE I. NOTATIONS IN DYNAMIC AUTHENTICATION IN WSN [10].

Symbol Definition UserID A user`s identify Key BS`s private key PW A user`s password H A one-way hash function TS A timestamp || Concatenation

A. The Registration Phase Assume a registration interface is launched on a user’s

mobile device. A user submits his/her ID (userID) and a password (PW) to a BS for registration. The BS then computes the pair (A, B) for the registering user. The (A, B) pair is computed as follows:

where Key is the BS’s private key. Next, the BS stores

the dataset (userID, A, PW, B, TS) in its database. Then, the BS informs the user successful registration. Finally, the triple (userID, A, TS) is distributed to all sensor nodes.

B. The Login Phase When a user wishes to query sensor data, he/she has to

login to a sensor login-node. The user first submits his/her userID* and password PW* to the login-node. After receiving the login information, the login-node first checks whether userID* exists in the list of datasets (userID, A, TS). If not, the login-node sends Msg(REJ_LOGIN) to the user. Otherwise it computes the triple (B*, C1, C2) for the user. The triple (B*, C1, C2) is computed as follows:

where T is the current time. Then, the login-node sends

Msg (userID*, C1, C2, T) to the BS for authentication.

C. The Authentication Phase After receiving Msg(userID*, C1, C2, T) from the login-

node, the BS first checks whether userID* exists in the database. If not, the BS sends Msg(REJ_LOGIN) to the login-node. Otherwise it checks whether the transmission delay is within the allowed time interval T. Assume the current time is T*. If (T*-T) >= T, the BS also sends Msg(REJ_LOGIN) to the login-node. Otherwise it computes (C1*, C2*) for the user. The (C1*, C2*) pair is computed as follows:

Then, the BS verifies if (C1*=C1) and (C2*=C2) If so, the BS sends Msg(ACC_LOGIN) to the login-node and the login-node also sends Msg(ACC_LOGIN) to the user. Otherwise the BS sends Msg(REJ_LOGIN) to the login node.

Although Wong et al. proposed a dynamic user authentication scheme that allows legitimate users to query at any of the sensor nodes and imposes very light computational load, there still remains several security weaknesses in their scheme. We will now examine these weaknesses in detail.

It cannot stand against replay attacks. A replay attack is that an attacker tries to replay the same messages obtained in previous sessions. If the attacker can successfully login to the remote system through replay, it means the scheme cannot withstand a replay attack. Assume that U is an attacker who eavesdrops a user’s login message (userID*, C1, C2, T). He/she can use the same message to login to the system successfully as long as the value T is still within the allowed time interval. That is, as long as the difference between the current time and the value T is less than T, the attacker can use the same message to perform the replay attack.

It cannot stand against forgery attacks. In a forgery attack, if an attacker eavesdrops or intercepts the login messages, he/she can modify the login messages to masquerade as a legitimate user in order to access the resources of a remote system. Assume that U is the attacker who can steal another user’s information (userID*, A, TS) from a sensor login-node. He/she also intercepts the user’s information (userID*, C1, C2, T) sent by the sensor login node. The attacker can use the information to derive B* as follows:

Hence, U can use a new timestamp T to compute a new

C1` as follows: U then sends Msg(userID, C1 , C2, T ) to the BS. Hence,

C2 will be successfully verified by the BS. Therefore, U can use another user’s ID to launch a forgery attack.

Passwords can be revealed by any of the sensor nodes. Even though passwords are transmitted via a secure channel in the registration and login phases, all the passwords are still known to the BS and all the login nodes in plain text. There is no protection mechanism for the passwords in these phases. In case any of the BS or login nodes is compromised, all passwords leak out.

A user cannot change his/her password with Wong et al.’s scheme. Passwords are fixed once they are set. A fixed password is more easily suffered from attacks than a regularly changed password.

III. ENHANCEMENT FOR DYNAMIC AUTHENTICATION IN WIRELESS SENSOR NETWORKS

To organize clusters and nodes we use tree structure in a way that the nodes in each cluster have parental relationship [2]. This protocol is called Dynamically Clustering in

A=H (userID||Key) (1) B=H (A||H (PW)) (2)

B*=H (A||H (PW*)) (3) C1=H (T B*) (4) C2= A B* (5)

C1*=H (T B) (6) C2*= B A (7)

B*=C2 A (8)

C1`=H (T` B`) (9)

144144144

Wireless Sensor Network (DCWSN). Creating this structure causes the nodes in each level of tree to communicate with their parent, so nodes do not have any obligatory relationship with other nodes inside the cluster [2]. In cluster setup phase, a tree structure is introduced. For creating a tree cluster head sends a message to all the nodes in its neighborhood and by receiving this message nodes identify their parent. When a tree is created in each cluster, each node is turned on and off in a few seconds period with the order from BS. Operation of steady state phase is divided into several frames and in each frame a node sends its data to parent node during their allocated transmission slot. The duration of each slot in which a node transmits data is constant, so the time frame and the slot to send data depends on the number of nodes in the cluster and the depth of the tree [11]. Source code of DCWSN protocol is shown in Fig. 2. As was said, authentication was discussed in steady state phase. So we present a modification of Wong et al.’s scheme that not only fixes the weaknesses but also enhances the security of it scheme. The overall handshake of the proposed scheme is illustrated in Fig. 3. The proposed scheme is divided into four phases. These phases consist of registration, login, authentication phases such as previous scheme and a new phase that is called password-renewal phase. Note that the registration and the password- renewal phases are performed via a secure channel. The four phases are discussed below.

% Finding head node sensor

radius=100; isDeadTime = 0; CurrentRound=0; RoundSpentEnergy = 1.7; GreatSpentEnergy = 40; SmallSpentEnergy = 20*GreatSpentEnergy/100; isContinue = 1; while isDeadTime==0

if isContinue==0 isDeadTime=1;

end hold off CurrentRound=CurrentRound+1;

%set the target x,y. [Tgt]=(floor(rand(2,1)*LEN))+1; env(:,5:7)=0; MaxTn=[0 0];

for i=1:SensorNum p=rand(1,1)*env(i,3)/100; Tn=(2000/env(i,1))*(p/(1- p*mod(CurrentRound,1/p)));

if Tn>MaxTn(1) MaxTn=[Tn i];

endend

HeadNode=MaxTn(2); clear MaxTn Tn p i

% make tree EnvDist=zeros(SensorNum,SensorNum);

for i=1:SensorNum for j=1:SensorNum

if(i==j) EnvDist(i,j)=inf; else dist=sqrt((env(i,1)- env(j,1))^ 2+(env(i,2)- env(j,2))^2); EnvDist(i,j)=dist; end

end end

Figure 2. Source code of DCWSN protocol.

Figure 3. Communication mode of the proposed scheme between two

sensor nodes and BS.

A. The Registration Phase A user submits his/her ID (userID) and password in

hashed form H (PW) to a BS for registration. Next, the BS stores the dataset (userID, H (PW), TS) in its database. Then, the BS replies to the user successful registration. Finally, the pair (UserID, TS) is distributed to all sensor nodes.

B. The Login Phase The user first uses his/her password PW to compute a

value A as follows: where t is the current time. Then, he/she submits the

triple (userID*, A, t) to a login-node. After receiving the login information, the login-node first checks whether userID* is in the list of datasets (userID, TS). If not, the login-node sends Msg(REJ_LOGIN) to the user. Otherwise it computes the value C for the user, as follows:

where T is the current time. Then, the login-node sends

Msg(userID*, C, T, t) to the BS for authentication.

C. The Authentication Phase After receiving Msg(userID*, C, T, t) from the login-

node, the BS first checks whether (userID*, t) is in the database. If userID* is not in the database, the BS sends Msg(REJ_LOGIN) to the login-node. Otherwise it checks whether the transmission delay is within the allowed time interval. If (T* - T) T or (T t) T, the BS sends Msg(REJ_LOGIN) to the login-node. Otherwise it computes (A*, C*) for verification. The (A*, C*) pair is computed as follows:

The BS verifies if (C*=C). If so, the BS stores t in the

database and sends Msg(ACC_LOGIN) to the login-node and the login-node also sends Msg(ACC_LOGIN) to the user. Otherwise the BS sends Msg(REJ_LOGIN) to the login node.

A=H (H (PW*) t) (10)

C=H (A T) (11)

A*=H (H (PW) t) (12) C*=H (A* T) (13)

145145145

D. The Password Renewal Phase If the user wants to change his/her password, he/she

needs to submit userID*, original hashed password (H (PW)), and new hashed password (H(PW )) to the BS. After receiving the password-change request, the BS first checks whether (userID*, H(PW)) is correct. If userID* is not in its database or (H(PW)) is incorrect, the BS sends Msg(REJ_CHANGE) to the user. Otherwise, it updates the corresponding dataset with (userID, H(PW ), TS ), where TS is the current timestamp. Then, the BS replies to the user successful password change. Finally, the new pair (userID, TS ) is distributed to all sensor nodes.

IV. ANALYSIS Our enhanced scheme is a modification of Wong et al.’s

scheme. In this section, we shall analyze our scheme and show that our scheme can resist several additional attacks. In addition, we shall provide a comparative study with Wong et al.’s scheme. Note that our proposed scheme does not add additional computational cost when compared with Wong et al.’s scheme.

A. Security Analysis The proposed scheme can amend several security flaws

in Wong et al.’s scheme. The advantages of our proposed scheme can be described below. The modified scheme can protect against the replay attack. An attacker cannot replay the same login messages successfully. In the login phase, the user needs to use his/her password to compute a value containing the current time t. In the authentication phase, the BS first checks whether (userID, t) exists in the database. If (userID*, t) is already in the database, it means that this user has already logged in to this system at time t. The BS then rejects the user’s login request. Hence, the attacker cannot launch a replay attack.

Moreover, modified scheme can protect against the forgery attack. An attacker cannot impersonate legitimate user even if he/she intercepts (userID*, A, C, T, t) and steals from a sensor login-node another user’s information (userID, TS). In the proposed scheme, even if the attacker gains the list stored in the sensor login-node, the scheme is still secure since there is no secret information stored in the sensor login-node. The hash values are useless to an attacker. In order to forge a login message, the attacker has to know the user’s password. However, it is difficult to derive the user’s password from the hashed value A. It is considered practically impossible for an attacker to derive the user’s password from the hashed value [11]. Passwords are not revealed to any of the sensor nodes. In order to keep a user’s password secret, in the registration and login phases, the user transmits his/her password in hashed form, rather than as plain text, as is done in Wong et al.’s scheme. In the proposed scheme, a user can use the dataset (userID*, H (PW), H (PW )) to change his/her password PW with the new password PW via a secure channel. The new password is also protected in this phase. This system best result in static environment and does not guarantee in dynamic

environment and target tracking of very fast move modes [1].

V. CONCLUSION AND FUTURE WORKS In this paper, we proposed a dynamic authentication

scheme for wireless sensor network that is built upon Wong et al.’s scheme. We point out that Wong et al.’s scheme is subject to several security attacks, as discussed above. Hence, we proposed a modified scheme that not only retains all the advantages in Wong et al.’s scheme but also enhances its security by withstanding the security weaknesses. In comparison with the previous scheme, our proposed scheme possesses many advantages, including resistance to the replay and forgery attacks, reduction of user’s password leakage risk, capability of changeable password, and better efficiency.

An area of future research that should be considered is how to achieve mutual authentication between the users and the sensor nodes. In addition, since there is a centralized base station in the proposed scheme, the performance in authentication might be improved by designing a decentralized base station and evaluation of this scheme on wireless sensor networks based on clustering target tracking of very fast move mode.

REFERENCES [1] F.Kiyani, H.T.Rad, H.chalangari, S.Yari, "DCSE: A Dynamic

Clustering for Saving Energy in Wireless Sensor Network", ICCSN2010, pp.136-141.

[2] F.Kiyani, R.B.Zari, B.Talebzadeh, S.Alizadeh, "Prolonging Life Time In WSN" , Second International computer and networks, March 2010, pp.13-17.

[3] M. L. Das, A. Saxena, and V. P. Gulati, “A dynamic id-based remote user authentication scheme,” IEEE Transactions on Consumer Electronics, vol. 50, no. 2, May 2004, pp. 629-631.

[4] A. Awasthi, “Comment on a dynamic id-based remote user authentication scheme,” Transactions on Cryptology, vol. 1, no. 2, Aug. 2004, pp. 15-17.

[5] I. E. Liao, C. C. Lee, and M. S. Hwang, “Security enhancement for a dynamic id-based remote user authentication scheme”, In Proceedings of NWeSP 2005, Aug. 2005, pp. 22-26.

[6] C. Y. Lee, C. H. Lin, and C. C. Chang, “An improved low computation cost user authentication scheme for mobile communication,” In Proceedings of the AINA 2007, vol. 2, Mar. 2007, pp. 249-252.

[7] C. C. Lee, L. H. Li, and M. S. Hwang, “A remote user authentication scheme using hash functions,” ACM SIGOPS Operating Systems Review, vol. 36, no. 4, Oct. 2002, pp. 23-29.

[8] J. J. Shen, C. W. Lin, and M. S. Hwang, “A modified remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, vol. 49, no. 2, May 2003, pp. 414-416.

[9] K. C. Leung, L. M. Cheng, A. S. Fong, and C. K. Chan, “Cryptanalysis of a modified remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, vol. 49, no. 4, Nov. 2003, pp. 1243-1245.

[10] K. H. M. Wong, Y. Zheng, J. Cao, and S. Wang, “A dynamic user authentication scheme for wireless sensor networks,” In Proceedings of the SUTC ‘08, vol. 1, Jun. 2008, pp. 244-251.

[11] G. Lu, B. Krishnamachari, and C.S. Raghavendra. "An adaptive energy-efficient and low-latency MAC for data gathering in wireless sensor networks". In proceedings of the 18th international parallel and distributed processing symposium, 26–20 April 2006, p. 224.

146146146