Vol 02, Issue 01, June 2013 http://iirpublications.

com

International Journal of Communications Networking System ISSN: 2278-2427

A Novel Approach for Authentication Technique in Wireless Sensor Network

S. Mukherjee Assistant Professor, Department of Computer Science & Engineering, Dr. B. C. Roy Engineering College Durgapur-713206, West Bengal, India nitsom10@gmail.com G. Sanyal Professor, Department of Computer Science & Engineering, National Institute of Technology Durgapur-713209, West Bengal, India nitgsanyal@gmail.com C. Koner Associate Professor, Department of Computer Science & Engineering, Dr. B. C. Roy Engineering College Durgapur-713206, West Bengal, India chandan.durgapur@gmail.com Abstract Authentication of user in Wireless Sensor Network (WSN) needs research and investigation due to all the characteristics of these networks, such as limitations of power, computation capability and storage resources with the increasing security threats and attacks. All of the popular User Authentication (UA) schemes in WSN are provide only log in time authentication and for checking the authenticity of user no biometric (physical) property of user is applied. In this paper, we enlighten different new approaches that can be effectively used as a UA scheme in WSN. KeywordsAutomatic Variable Password; Base Station; Gateway; Time Variant Authentication; WSN. I. INTRODUCTION A WSN is collection of a set of small sensor nodes/devices and one or more base stations which acts as gateways between Internet users and sensor nodes. Base station centralizes the data gathered by sensor nodes. Sensor nodes are scattered in cluster based topology and have limited communication capabilities with short coverage distance. An assorted set of applications for WSN encompassing different fields including agriculture, environment, medicine, military, motion tracking, machine malfunction, toys, forestry, vehicles and many others. WSN is deployed in a confined area e.g. an intelligent city, a university campus or even any indoor and outdoor environment and users can access the WSN somewhere in the network using mobile devices in an ad-hoc manner. The
Integrated Intelligent Research (IIR)

basic security requirement of a WSN is UA for customized services and privileged access control. UA is a scheme by which a WSN gains confidence about the identity of the communication partner. It ensures that a legitimate user is sending queries and retrieving the respective result at any of the sensor nodes in a WSN. Many examples of UA measures can be found in our daily life, such as login to our local offices network, mobile phones device authentication, down to a password authentication for our account transactions on banks ATM machines etc. UA in WSN is a research challenge as it presents a hard environment. Sensor nodes are having constraints on battery power, computation and memory and WSN is infrastructure less, wireless, distributed and unattended. Hence, the computational overhead and communication cost of UA schemes are playing a vital role for
164

Vol 02, Issue 01, June 2013 http://iirpublications.com

International Journal of Communications Networking System ISSN: 2278-2427

installation of these schemes in WSN. For the last two decades, several UA schemes in WSN have been developed and installed with the emerging growth WSN applications. But, it is found most of them are suffering from high computation, no pliability to a large number of node compromises, deferred authentication, lack of scalability, etc. II. RELATED WORKS The basic user authentication scheme in WSNs was based on public key cryptography where user can authenticate with any subset of sensors out of a set of sensors and it was firstly designed by Benenson et al. in 2004 [1]. However, Benenson et al.s scheme requires that each pair of nodes share a secret key which leads to high storage space and suffers from the problem of scalability. In addition, the scheme is defenseless to capture attacks and it doesnt attend to the case where the node responsible of processing the query is compromised and thus can send error information [2, 3]. Banerjee et al. [4] proposed a symmetric key based authentication scheme (converse to Benenson et al.s scheme) that eliminates the problem of all nodes reply to the users query. This scheme is sharing pair-wise key, based on Blundo et al.s techniques [5], but cant be able to determine sensor, involved in the users query. Moreover, the scheme is vulnerable to node compromise and it doesnt afford mutual authentication (user and network can authenticate each other). Krik H.M. Wong et al. [6] designed a dynamic user authentication protocol in 2006. They also showed that their protocol can protect login message replay attacks and insider attacks. But the protocol is vulnerable to many logged in users with the same login identity and suffers from stolen verifier attack. A distributed user authentication scheme based on the Self-Certified Keys cryptosystem (SCK) was developed by Jiang et al. in 2007 [7]. Their scheme allows local nodes act collaboratively to verify whether a user has the authorization to access the sensor network or not. Here, each node receiving this access request from a user, must compute a pair wise key, shared with this user and an encrypted nonce. This is very expensive operation for a small local node in WSN and its decreases the suitability for practical use.
Integrated Intelligent Research (IIR)

After that, there is history of advancement of user authentication technology [8, 9] in WSN. Several new user authentication schemes have been pointed. In 2010, a Lightweight user authentication scheme, developed by Cheikhrouhou et al. [10], is based on encryption and decryption function. In this scheme, the key x is registered in the coordinator node and in terms of x, the coordinator of the WSN computes all the secret values S of all the users using the networks. Hence, if the coordinator is compromised, all the secret values of every user will be known by the intruder which can forms a valid identity ID and a secret value S. In the same year, Tseng et al. [11] planned a robust user authentication protocol with selfcertificates which is the application of elliptic curve point multiplication, message signature, signature verification, pair wise key creation and MAC encryption/decryption operations. The major drawback of this protocol is that a user/node has a lot of parameters to store. On the other hand, it cannot resist the Denial-OfService (DoS) attacks which could occur by sending either many spurious certificates to make sensor nodes memory exhausted, or spurious signatures to make sensor nodes running out of energy verifying them. In 2011, Rong FAN et al. [12] invented a user authentication protocol in two tired architecture for WSNs. In this protocol user authenticate with the gateway node to get access only to nodes in its cell. But, this topology has no method for updating the data table from user and is difficult to modify the content of smart card to each change in network topology for a large number of users. K. S. Arikumar et al. [13] present a two factor user authentication protocol which provides strong authentication, session key establishment and user can freely change his password. III. PROPOSED AUTHENTICATION TECHNIQUE FOR WSN The entire user authentication in WSN and improvements provide only log in time authentication i.e. the authenticity of user is checked for only one time at the time of user login. When a user wants to access a node of WSN, then the user sends a login request to the Base Station (BS) or Gateway (GW) of WSN.
165

Vol 02, Issue 01, June 2013 http://iirpublications.com

International Journal of Communications Networking System ISSN: 2278-2427

After that, the BS or GW checks the authenticity of user. If the user is authentic, the BS or GW gives permission to access. After getting the permission, the user starts to access the WSN. During the time of accessing, authenticity of user is not checked. Thus the user submits his id and password only in the login time and can access the WSN for unlimited time. This motivates to construct an authentication scheme for user in WSN that provides Time Variant Authentication (TVA) technique will check the authenticity of user for time to time throughout the accessing of WSN. The authenticity of user can be checked by different entities as in following procedures: (a) Two-way or Mutual Authentication technique means that both communicating pair authenticates each other. In this approach, BS or GW of WSN examines the authenticity of user and as well as user verified whether he is connecting correct node of WSN or not. (b) Authentication of communicating user according to what you know (Password), what you have (Smart card), what you are (Biometric property) and what you posses (Certified Document). The approach will use user entities like password, identity fingerprint, retina scan etc. (c) Time Variant Authentication (TVA) technique will check the authenticity of user for time to time throughout the accessing of WSN by user entities. (d) Key refreshment by using different keys in each and every session. (e) The Automatic Variable Password (AVP) will be implemented by changing the password from session to session. So, whenever user will enter password, firstly password is modified by selective logical operation and the modified password is submitted to the BS or GW of WSN. After receiving the modified password, it applies reverse logical operation on modified password to obtain the original password. Superiority of AVP is that the user password (which user enters at the login time) is changed time to time by an intelligent technique to make the password is unbreakable. IV. CONCLUSION This paper is a proposal of user biometric property based time variant user authentication
Integrated Intelligent Research (IIR)

technique for user in WSN. This technique can be well designed for sensor nodes which typically have limited resources in the sense that its authentication process uses only one-way hash functions and XOR operations. Our future work is to invent new efficient time variant mutual authentication technique using entities like Password, Identifier, Certified Authority, Biometric Property etc. of the user in WSN. REFERENCES [1] Z. Benenson, F. Gartner, and D. Kesdogan, User Authentication in Sensor Networks (Extended Abstract), Lecture Notes in Informatics Proceedings of Informatik 2004, Workshop on Sensor Networks, Ulm, Germany, September 2004 [2] Z. Benenson, N. Gedicke, and O. Raivio, Realizing Robust User Authentication in Sensor Networks, in the Workshop on Real-World Wireless Sensor Networks, Sweden, June 2005. [3] Amira MNIF, Omar Cheikhrouhou and Maher BEN JEMAA, An ID-based User Authentication Scheme for Wireless Sensor Networks using ECC, in Proceedings of IEEE International Conference on Microelectronics (ICM 2011), pp.19, December 2011. [4] S. Banerjee and D. Mukhopadhyay. Symmetric Key Based Authentication Querying in Wireless Sensor Networks, in Proceedings of the First International Conference on Integrated Internet Ad Hoc and Sensor Networks, Nice, France, May 30-31, 2006. [5] C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M.Yung, Perfectly-secure key distribution for dynamic conferences, in Advances in Cryptology CRYPTO 92, LNCS 740, pp. 471486, 1993. [6] Krik H.M. Wong, Yuan Zheng, Jiannong Cao, Shengwei Wang, A Dynamic User Authentication Scheme for Wireless Sensor Networks, Proceedings of IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC06) vol. 1, pp 244 251. [7] Canming Jiang, Bao Li and Haixia Xu An Efficient Scheme for User Authentication in Wireless Sensor Networks 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07) 2007 [8] Huei-Ru Tseng, Rong-Hong Jan, and Wuu Yang, An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks, Proceedings of GLOBECOM 2007, pp986-990. [9] M. L. Das, Two-Factor User Authentication in Wireless Sensor Networks, in IEEE Transaction Wireless Communication, vol. 8 No. 3, pp10861090, 2009.

166

Vol 02, Issue 01, June 2013 http://iirpublications.com

International Journal of Communications Networking System ISSN: 2278-2427

[10] Omar Cheikhrouhou, Anis Kouba, Manel Boujelben and Mohamed Abid, A Lightweight User Authentication Scheme for Wireless Sensor Networks, The ACS/IEEE Workshop : Future Trends on Adhoc and Sensor Networks (FT-ASN 2010), Hammamet, Tunisia, May 16-19, 2010. [11] Huei-Ru Tseng, Rong-Hong Jan and Wuu Yang A robust user authentication scheme with self-certificates for wireless sensor networks SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks (2010) Published online in Wiley InterScience (www.interscience.wiley.com). DOI: 10.1002/sec.212 [12] Rong FAN, Dao-jing HE, Xue-zeng PAN, Ling-di PING An efficient and DoSresistant user authentication scheme for two tiered wireless sensor networks Journal of Zhejiang University-SCIENCE C (Computers & Electronics) vol. 12 no. 7, pp550-560, 2011. [13] K. S. Arikumar, K. Thirumoorhty, Improved User Authentication in Wireless Sensor Networks, International Conference

on Emerging Trends in Electrical and Computer Technology (ICETECT), pp1010-15, 2011. [14] C. Y. Wan, S. B. Eisenman, and A. T. Campbell, CODA: Congestion detection and avoidance in sensor networks, In the Proceedings of ACM SenSys, Los Angeles, ACM Press, New York, pp. 266279, 2003. [15] C.-T. Ee and R. Bajcsy, Congestion control and fairness for many-to one routing in sensor networks, in Proc. ACM Sensys 2nd international conference on Embedded networked sensor systems , pp148-161, 2004 [16] Maciej Zawodniok, and Sarangapani Jagannathan,Predictive congestion control for wireless sensor networks, IEEE Trans. Wireles Communications, vol. 6, No. 11, pp. 3955-3963, 2007. [17] M. H. Yaghmaee and D. Adjeroh, A New Priority Congestion Control Protocol for Wireless Multimedia Sensor Networks, IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp1-8, 2008.

Integrated Intelligent Research (IIR)

167