An Improved and Anonymous Three-factor Authentication Key Exchange Protocol for Wireless Sensor Networks

Master's Thesis from the year 2017 in the subject Computer Science - IT-Security, grade: A, , course: MSCS, language: English, abstract: The concepts of Internet of Things (IOT) show that everything in the global network is interconnected and accessible. In IOT environment Wireless Sensor Networks (WSNs) play a very important role because of its ubiquitous nature which use for wide range of applications like military surveillance, health care, environmental monitoring, agriculture etc. WSNs consisting of large numbers of sensor nodes which sensed the sensory information from the physical phenomena and forward the same to the cluster head or gateway node, sensor node having limited battery power and cannot be recharge after deployment. WSNs are resource constraints in terms of memory, energy, computational cost and communication speed. This thesis is focus to developed light weight user authentication and key agreement protocol to access the real time information from the IOT environment. Most recently Amin et al. find out various security limitations of the Farash et al. protocol and they extended the same protocol to improve its security weaknesses and claimed that the protocol is secure in all aspects. In this thesis we scrutinized the Amin et al. protocol which reveals that the protocol still having numerous security weaknesses such as user anonymity and user traceability attacks. In response to aforementioned security limitations we designed robust smartcard base threefactor user authentication and session key agreement scheme for WSNs environment. We analyzed the novel protocol formally and informally, formal security verification has done by using BAN-Logic which show that the scheme achieve mutual authentication and session key agreement among the participant entities. Furthermore, this protocol has also simulated in popular security tool ProVerif which simulation results show that the protocol is safe and withstand against all possible attacks including the above mentioned. The performance of this scheme is also compared with associated schemes the novel protocol can be applicable in real-life applications.