Journal of Digital Convergence (디지털융복합연구)

The Society of Digital Policy and Management (한국디지털정책학회)
권호 표지
DOI QR코드

DOI QR Code

Impersonation Attacks on Anonymous User Authentication and Key Agreement Scheme in Wireless Sensor Networks

무선센서네트워크에서 익명의 사용자 인증과 키동의 기법에 대한 가장 공격

  • 최해원 (경운대학교 컴퓨터공학과) ;
  • 김현성 (경일대학교 사이버보안학과)
  • Received : 2016.08.25
  • Accepted : 2016.10.20
  • Published : 2016.10.28
Download PDF
⟨ Previous Next ⟩

Abstract

Wireless sensor networks (WSNs) have many applications and are deployed in a wide variety of areas. They are often deployed in potentially adverse or even hostile environment so that there are concerns on security issues in these WSNs. Recently, an anonymous user authentication and key agreement scheme (AUAKAS) was proposed based on symmetric cryptosystem in WSNs. It is claimed in AUAKAS that it assures security against different types of attacks including impersonation attacks. However, this paper shows that AUAKAS does not cope from user impersonation attack and gateway impersonation attack from the legally registered user on the gateway. The security analysis could guide the required features of the security scheme to be satisfied.

무선센서네트워크는 다양한 응용을 가지고 있고 아주 넓은 지역에 배치된다. 특히, 이들 네트워크는 잠재적인 위험을 포함한 환경에 배치됨으로 이에 대한 보안 이슈를 해결하기 위한 많은 노력이 있다. 최근에 무선센서네트워크에서 대칭키암호시스템에 기반한 익명의 사용자 인증과 키동의 기법 (AUAKAS)이 제안되었다. AUAKAS는 가장공격을 포함한 다양한 공격에 안전하다고 주장하였다. 하지만 본 논문은 AUAKAS가 게이트웨이에 등록된 정당한 사용자에 의하여 사용자 가장 공격과 게이트웨이 가장 공격에 취약함을 보인다. 본 논문의 보안 분석은 다양한 새로운 보안 기법의 설계에 있어서 미리 고려할 중요한 특성 분석에 있어서 도움을 줄 수 있을 것이다.

Keywords

References

  1. H.-J. Mun, H.-Y. Jeong, K.-H. Han, "Improved Trialateration Method on USN for reducing the Error of a Moving Node Position Measurement", Journal of Digital Convergence, (2016), Vol. 14, No. 5, pp. 301-307.
  2. K.-H. Lee, "A Study of Security Policy for U-Healthcare Service", The Journal of Digital Convergence, (2013), Vol. 11, No. 11, pp. 747-751. https://doi.org/10.14400/JDPM.2013.11.11.747
  3. K.-K. Lim. Y.-H. Lim, "A Study on User Satisfaction in u-IT New Technology Verification Projects Focused on Domestic RFID/USN Pilot Projects", Journal of Digital Convergence, (2010), Vol. 8, No. 1, pp. 1-10.
  4. B.-S. Kim, "U-Healthcare & Medical Information System of Status and Operative Challenges for Integrated Medical Information System", Journal of Digital Convergence, (2011), Vol. 9, No. 5, pp. 65-75.
  5. S.-J. Choi, B.-G. Kang, "The Windows Push Server System with Smart Device Identifying Fingerprints over IEEE 802.15.4 Protocol", The Journal of Digital Convergence, (2012), Vol. 10, No. 11, pp. 419-425. https://doi.org/10.14400/JDPM.2012.10.11.419
  6. B.-H. Shin, H.-K. Jeon, K.-Y. Chung, "An Energy Efficient Clustering Method Based on ANTCLUST in Sensor Network", Digital Convergence, (2012), Vol. 10, No. 1, pp. 371-378.
  7. H.-W. Choi, M.-C. Ryoo, C.-S. Lee, H. Kim, "Secure Data Gathering Protocol over Wireless Sensor Network", The Journal of Digital Convergence, (2013), Vol. 11, No. 12, pp. 367-380.
  8. H. Kim, "Freshness-Preserving Non-Interactive Hierarchical Key Agreement Protocol over WHMS", Sensors, (2014), Vol. 14, doi:10.3390/s141223742.
  9. L. Lamport, "Password authentication with insecure communication", Communications of the ACM, (1981), Vol. 24, pp. 770-772. https://doi.org/10.1145/358790.358797
  10. S.-W. Lee, H. Kim, K.-Y. Yoo, "Improved efficient remote user authentication scheme using smartcards", IEEE Trans. on Consumer Electronics, (2004), Vol. 50, No. 2, pp. 565-567 https://doi.org/10.1109/TCE.2004.1309424
  11. S.-W. Lee, H. Kim, K.-Y. Yoo, "Efficient verifier-based key agreement protocol for three parties without server's public key", Applied Mathematics and Computation, (2005), Vol. 167, No. 2, pp. 996-1003. https://doi.org/10.1016/j.amc.2004.06.129
  12. M. L. Das, "Two-factor user authentication scheme in wireless sensor networks", IEEE Trans. on Wirel. Commun., (2009), Vol. 8, pp. 1086-1090. https://doi.org/10.1109/TWC.2008.080128
  13. H. Kim, S.-W. Lee, "Enhanced Novel Access Control Protocol over Wireless Sensor Networks", IEEE Trans. on Consumer Electronics, (2009), Vol. 55, No. 2, pp. 492-498. https://doi.org/10.1109/TCE.2009.5174412
  14. L. Chen, F. Wei, C. Ma, "A secure user authentication scheme against smart-card loss attack for wireless sensor networks using symmetric key techniques", Int. J. Distrib. Sens. Netw., (2015), doi:10.1155/2015/704502.
  15. J. Jung, J. Kim. Y. Choi, D. Won, "An Anonymous User Authentication Scheme based on a Symmetric Cryptosystem in Wireless Sensor Networks", Sensors, (2016), Vol. 16, doi:10.3390/s16081299.
  16. H. Kim, S. W. Lee, "Authenticated Key Agreement Scheme with Forward Secrecy for Wireless Sensor Networks", International Journal of Control and Automation, (2015), Vol. 8, No. 11, pp. 279-288.