Author:
LI Anqian,KANG Baoyuan,ZUO Xinyu,HUO Yuyan,NIU Shufang,SUN Zhu
Abstract
Nowadays, Internet of Everything has become a major trend, and Internet of Things (IoT) has emerged. Wireless sensor networks (WSNs) are core technologies for IoT to sense the real world. Due to the unattended and resource-constrained characteristics of WSNs, it is a great challenge to design an efficient and secure authentication scheme for communication between users and sensor nodes in WSNs. Recently, Hu et al proposed an authentication scheme for WSNs in an IoT environment. They claimed that their scheme could maximize the balance between security and computational cost as well as efficiency, and be resistant to many known attacks. However, we find that the scheme is difficult to resist stolen smart card attack and denial-of-service attack. Moreover, during the login and key negotiation phase of the scheme, Gateway (GWN) is unable to extract key values for subsequent computation based on the messages sent by the sensor nodes, which in turn leads to the inability to achieve mutual authentication and key agreement. To overcome these shortcomings, we propose an improved scheme. The proposed scheme enables real-time data exchange and transmission as well as secure communication between users and sensor nodes.