基于生物特征标识的无线传感器网络三因素用户认证协议

doi:10.3969/j.issn.0372-2112.2018.03.028

电子学报 ›› 2018, Vol. 46 ›› Issue (3): 702-713.DOI: 10.3969/j.issn.0372-2112.2018.03.028

基于生物特征标识的无线传感器网络三因素用户认证协议

房卫东^1,2, 张武雄^1,2, 杨旸^1,2, 张传雷³, 陈伟⁴

1. 中国科学院上海微系统与信息技术研究所无线传感网与通信重点实验室, 上海 200051;
2. 上海无线通信研究中心, 上海 201210;
3. 天津科技大学计算机科学与信息工程学院, 天津 300222;
4. 中国矿业大学计算机科学与技术学院, 江苏徐州 221116

收稿日期:2016-03-21 修回日期:2017-05-10 出版日期:2018-03-25
- 通讯作者:
- 张武雄
- 作者简介:
- 房卫东,男,1971年2月出生,山东济南人,博士,中国科学院上海微系统与信息技术研究所高级工程师,主要研究方向为无线传感器网络可信传输技术、信任管理、隐私保护.E-mail:weidong.fang@mail.sim.ac.cn;杨旸,男,1974年2月出生,江苏南京人,博士,中国科学院上海微系统与信息技术研究所研究员、博导,主要研究方向为无线传感器网络(物联网)、新一代移动通信系统(5G)、雾计算与网络技术,开放无线测试验证平台.E-mail:yang.yang@mail.sim.ac.cn;张传雷,男,1973年月出生,山东沂源人,博士,天津科技大学计算机科学与信息工程学院副教授,主要研究方向为计算机应用技术、无线传感器网络可信传输技术.E-mail:97313114@tust.edu.cn;陈伟,男,1978年9月出生,江苏徐州人,博士,中国矿业大学计算机科学与技术学院教授,主要研究方向为智能信息处理、无线通信、大数据与云计算.E-mail:chenw@cumt.edu.cn
- 基金资助:
- 国家自然科学基金 (No.61471346，No.61461136003）; 上海市自然科学基金 (No.17ZR1429100）; 上海市科技创新行动计划 (No.17511105903，No.17DZ1200302）; 国家自然科学基金委员会-山西省人民政府煤基低碳联合基金 (No.U1510115）; 青海省自然科学基金 (No.2016-ZJ-922Q）; 青蓝工程资助; 中国博士后科学基金特别资助项目 (No.2013T60574）; CEMEE国家实验室开放课题基金 (No.CEMEE2017K0303B）

BTh-UAP:Biometric-Based Three-Factor User Authentication Protocol for Wireless Sensor Network

FANG Wei-dong^1,2, ZHANG Wu-xiong^1,2, YANG Yang^1,2, ZHANG Chuan-lei³, CHEN Wei⁴

1. Key Laboratory of Wireless Sensor Network & Communication, Shanghai Institute of Microsystem and Information Technology, Chinese Academy of Sciences, Shanghai 200051, China;
2. Shanghai Research Center for Wireless Communication, Shanghai 201210, China;
3. College of Computer Science and Information Engineering, Tianjin University of Science and Technology, Tianjin 300222, China;
4. School of Computer Science and Technology, China University of Mining and Technology, Xuzhou, Jiangsu 221116, China

Received:2016-03-21 Revised:2017-05-10 Online:2018-03-25 Published:2018-03-25
- Corresponding author:
- ZHANG Wu-xiong

摘要/Abstract

摘要： 为满足高安全级别场景（如军事、国家安全、银行等）的应用需求，进一步提高无线传感器网络用户认证协议的安全性，提出了基于生物特征识别的三因素用户认证协议.针对Althobaiti协议无法防御节点妥协攻击、模拟攻击、中间人攻击和内部特权攻击的安全缺陷，增加智能卡和密码作为协议基本安全因素，并利用生物特征标识信息生成函数与回复函数处理的生物特征标识作为附加安全因素；在密钥管理中，为每个节点配置了与网关节点共享唯一密钥，保证认证过程的独立性与安全性；实现用户自主选择与网关节点的共享密钥，提高公共信道通信的安全性；在网关节点不参与的情况下，设计密码和生物特征标识更新机制，保证二者的新鲜性.通过Dolev-Yao拓展威胁模型的分析与AVISPA的OFMC分析终端的仿真，结果证明该认证协议克服了Althobaiti协议安全缺陷，且对计算能力的需求小于公钥加密.权衡安全性与计算成本，该协议适用于资源受限且安全需求高的无线传感器网络应用.

关键词: 无线传感器网络, 信息安全, 三因素, 用户认证协议, 生物特征标识

Abstract:

To meet the application requirements in high-level security scenarios (i. e., military, national security and banks), and further enhance the security for user authentication protocol in wireless sensor network (WSN), the biometric-based three-factor user authentication protocol (BTh-UAP) is proposed. For defending against the node compromise attack, the simulated attack, the man-in-the-middle attack and the privileged-insider attack in Althobaiti protocol, the smart card and password are taken as its basic secure factors, and the biometric identification that is operated by the biometric identification information generation and reply function is introduced as additional secure factor. In key management, a unique shared key for each node combined with gateway node is delivered to guarantee the independence and security in authentication phase. The shared key between user and gateway node is autonomously chosen to improve the security of the common communication channel. Furthermore, in the circumstance for non-participation of node, the updating scheme for password and biometric identification is designed to achieve the freshness. The results demonstrate that BTh-UAP not only overcomes Althobaiti's security flaws, but also its requirements for computing capability are less than the public-key encryption via using the Dolev-Yao threat model analysis and AVISPA's OFMC simulation. The tradeoff between security and computing costs indicates that BTh-UAP can be applied in high-level security scenarios for resource-constrained wireless sensor network.

Key words: wireless sensor network (WSN), information security, three-factors, user authentication protocol, biometric

中图分类号:

TP393

房卫东, 张武雄, 杨旸, 张传雷, 陈伟. 基于生物特征标识的无线传感器网络三因素用户认证协议[J]. 电子学报, 2018, 46(3): 702-713.

FANG Wei-dong, ZHANG Wu-xiong, YANG Yang, ZHANG Chuan-lei, CHEN Wei. BTh-UAP:Biometric-Based Three-Factor User Authentication Protocol for Wireless Sensor Network[J]. Acta Electronica Sinica, 2018, 46(3): 702-713.

参考文献

[1] 刘伟,董恩清,宋洋.无线传感器网络节点三维定位的翻转模糊检测[J].电子学报,2016,44(2):374-384. LIU W,DONG E Q,SONG Y.Flip ambiguity detection for three-dimensional node localization in wireless sensor networks[J].Acta Electronica Sinica,2016,44(2):374-384.(in Chinese)
[2] BUTUN I,MORGERA S D,SANKAR R.A survey of intrusion detection systems in wireless sensor networks[J].IEEE Communications Surveys & Tutorials,2014,16(1):266-282.
[3] 李继国,张亦辰,卫晓霞.可证安全的基于证书广播加密方案[J].电子学报,2016,44(5):1101-1110. LI J G,ZHANG Y C,WEI X X.A provably secure certificate-based broadcast encryption scheme[J].Acta Electronica Sinica,2016,44(5):1101-1110.(in Chinese)
[4] 杨鹏,唐洋,舒娜,王汝言.供给需求关系感知的间断连接无线网络安全路由机制[J].通信学报,2015,36(Z1):42-52. YANG P,TANG Y,SHU N,WANG R Y.Secure supply and demand relationship perception routing in intermittently connected wireless networks[J].Journal on Communications,2015,36(Z1):42-52.(in Chinese)
[5] 肖云鹏,姚豪豪,刘宴兵.一种基于云模型的WSNs节点信誉安全方案[J].电子学报,2016,44(1):168-175. XIAO Y P,YAO H H,LIU Y B.A WSNs node reputation security scheme based on cloud model[J].Acta Electronica Sinica,2016,44(1):168-175.(in Chinese)
[6] FANG W D,SHAN L H,JIA G Q,JI X H,CHEN S J.A low complexity secure network coding in wireless sensor network[J].Journal of Internet Technology,2016,17(5):905-913.
[7] 李晓伟,张玉清,张格非,刘雪峰,范丹.基于智能卡的强安全认证与密钥协商协议[J].电子学报,2014,42(8):1587-1593. LI X W,ZHANG Y Q,ZHANG G F,LIU X F,FAN D.Strongly secure authenticated key agreement protocol using smart card[J].Acta Electronica Sinica,2014,42(8):1587-1593.(in Chinese)
[8] CHEN X Q,CAO T J,ZHAI J X.Untraceability analysis of two RFID authentication protocols[J].Chinese Journal of Electronics,2016,25(9):912-920.
[9] 刘云,杨亮,范科峰,王勇,唐仕军.一种改进的动态用户认证协议[J].电子学报,2013,41(1):42-46. LIU Y,YANG L,FAN K F,WANG Y,TANG S J.Improved dynamic user authentication protocol[J].Acta Electronica Sinica,2013,41(1):42-46.(in Chinese)
[10] QAZI F A,QAZI F A.A survey of biometric authentication systems[A].Proceedings of the International Conference on Security and Management,SAM'04[C].Las Vegas,Nevada,USA:SAM,2004.61-67.
[11] KUMARI S,KHAN M K,ATIQUZZAMAN M.User authentication schemes for wireless sensor networks:A review[J].Ad Hoc Networks,2015,27:159-194.
[12] KAUSHAL K,KAUR T.A survey on attacks of WSN and their security mechanisms[J].International Journal of Computer Applications,2015,118(18):1-4.
[13] LEE J K,RYU S R,YOO K Y.Fingerprint-based remote user authentication scheme using smart cards[J].Electronics Letters,2002,38(12):554-555.
[14] LI C T,HWANG M S.An efficient biometrics-based remote user authentication scheme using smart cards[J].Journal of Network and computer applications,2010,33(1):1-5.
[15] YUAN J,JIANG C,JIANG Z.A biometric-based user authentication for wireless sensor networks[J].Wuhan University Journal of Natural Sciences,2010,15(3):272-276.
[16] LEE C C,CHANG R X,CHEN L A.Improvement of li-hwang's biometrics-based remote user authentication scheme using smart cards[J].WSEAS Transactions on Communications,2011,10(7):193-200.
[17] YOON E J,YOO K Y.A new biometric-based user authentication scheme without using password for wireless sensor networks[A].The 20th IEEE International Workshops on Enabling Technologies:Infrastructure for Collaborative Enterprises (WETICE)[C].USA:IEEE,2011.279-284.
[18] DAS M L.Two-factor user authentication in wireless sensor networks[J].IEEE Transactions on Wireless Communications,2009,8(3):1086-1090.
[19] SEKHAR V C,SARVABHATLA M.A robust biometric-based three-factor remote user authentication scheme[A].The Smithsonian/NASA Astrophysics Data System[C].USA:NASA,2014.arXiv:1401.1318.
[20] AN Y.Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards[J].Journal of Biomedicine & Biotechnology,2012,DOI:10.1155/2012/519723.
[21] CHATURVEDI A,MISHRA D,MUKHOPADHYAY S.Improved Biometric-Based Three-Factor Remote User Authentication Scheme with Key Agreement Using Smart Card[M].Springer Berlin Heidelberg,2013.63-77.
[22] AWASTHI A K,SRIVASTAVA K.A biometric authentication scheme for telecare medicine information systems with nonce[J].Journal of Medical Systems,2013,37(5):1-4.
[23] LIU X,SHEN Y,LI S,CHEN F.A fingerprint-based user authentication protocol with one-time password for wireless sensor networks[A].Proceedings of International Conference on Sensor Network Security Technology and Privacy Communication System (SNS & PCS)[C].Harbin,China:IEEE Press,2013.9-12.
[24] KIANI F,DALKILIC G.Password renewal enhancement for dynamic authentication in wireless sensor networks[A].Proceedings of the 2nd International Conference on Computational Intelligence,Communication Systems and Networks[C].Liverpool,United Kingdom:IEEE Press,2010.143-146.
[25] LIU X Y,HUANG T L,WANG X,TANG X J.A user authentication scheme based on dynamic password for wireless sensor networks[A].Proceedings of International Conference on Intelligent Computing and Integrated Systems (ICISS)[C].Guilin,China:IEEE Press,2010.145-148.
[26] 喻丽春.基于AES和RSA算法的一次性口令认证[J].西安邮电大学学报,2017,22(1):38-43. YU L.One-time password authentication based on AES and RSA algorithm[J].Journal of Xi'an University of Posts and Telecommunications,2017,22(1):38-43.(in Chinese)
[27] 韩伟力,袁琅,李思斯,王晓阳.一种基于样本的模拟口令集生成算法[J].计算机学报,2017,40(5):1151-1155. HAN W,YUAN L,LI S,WANG X.An efficient algorithm to generate password sets based on samples[J].Chinese Journal of Computers,2017,40(5):1151-1155.(in Chinese)
[28] 王平,汪定,黄欣沂.口令安全研究进展[J].计算机研究与发展,2016,53(10):2173-2188. WANG P,WANG D,HUANG X.Advances in password security[J].Journal of Computer Research and Development,2016,53(10):2173-2188.(in Chinese)
[29] RAMANUJAM R,SUNDARARAJAN V,SURESH S P.Extending Dolev-Yao with Assertions[M].Springer International Publishing,2014.50-68.
[30] KIM J,LEE D,JEON W,et al.Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks[J].Sensors,2014,14(4):6443-6462.
[31] HURTADO ALEGRíA J A,BASTARRICA M C,BERGEL A.Avispa:a tool for analyzing software process models[J].Journal of Software:Evolution and Process,2014,26(4):434-450.

基于生物特征标识的无线传感器网络三因素用户认证协议

BTh-UAP:Biometric-Based Three-Factor User Authentication Protocol for Wireless Sensor Network

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	陈嘉兴, 程杰, 董云玲, 刘志华. 基于弯曲声线和测距修正的水下节点定位算法[J]. 电子学报, 2022, 50(7): 1567-1572.
[2]	王义君, 陈忠野, 缪瑞新, 宋忠炎. 基于三角剖分的WSNs元胞感知覆盖算法[J]. 电子学报, 2022, 50(10): 2443-2451.
[3]	汪成亮, 赵凯, 刘嘉敏. 智能环境下基于边缘设备规则推理的数据预部署研究[J]. 电子学报, 2022, 50(10): 2347-2360.
[4]	苏志刚, 武瑞, 郝敬堂. 面向无源定位的直达波传感器识别算法[J]. 电子学报, 2021, 49(6): 1178-1186.
[5]	朱健, 胡凯, 张伯钧. 智能合约的形式化验证方法研究综述[J]. 电子学报, 2021, 49(4): 792-804.
[6]	王海东, 刘云敬, 康琳, 武迎春. 射频能量捕获传感网移动能量源的布置策略研究[J]. 电子学报, 2020, 48(12): 2367-2375.
[7]	程杰, 董云玲, 陈嘉兴, 刘志华. 一种具有连续跳数值的三维DV-Hop改进算法[J]. 电子学报, 2020, 48(11): 2122-2130.
[8]	王继军, 李国祥, 夏国恩, 孙泽锐. 图像插值空间完全可逆可分离密文域信息隐藏算法[J]. 电子学报, 2020, 48(1): 92-100.
[9]	黄美根, 郁滨. 软件定义WSN规则一致更新研究[J]. 电子学报, 2019, 47(9): 1965-1971.
[10]	王頲, 白桦, 唐晓铭, 黄庆卿. 分布式全局精确时钟同步状态追踪:能观测性观测器分析[J]. 电子学报, 2019, 47(9): 1855-1862.
[11]	丁旭, 吴晓蓓, 王力立, 张新宇, 夏昕. 无线传感器网络中基于最优转发集的协作式编码传输协议[J]. 电子学报, 2019, 47(7): 1584-1590.
[12]	王继军, 孙泽锐, 李国祥. 图像抛物线插值空间大容量可逆信息隐藏算法[J]. 电子学报, 2019, 47(1): 137-144.
[13]	邱树伟, 石海燕, 池凯凯, 程珍, 朱艺华. 射频供能无线传感器网络高能效数据收集方案[J]. 电子学报, 2018, 46(9): 2238-2244.
[14]	田文飚, 芮国胜, 董道广, 康健. 基于盲自适应KLT的蒸发波导压缩感知方法[J]. 电子学报, 2018, 46(9): 2068-2074.
[15]	李国瑞, 王颖, 王聪. 一种基于矩阵补全的无线传感网数据收集方案[J]. 电子学报, 2018, 46(12): 2950-2956.