Abstract
Wireless Sensor Networks (WSNs) have a very large number of applications in different domains of the industry. One of those applications is the industrial use of WSN. Industrial Wireless Sensor Networks (IWSNs) are generally used in places which are isolated from human involvement. Thus their security and privacy are a major concern. Recently, Gope et al. have discussed a lightweight mutual user authentication protocol for IWSN. In this paper, we perform the security analysis of their scheme and find that their scheme is vulnerable to the following attacks: user device loss attack, stolen verifier attack, and denial of service attack. We also propose an improved scheme that overcomes these vulnerabilities. The proposed scheme uses the Physically Unclonable Function (PUF), Exclusive OR (XOR), and one-way cryptographic hash function operations, which are all lightweight cryptographic functions. The analysis of formal security in our scheme uses random oracle model to prove the safety of the user identity, password, and session key. Through the informal security, we show that our scheme resists many known attacks. The formal verification of security is done using ProVerif tool. In the performance analysis, we present that our scheme provides better security features than the other related schemes.
Disclosure statement
No potential conflict of interest was reported by the author(s).
Additional information
Notes on contributors
![](/cms/asset/38f23e34-ee1e-44a8-bbba-6662545a08a7/tjca_a_1825159_ilg0001.gif)
Devender Kumar
Devender Kumar received his M.Sc. (Mathematics) from Panjab University, Chandigarh and M.Tech. (Computer Science and Engineering) from IIT, Madras and Ph.D. from University of Delhi. Currently, he is an Assistant Professor in Netaji Subhas University of Technology, New Delhi. His current research interests include cryptography, information security and digital authentication.
![](/cms/asset/44c32225-bd6b-415c-822b-f2cb766a7f8a/tjca_a_1825159_ilg0002.gif)
Sai Kishore Pachigolla
Sai Kishore Pachigolla did his B.E in Information Technology from Netaji Subhas Institute of Technology (Affiliated to University of Delhi), New Delhi. Currently he is working as Strategy Analyst in Estee Advisors Pvt Ltd, New Delhi, India. His research interests include cryptography and security in IoT based devices.
![](/cms/asset/95f8ddfe-56ce-428d-a2dd-57b6728fd92d/tjca_a_1825159_ilg0003.gif)
Shubham Singh Manhas
Shubham Singh Manhas did his B.E. in Information Technology from Netaji Subhas Institute of Technology (Affiliated to University of Delhi), New Delhi. Currently he is working as a Software Engineer in Amazon, Hyderabad, India. His research interests include cryptography, authentication and security in IoT based devices.
![](/cms/asset/5605163c-3d55-4a9b-82a6-08a52cc509e5/tjca_a_1825159_ilg0004.gif)
Karan Rawat
Karan Rawat have recently done his B.E. in Information Technology from Netaji Subhas Institute of Technology (Affiliated to University of Delhi), New Delhi. Currently he is working as a Software Development Engineer in Adobe, Noida, India. His research interests include cryptography and security in IoT based devices.