A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks

With an advancement of wireless communication technology, wireless sensor network (WSN) has emerged as one of the most powerful technologies which can be used in various applications, such as military surveillance, environment monitoring, industrial control, and medical monitoring. WSNs are vulnerable to large collection of attacks than traditional networks because they transmit data using a wireless channel and are deployed in unattended environments. So, in this environment, how to ensure secure communications between different communication parties becomes a challenging issue with respect to the constraints of energy consumption, and large overhead generated during various operations performed. In this direction, the mutual authentication and key agreement (MAAKA) scheme attracts much attention in recent years. In literature, MAAKA schemes were presented in last several years. However, most of these schemes cannot satisfy security requirements in WSNs. Recently, Xue et al. proposed a temporal-credential-based MAAKA scheme for WSNs and proved that it could withstand various types of attacks. However, this paper points out that Xue et al.’s MAAKA scheme is vulnerable to the off-line password guessing attack, the user impersonation attack, the sensor node impersonation attack and the modification attack. Moreover, this paper also points out that Xue et al.’s MAAKA scheme cannot provide user anonymity. To overcome weaknesses in Xue et al.’s MAAKA scheme, this paper proposes a new temporal-credential-based MAAKA scheme for WSNs. Security analysis shows the proposed MAAKA scheme could overcome the weaknesses in Xue et al.’s MAAKA scheme. Performance analysis shows the proposed MAAKA scheme has better performance than the existing benchmarked schemes in literature. Therefore, the proposed MAAKA scheme is more suitable for providing security for various applications in WSNs.