User authentication schemes for wireless sensor networks: A review

Wireless sensor networks (WSNs) are applicable in versatile domains ranging from very common to those which demand crucial security concerns. The deployment of WSNs in unattended environments and the resource-constrained nature of the constituent sensor nodes give rise to an open challenge to ensure that only authorized access to the information is available through the sensor nodes. Many researchers have made considerable efforts to meet this challenge by designing secure and dependable user authentication mechanisms. Every proposed scheme, with its advantages and disadvantages is cryptanalyzed to measure its respective strength and shortcomings. In this study, we first present twenty two features that a reliable user authentication scheme for WSNs should possess. We then evaluate seven of the available schemes against these twenty two features. A common tendency among all the available schemes is their failure to resist gateway node bypass attack, node capture attack and user impersonation attack. There is hardly any scheme that provides user anonymity and reparability in case of smart card loss or theft. Further mutual establishment of a session key between the three participating entities namely user, gateway node and sensor node is achieved in only one scheme; it is an integral characteristic to achieve the confidentiality of messages transmitted over open channels. The mutual authentication between the participating entities is another important aspect which is somewhat fulfilled by only two schemes; only one scheme resists denial of service attack and provides security to gateway node secret parameter. It is time to take halt, ponder upon the acquired objectives and set new goals to equip the contemporary state of art in this field with more viable and promising approaches. We review the state of art in this area; our goal is to explore the course of action for future proposals resulting in protocols with greater potential of usage in industry, military and other purposes. We opine that researchers should develop authentication schemes which take into account the desirable features discussed in this paper. We also discuss future path with some key issues and challenges in the area.