{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T00:30:52Z","timestamp":1761611452746,"version":"3.41.2"},"reference-count":59,"publisher":"Wiley","issue":"1","license":[{"start":{"date-parts":[[2018,7,5]],"date-time":"2018-07-05T00:00:00Z","timestamp":1530748800000},"content-version":"vor","delay-in-days":185,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61472016","61772548"],"award-info":[{"award-number":["61472016","61772548"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["Wireless Communications and Mobile Computing"],"published-print":{"date-parts":[[2018,1]]},"abstract":"<jats:p>Nowadays wireless sensor networks (WSNs) have drawn great attention from both industrial world and academic community. To facilitate real\u2010time data access for external users from the sensor nodes directly, password\u2010based authentication has become the prevalent authentication mechanism in the past decades. In this work, we investigate three foremost protocols in the area of password\u2010based user authentication scheme for WSNs. Firstly, we analyze an efficient and anonymous protocol and demonstrate that though this protocol is equipped with a formal proof, it actually has several security loopholes been overlooked, such that it cannot resist against smart card loss attack and violate forward secrecy. Secondly, we scrutinize a lightweight protocol and point out that it cannot achieve the claimed security goal of forward secrecy, as well as suffering from user anonymity violation attack and offline password guessing attack. Thirdly, we find that an anonymous scheme fails to preserve two critical properties of forward secrecy and user friendliness. In addition, by adopting the \u201cperfect forward secrecy (PFS)\u201d principle, we provide several effective countermeasures to remedy the identified weaknesses. To test the necessity and effectiveness of our suggestions, we conduct a comparison of 10 representative schemes in terms of the underlying cryptographic primitives used for realizing forward secrecy.<\/jats:p>","DOI":"10.1155\/2018\/8539674","type":"journal-article","created":{"date-parts":[[2018,7,5]],"date-time":"2018-07-05T23:39:06Z","timestamp":1530833946000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":27,"title":["Cryptanalysis and Security Enhancement of Three Authentication Schemes in Wireless Sensor Networks"],"prefix":"10.1155","volume":"2018","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2613-8257","authenticated-orcid":false,"given":"Wenting","family":"Li","sequence":"first","affiliation":[]},{"given":"Bin","family":"Li","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0823-3135","authenticated-orcid":false,"given":"Yiming","family":"Zhao","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8854-2079","authenticated-orcid":false,"given":"Ping","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Fushan","family":"Wei","sequence":"additional","affiliation":[]}],"member":"311","published-online":{"date-parts":[[2018,7,5]]},"reference":[{"key":"e_1_2_9_1_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2668062"},{"key":"e_1_2_9_2_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.11.008"},{"key":"e_1_2_9_3_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2016.12.013"},{"key":"e_1_2_9_4_2","article-title":"Sosus the \u2032secret weapon\u2032 of undersea surveillance","volume":"7","author":"Whitman E. C.","year":"2005","journal-title":"Undersea Warfare"},{"key":"e_1_2_9_5_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.10.001"},{"key":"e_1_2_9_6_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2017.03.013"},{"key":"e_1_2_9_7_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2014.07.010"},{"key":"e_1_2_9_8_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2016.12.028"},{"key":"e_1_2_9_9_2","article-title":"A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks","author":"Wu F.","year":"2017","journal-title":"Future Generation Computer Systems"},{"key":"e_1_2_9_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2016.2605087"},{"key":"e_1_2_9_11_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2016.10.001"},{"key":"e_1_2_9_12_2","doi-asserted-by":"publisher","DOI":"10.1109\/TPDS.2013.230"},{"key":"e_1_2_9_13_2","doi-asserted-by":"crossref","unstructured":"WongK. H. M. YuanZ. JiannongC. andShengweiW. A dynamic user authentication scheme for wireless sensor networks 1 Proceedings of the IEEE International Conference on Sensor Networks Ubiquitous and Trustworthy Computing June 2006 Taichung Taiwan 244\u2013251 https:\/\/doi.org\/10.1109\/sutc.2006.1636182 2-s2.0-33845458336.","DOI":"10.1109\/SUTC.2006.1636182"},{"key":"e_1_2_9_14_2","doi-asserted-by":"crossref","unstructured":"TsengH. R. JanR. H. andYangW. An improved dynamic user authentication scheme for wireless sensor networks Proceedings of the 50th Annual IEEE Global Telecommunications Conference (GLOBECOM \u203207) November 2007 986\u2013990 https:\/\/doi.org\/10.1109\/GLOCOM.2007.190 2-s2.0-39349093196.","DOI":"10.1109\/GLOCOM.2007.190"},{"key":"e_1_2_9_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/TWC.2008.080128"},{"key":"e_1_2_9_16_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2010.02.011"},{"key":"e_1_2_9_17_2","doi-asserted-by":"publisher","DOI":"10.4218\/etrij.10.1510.0134"},{"key":"e_1_2_9_18_2","doi-asserted-by":"publisher","DOI":"10.3390\/s110504767"},{"key":"e_1_2_9_19_2","doi-asserted-by":"publisher","DOI":"10.1155\/2013\/730831"},{"key":"e_1_2_9_20_2","doi-asserted-by":"crossref","unstructured":"VaidyaB. MakrakisD. andMouftahH. T. Improved two-factor user authentication in wireless sensor networks Proceedings of the 6th Annual IEEE International Conference on Wireless and Mobile Computing Networking and Communications (WiMob \u203210) October 2010 600\u2013606 https:\/\/doi.org\/10.1109\/wimob.2010.5645004 2-s2.0-78650750082.","DOI":"10.1109\/WIMOB.2010.5645004"},{"key":"e_1_2_9_21_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2015.05.014"},{"key":"e_1_2_9_22_2","doi-asserted-by":"publisher","DOI":"10.3390\/s140610081"},{"key":"e_1_2_9_23_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2012.05.010"},{"key":"e_1_2_9_24_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2015.02.010"},{"key":"e_1_2_9_25_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2017.07.001"},{"key":"e_1_2_9_26_2","doi-asserted-by":"publisher","DOI":"10.1002\/dac.2468"},{"key":"e_1_2_9_27_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2016.2613841"},{"key":"e_1_2_9_28_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2013.2297110"},{"key":"e_1_2_9_29_2","doi-asserted-by":"crossref","unstructured":"WangD. ZhangZ. WangP. YanJ. andHuangX. Targeted online password guessing: an underestimated threat Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS \u203216) October 2016 1242\u20131254 2-s2.0-84995390356.","DOI":"10.1145\/2976749.2978339"},{"key":"e_1_2_9_30_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2721359"},{"key":"e_1_2_9_31_2","doi-asserted-by":"crossref","unstructured":"JuelsA.andWattenbergM. A fuzzy commitment scheme Proceedings of the 6th ACM Conference on Computer and Communications Security (ACM CCS \u203299) November 1999 28\u201336 2-s2.0-0033281339.","DOI":"10.1145\/319709.319714"},{"key":"e_1_2_9_32_2","doi-asserted-by":"crossref","unstructured":"EschenauerL.andGligorV. D. A key-management scheme for distributed sensor networks Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS \u203202) November 2002 Washington DC USA 41\u201347 https:\/\/doi.org\/10.1145\/586110.586117 2-s2.0-0038341106.","DOI":"10.1145\/586115.586117"},{"key":"e_1_2_9_33_2","doi-asserted-by":"crossref","unstructured":"VuT. M. Safavi-NainiR. andWilliamsonC. Securing wireless sensor networks against large-scale node capture attacks Proceedings of the 5th ACM Symposium on Information Computer and Communication Security (ASIACCS \u203210) April 2010 112\u2013123 2-s2.0-77954465312.","DOI":"10.1145\/1755688.1755703"},{"key":"e_1_2_9_34_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2014.03.009"},{"key":"e_1_2_9_35_2","doi-asserted-by":"publisher","DOI":"10.1098\/rspa.1989.0125"},{"key":"e_1_2_9_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2015.2439964"},{"key":"e_1_2_9_37_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jcss.2013.07.004"},{"key":"e_1_2_9_38_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2013.08.040"},{"key":"e_1_2_9_39_2","doi-asserted-by":"publisher","DOI":"10.1109\/TWC.2008.060802"},{"key":"e_1_2_9_40_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2017.06.018"},{"key":"e_1_2_9_41_2","doi-asserted-by":"publisher","DOI":"10.3390\/s17030644"},{"key":"e_1_2_9_42_2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2780232"},{"key":"e_1_2_9_43_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCE.2004.1309441"},{"key":"e_1_2_9_44_2","doi-asserted-by":"publisher","DOI":"10.1002\/dac.3323"},{"key":"e_1_2_9_45_2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2714179"},{"key":"e_1_2_9_46_2","doi-asserted-by":"crossref","unstructured":"XiaoY. LiM. ChenS. andZhangY. Stacco: differentially analyzing side-channel traces for detecting ssl\/tls vulnerabilities in secure enclaves Proceedings of the ACM SIGSAC Conference October 2017 Dallas TX USA 859\u2013874 https:\/\/doi.org\/10.1145\/3133956.3134016.","DOI":"10.1145\/3133956.3134016"},{"key":"e_1_2_9_47_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-22792-9_20"},{"key":"e_1_2_9_48_2","doi-asserted-by":"crossref","unstructured":"ZhouY. YuY. StandaertF.-X. andQuisquaterJ.-J. On the need of physical security for small embedded devices: a case study with COMP128-1 implementations in SIM cards 7859 Proceedings of the FC 2013 230\u2013238 2-s2.0-84883282434.","DOI":"10.1007\/978-3-642-39884-1_20"},{"key":"e_1_2_9_49_2","unstructured":"ChaluparG. PeherstorferS. PollE. andDe RuiterJ. Automated reverse engineering using lego 14 Proceedings of the 8th USENIX WOOT 2014 1\u201310."},{"key":"e_1_2_9_50_2","doi-asserted-by":"publisher","DOI":"10.1155\/2017\/1378128"},{"key":"e_1_2_9_51_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2016.11.002"},{"key":"e_1_2_9_52_2","doi-asserted-by":"publisher","DOI":"10.1002\/sec.1573"},{"key":"e_1_2_9_53_2","doi-asserted-by":"publisher","DOI":"10.1109\/TWC.2015.2473165"},{"key":"e_1_2_9_54_2","doi-asserted-by":"publisher","DOI":"10.1002\/sec.517"},{"key":"e_1_2_9_55_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11277-015-2721-7"},{"key":"e_1_2_9_56_2","unstructured":"BrasT. L. Online overload its worse than you thought July 2015 https:\/\/bit.ly\/2IjgkGL."},{"key":"e_1_2_9_57_2","doi-asserted-by":"crossref","unstructured":"MillerR. B. Response time in man-computer conversational transactions Proceedings of the Fall Joint Computer Conference (AFIPS \u203268) December 1968 San Francisco Calif USA 267\u2013277 https:\/\/doi.org\/10.1145\/1476589.1476628.","DOI":"10.1145\/1476589.1476628"},{"key":"e_1_2_9_58_2","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44647-8_13"},{"key":"e_1_2_9_59_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-46588-1_29"}],"container-title":["Wireless Communications and Mobile Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2018\/8539674.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/wcmc\/2018\/8539674.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1155\/2018\/8539674","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,5]],"date-time":"2025-07-05T16:14:28Z","timestamp":1751732068000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1155\/2018\/8539674"}},"subtitle":[],"editor":[{"given":"Joseph","family":"Liu","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2018,1]]},"references-count":59,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2018,1]]}},"alternative-id":["10.1155\/2018\/8539674"],"URL":"https:\/\/doi.org\/10.1155\/2018\/8539674","archive":["Portico"],"relation":{},"ISSN":["1530-8669","1530-8677"],"issn-type":[{"type":"print","value":"1530-8669"},{"type":"electronic","value":"1530-8677"}],"subject":[],"published":{"date-parts":[[2018,1]]},"assertion":[{"value":"2018-04-04","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-05-28","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2018-07-05","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"8539674"}}