{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,28]],"date-time":"2026-02-28T04:27:51Z","timestamp":1772252871689,"version":"3.50.1"},"reference-count":26,"publisher":"MDPI AG","issue":"12","license":[{"start":{"date-parts":[[2018,12,18]],"date-time":"2018-12-18T00:00:00Z","timestamp":1545091200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Wireless sensor networks are widely used in many applications such as environmental monitoring, health care, smart grid and surveillance. Many security protocols have been proposed and intensively studied due to the inherent nature of wireless networks. In particular, Wu et al. proposed a promising authentication scheme which is sufficiently robust against various attacks. However, according to our analysis, Wu et al.\u2019s scheme has two serious security weaknesses against malicious outsiders. First, their scheme can lead to user impersonation attacks. Second, user anonymity is not preserved in their scheme. In this paper, we present these vulnerabilities of Wu et al.\u2019s scheme in detail. We also propose a new scheme to complement their weaknesses. We improve and speed up the vulnerability of the Wu et al. scheme. Security analysis is analyzed by Proverif and informal analysis is performed for various attacks.<\/jats:p>","DOI":"10.3390\/s18124481","type":"journal-article","created":{"date-parts":[[2018,12,18]],"date-time":"2018-12-18T11:09:21Z","timestamp":1545131361000},"page":"4481","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":30,"title":["Secure and Efficient Three-Factor Protocol for Wireless Sensor Networks"],"prefix":"10.3390","volume":"18","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8124-3853","authenticated-orcid":false,"given":"Jihyeon","family":"Ryu","sequence":"first","affiliation":[{"name":"Department of Platform Software, Sungkyunkwan University, Gyeonggi-do 16419, Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5777-4256","authenticated-orcid":false,"given":"Hakjun","family":"Lee","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, Sungkyunkwan University, Gyeonggi-do 16419, Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1605-3866","authenticated-orcid":false,"given":"Hyoungshick","family":"Kim","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Sungkyunkwan University, Gyeonggi-do 16419, Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dongho","family":"Won","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Sungkyunkwan University, Gyeonggi-do 16419, Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2018,12,18]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s12083-016-0485-9","article-title":"An Improved and Provably Secure Three-Factor User Authentication Scheme for Wireless Sensor Networks","volume":"11","author":"Wu","year":"2018","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1086","DOI":"10.1109\/TWC.2008.080128","article-title":"Two-Factor User Authentication in Wireless Sensor Networks","volume":"8","author":"Das","year":"2009","journal-title":"IEEE Trans. Wirel. Commun."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1177\/1550147716658607","article-title":"Secure biometric-based authentication scheme with smart card revocation\/reissue for wireless sensor networks","volume":"12","author":"Park","year":"2016","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1007\/s12083-015-0409-0","article-title":"An improved smart card based authentication scheme for session initiation protocol","volume":"10","author":"Kumari","year":"2017","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"2024","DOI":"10.1002\/sec.1459","article-title":"An energy efficient encryption method for secure dynamic WSN","volume":"9","author":"Elhoseny","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"151","DOI":"10.1016\/j.comnet.2018.09.015","article-title":"Trust-based secure clustering in WSN-based intelligent transportation systems","volume":"146","author":"Gaber","year":"2018","journal-title":"Comput. Netw."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Watro, R., Kong, D., Cuti, S., Gardiner, C., Lynn, C., and Kruus, P. (2004, January 25\u201329). TinyPK: Securing Sensor Networks with Public Key Technology. Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks, Washington, DC, USA.","DOI":"10.1145\/1029102.1029113"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Moon, J., Choi, Y., Jung, J., and Won, D. (2015). An Improvement of Robust Biometrics-based Authentication and Key Agreement Scheme for Multi-Server Environments using Smart Cards. PLoS ONE, 10.","DOI":"10.1145\/2857546.2857554"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"182","DOI":"10.1016\/j.ins.2014.05.041","article-title":"A mechanical approach to derive identity-based protocols from Diffie\u2013Hellman-based protocols","volume":"281","author":"Choo","year":"2014","journal-title":"Inf. Sci."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"70","DOI":"10.1007\/s10916-015-0422-0","article-title":"An improvement of robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps","volume":"40","author":"Moon","year":"2016","journal-title":"J. Med. Syst."},{"key":"ref_11","first-page":"361","article-title":"An enhanced two-factor user authentication scheme in wireless sensor networks","volume":"10","author":"He","year":"2010","journal-title":"Ad Hoc Sens. Wirel. Netw."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Kumar, P., and Lee, H.J. (2011, January 20\u201322). Cryptanalysis on two user authentication protocols using smart card for wireless sensor networks. Proceedings of the 2011 Wireless Advanced, London, UK.","DOI":"10.1109\/WiAd.2011.5983262"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"4767","DOI":"10.3390\/s110504767","article-title":"A secured authentication protocol for wireless sensor networks using elliptic curves cryptography","volume":"11","author":"Yeh","year":"2011","journal-title":"Sensors"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"316","DOI":"10.1016\/j.jnca.2012.05.010","article-title":"A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks","volume":"36","author":"Xue","year":"2013","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"1070","DOI":"10.1007\/s12083-014-0285-z","article-title":"An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks","volume":"8","author":"Jiang","year":"2015","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"223","DOI":"10.1007\/s12083-014-0324-9","article-title":"A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks","volume":"9","author":"Das","year":"2016","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"e2933","DOI":"10.1002\/dac.2933","article-title":"A secure and effective biometricbased user authentication scheme for wireless sensor networks using smart card and fuzzy extractor","volume":"30","author":"Das","year":"2017","journal-title":"Int. J. Commun. Syst."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"1377","DOI":"10.1007\/s11277-015-2288-3","article-title":"A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks","volume":"82","author":"Das","year":"2015","journal-title":"Wirel. Pers. Commun."},{"key":"ref_19","first-page":"417","article-title":"Uses of Elliptic Curves in Cryptography","volume":"Volume 218","author":"Miller","year":"1986","journal-title":"Advances in Cryptology Crypto"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1090\/S0025-5718-1987-0866109-5","article-title":"Elliptic curve cryptosystems","volume":"48","author":"Koblitz","year":"1987","journal-title":"Math. Comput."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"6207","DOI":"10.1109\/TIT.2012.2200290","article-title":"Robust fuzzy extractors and authenticated key agreement from close secrets","volume":"58","author":"Dodis","year":"2013","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Reyzin, L., and Smith, A. (2004, January 2\u20136). Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland.","DOI":"10.1007\/978-3-540-24676-3_31"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"541","DOI":"10.1109\/TC.2002.1004593","article-title":"Examining smart-card security under the threat of power analysis attacks","volume":"51","author":"Messerges","year":"2002","journal-title":"IEEE Trans. Comput."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Lee, H., Lee, D., Moon, J., Jung, J., Kang, D., Kim, H., and Won, D. (2018). An improved anonymous authentication scheme for roaming in ubiquitous networks. PLoS ONE, 13.","DOI":"10.1371\/journal.pone.0193366"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Park, Y., and Park, Y. (2016). Three-factor user authentication and key agreement using elliptic curve cryptosystem in wireless sensor networks. Sensors, 16.","DOI":"10.3390\/s16122123"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"10","DOI":"10.1007\/s10916-014-0179-x","article-title":"Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care","volume":"39","author":"Xu","year":"2015","journal-title":"J. Med. Syst."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/12\/4481\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:34:44Z","timestamp":1760196884000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/12\/4481"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12,18]]},"references-count":26,"journal-issue":{"issue":"12","published-online":{"date-parts":[[2018,12]]}},"alternative-id":["s18124481"],"URL":"https:\/\/doi.org\/10.3390\/s18124481","relation":{"has-preprint":[{"id-type":"doi","id":"10.20944\/preprints201811.0239.v1","asserted-by":"object"}]},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,12,18]]}}}