{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,6]],"date-time":"2026-02-06T03:22:46Z","timestamp":1770348166270,"version":"3.49.0"},"reference-count":38,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2021,1,30]],"date-time":"2021-01-30T00:00:00Z","timestamp":1611964800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"Wireless sensor networks (WSN) are widely used to provide users with convenient services such as health-care, and smart home. To provide convenient services, sensor nodes in WSN environments collect and send the sensing data to the gateway. However, it can suffer from serious security issues because susceptible messages are exchanged through an insecure channel. Therefore, secure authentication protocols are necessary to prevent security flaws in WSN. In 2020, Moghadam et al. suggested an efficient authentication and key agreement scheme in WSN. Unfortunately, we discover that Moghadam et al.\u2019s scheme cannot prevent insider and session-specific random number leakage attacks. We also prove that Moghadam et al.\u2019s scheme does not ensure perfect forward secrecy. To prevent security vulnerabilities of Moghadam et al.\u2019s scheme, we propose a secure and lightweight mutual authentication protocol for WSNs (WSN-SLAP). WSN-SLAP has the resistance from various security drawbacks, and provides perfect forward secrecy and mutual authentication. We prove the security of WSN-SLAP by using Burrows-Abadi-Needham (BAN) logic, Real-or-Random (ROR) model, and Automated Verification of Internet Security Protocols and Applications (AVISPA) simulation. In addition, we evaluate the performance of WSN-SLAP compared with existing related protocols. We demonstrate that WSN-SLAP is more secure and suitable than previous protocols for WSN environments.<\/jats:p>","DOI":"10.3390\/s21030936","type":"journal-article","created":{"date-parts":[[2021,1,30]],"date-time":"2021-01-30T21:15:51Z","timestamp":1612041351000},"page":"936","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":64,"title":["WSN-SLAP: Secure and Lightweight Mutual Authentication Protocol for Wireless Sensor Networks"],"prefix":"10.3390","volume":"21","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0014-1965","authenticated-orcid":false,"given":"Deok Kyu","family":"Kwon","sequence":"first","affiliation":[{"name":"School of Electronic and Electrical Engineering, Kyungpook National University, Daegu 41566, Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3245-781X","authenticated-orcid":false,"given":"Sung Jin","family":"Yu","sequence":"additional","affiliation":[{"name":"School of Electronic and Electrical Engineering, Kyungpook National University, Daegu 41566, Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8172-6182","authenticated-orcid":false,"given":"Joon Young","family":"Lee","sequence":"additional","affiliation":[{"name":"School of Electronic and Electrical Engineering, Kyungpook National University, Daegu 41566, Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3198-8467","authenticated-orcid":false,"given":"Seung Hwan","family":"Son","sequence":"additional","affiliation":[{"name":"School of Electronic and Electrical Engineering, Kyungpook National University, Daegu 41566, Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0406-6547","authenticated-orcid":false,"given":"Young Ho","family":"Park","sequence":"additional","affiliation":[{"name":"School of Electronic and Electrical Engineering, Kyungpook National University, Daegu 41566, Korea"},{"name":"School of Electronics Engineering, Kyungpook National University, Daegu 41566, Korea"}]}],"member":"1968","published-online":{"date-parts":[[2021,1,30]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"3184","DOI":"10.1109\/JIOT.2020.2966242","article-title":"Certificateless-signcryption-based three-factor user access control scheme for IoT environment","volume":"7","author":"Mandal","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Yu, S., and Park, Y. (2020). SLUA-WSN: Secure and lightweight three-factor-based user authentication protocol for wireless sensor networks. Sensors, 20.","DOI":"10.3390\/s20154143"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Ghahramani, M., Javidan, R., Shojafar, M., Taheri, R., Alazab, M., and Tafazolli, R. (2020). RSS: An energy-efficient approach for securing IoT service protocols against the DoS attack. IEEE Internet Things J.","DOI":"10.1109\/JIOT.2020.3023102"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"119387","DOI":"10.1109\/ACCESS.2020.3005592","article-title":"LAKS-NVT: Provably secure and lightweight authentication and key agreement scheme without verification table in medical internet of things","volume":"8","author":"Park","year":"2020","journal-title":"IEEE Access"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Lee, J., Yu, S., Park, K., Park, Y., and Park, Y. (2019). Secure three-factor authentication protocol for multi-gateway IoT environments. Sensors, 19.","DOI":"10.3390\/s19102358"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"73182","DOI":"10.1109\/ACCESS.2020.2987764","article-title":"An efficient authentication and key agreement scheme based on ECDH for wireless sensor network","volume":"8","author":"Moghadam","year":"2020","journal-title":"IEEE Access"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Coron, J.S. (1999, January 12\u201313). Resistance against differential power analysis for elliptic curve cryptosystems. Proceedings of the 1st International Workshop on Cryptographic Hardware and Embedded Systems, Worcester, MA, USA.","DOI":"10.1007\/3-540-48059-5_25"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1145\/77648.77649","article-title":"A logic of authentication","volume":"8","author":"Burrows","year":"1990","journal-title":"ACM Trans. Comput. Syst."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Abdalla, M., Fouque, P., and Pointcheval, D. (2005, January 23\u201326). Password-based authenticated key exchange in the three-party setting. Proceedings of the 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC\u201905), Lecture Notes in Computer Science (LNCS), Les Diablerets, Switzerland.","DOI":"10.1007\/978-3-540-30580-4_6"},{"key":"ref_10","unstructured":"AVISPA (2020, December 04). Automated Validation of Internet Security Protocols and Applications. Available online: http:\/\/www.avispa-project.org\/."},{"key":"ref_11","unstructured":"(2020, December 04). SPAN: A Security Protocol Animator for AVISPA. Available online: http:\/\/www.avispa-project.org\/."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_13","unstructured":"Canetti, R., and Krawczyk, H. (May, January 28). Universally composable notions of key exchange and secure channels. Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques\u2014Advances in Cryptology (EUROCRYPT\u201902), Amsterdam, The Netherlands."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Kocher, P., Jaffe, J., and Jun, B. (1999, January 15\u201319). Differential power analysis. Proceedings of the Annual International Cryptology Conference, Santa Barbara, CA, USA.","DOI":"10.1007\/3-540-48405-1_25"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Yu, S., Lee, J., Lee, K., Park, K., and Park, Y. (2018). Secure authentication protocol for wireless sensor networks in vehicular communications. Sensors, 18.","DOI":"10.3390\/s18103191"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"223","DOI":"10.1016\/j.future.2018.08.031","article-title":"WSNs-assisted opportunistic network for low-latency message forwarding in sparse settings","volume":"91","author":"Fu","year":"2019","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1016\/j.inffus.2019.06.001","article-title":"Environment-fusion multipath routing protocol for wireless sensor networks","volume":"53","author":"Fu","year":"2020","journal-title":"Inf. Fusion"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"107046","DOI":"10.1109\/ACCESS.2020.3000790","article-title":"On the design of secure and efficient three-factor authentication protocol using honey list for wireless sensor networks","volume":"8","author":"Lee","year":"2020","journal-title":"IEEE Access"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"107327","DOI":"10.1016\/j.comnet.2020.107327","article-title":"Topology optimization against cascading failures on wireless sensor networks using a memetic algorithm","volume":"177","author":"Fu","year":"2020","journal-title":"Comput. Netw."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"770","DOI":"10.1145\/358790.358797","article-title":"Password authentication with insecure communication","volume":"24","author":"Lamport","year":"1981","journal-title":"Commun. ACM"},{"key":"ref_21","unstructured":"Wong, K.H., Zheng, Y., Cao, J., and Wang, S. (2006, January 5\u20137). A dynamic user authentication scheme for wireless sensor networks. Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC), Taichung, Taiwan."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Tseng, H.R., Jan, R.H., and Yang, W. (2007, January 26\u201330). An improved dynamic user authentication scheme for wireless sensor networks. Proceedings of the IEEE Globecom, Washington, DC, USA.","DOI":"10.1109\/GLOCOM.2007.190"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"1086","DOI":"10.1109\/TWC.2008.080128","article-title":"Two-factor user authentication in wireless sensor networks","volume":"8","author":"Das","year":"2009","journal-title":"IEEE Trans. Wirel. Commun."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"2450","DOI":"10.3390\/s100302450","article-title":"Cryptanalysis and security improvements of \u2018two-factor user authentication in wireless sensor networks\u2019","volume":"10","author":"Khan","year":"2010","journal-title":"Sensors"},{"key":"ref_25","first-page":"361","article-title":"An enhanced two-factor user authentication scheme in wireless sensor networks","volume":"10","author":"He","year":"2010","journal-title":"Ad Hoc Sens. Wirel. Netw."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"4767","DOI":"10.3390\/s110504767","article-title":"A secured authentication protocol for wireless sensor networks using elliptic curves cryptography","volume":"11","author":"Yeh","year":"2011","journal-title":"Sensors"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"10081","DOI":"10.3390\/s140610081","article-title":"Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography","volume":"14","author":"Choi","year":"2014","journal-title":"Sensors"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1007\/s12083-015-0404-5","article-title":"A new and secure authentication scheme for wireless sensor networks with formal proof","volume":"10","author":"Wu","year":"2017","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"21023","DOI":"10.3390\/s141121023","article-title":"A provably-secure ECC-based authentication scheme for wireless sensor networks","volume":"14","author":"Nam","year":"2014","journal-title":"Sensors"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1016\/j.jnca.2016.10.001","article-title":"An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks","volume":"76","author":"Jiang","year":"2016","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1007\/s12652-016-0345-8","article-title":"A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security","volume":"8","author":"Wu","year":"2017","journal-title":"J. Ambient. Intell. Humaniz. Comput."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"8729","DOI":"10.1007\/s11227-020-03160-x","article-title":"A secure biometric-based authentication protocol for global mobility networks in smart cities","volume":"76","author":"Ghahramani","year":"2020","journal-title":"J. Supercomput."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Yu, S., Lee, J., Park, Y., Park, Y., Lee, S., and Chung, B. (2020). A secure and efficient three-factor authentication protocol in global mobility networks. Appl. Sci., 10.","DOI":"10.3390\/app10103565"},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"2776","DOI":"10.1109\/TIFS.2017.2721359","article-title":"Zipf\u2019s law in passwords","volume":"12","author":"Wang","year":"2017","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"8804","DOI":"10.1109\/JIOT.2019.2923611","article-title":"AKM-IoV: Authenticated key management protocol in fog computing-based internet of vehicles deployment","volume":"6","author":"Wazid","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"167875","DOI":"10.1109\/ACCESS.2020.3022778","article-title":"IoV-SMAP: Secure and efficient message authentication protocol for IoV in smart city environment","volume":"8","author":"Yu","year":"2020","journal-title":"IEEE Access"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Boyko, V., MacKenzie, P., and Patel, S. (2000, January 14\u201318). Provably secure password-authenticated key exchange using Diffie-Hellman. Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, Bruges, Belgium.","DOI":"10.1007\/3-540-45539-6_12"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1049\/iet-cdt.2012.0073","article-title":"Three-factor control protocol based on elliptic curve cryptosystem for universal serial bus mass storage devices","volume":"7","author":"Lee","year":"2013","journal-title":"IET Comput. Digit. Tech."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/3\/936\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T05:17:41Z","timestamp":1760159861000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/3\/936"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,1,30]]},"references-count":38,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2021,2]]}},"alternative-id":["s21030936"],"URL":"https:\/\/doi.org\/10.3390\/s21030936","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,1,30]]}}}