Abstract
Recently, in 2013, Wu et al. proposed an efficient adaptable and scalable group access control scheme (GAC) for managing wireless sensor networks and they claimed that their proposed GAC approach provides the forward secrecy and backward secrecy, and it also prevents the man-in-the-middle attack. However, in this paper, we revisit Wu et al.’s scheme and show that Wu et al.’s scheme fails to provide the forward and backward secrecy to the group access key (GAK), and also their scheme does not prevent the man-in-the-middle attack and it does not provide the mutual authentication between a node and the task manager. Moreover, in Wu et al.’s scheme, all the past GAKs used by a node can be revealed to an adversary when that node is compromised. We then aim to propose a novel group access control mechanism to withstand the security weaknesses found in Wu et al.’s scheme while retaining the original merits of their scheme. Through the rigorous informal security analysis and the formal security analysis using the widely-accepted Burrows–Abadi–Needham logic, we show that our scheme is secure against various known attacks including the attacks found in Wu et al.’s scheme. Moreover, in our scheme, the vulnerability of the GAKs used by a node is limited and bounded to the last GAK update protocol interval when that node is compromised by an adversary. Our scheme provides efficient dynamic properties such as joining and leaving of a node from a group along with high security and the required desirable features as compared to Wu et al.’s scheme, and as a result, our scheme is very suitable for the practical applications.
Similar content being viewed by others
References
Akyildiz, I. F., Su, W., Sankarasubramaniam, Y., & Cayirci, E. (2002). Wireless sensor networks: A survey. Computer Networks, 38(4), 393–422.
Das, A. K. (2005). A key reshuffling scheme for wireless sensor networks. In International conference on information systems security (ICISS 2005), Kolkata, India, pp. 205–216. Springer.
Das, A. K. (2009). An unconditionally secure key management scheme for large-scale heterogeneous wireless sensor networks. In International conference on communication systems and networks and workshops (COMSNETS 2009), Bangalore, India, pp. 1–10. IEEE.
Das, A. K. (2015). A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks. Wireless Personal Communications. doi:10.1007/s11277-015-2288-3.
Klaoudatou, E., Konstantinou, E., Kambourakis, G., & Gritzalis, S. (2011). A survey on cluster-based group key agreement protocols for WSNs. IEEE Communications Surveys & Tutorials, 13(3), 429–442.
Prasad, N. R., & Alam, M. (2006). Security framework for wireless sensor networks. Wireless Personal Communications, 37(3–4), 455–469.
Wu, F., Pai, H. T., Zhu, X., Hsueh, P. Y., & Hu, Y. H. (2013). An adaptable and scalable group access control scheme for managing wireless sensor networks. Telematics and Informatics, 30(2), 144–157.
Chatterjee, S., Das, A. K., & Sing, J. K. (2013). Analysis and formal security verification of access control schemes in wireless sensor networks: A critical survey. Journal of Information Assurance and Security, 8(1), 33–57.
Das, A. K. (2010). A survey on analytic studies of key distribution mechanisms in wireless sensor networks. Journal of Information Assurance and Security, 5(5), 526–553.
Du, X., & Chen, H. H. (2008). Security in wireless sensor networks. IEEE Wireless Communications, 15(4), 60–66.
Huang, H. F. (2009). A novel access control protocol for secure sensor networks. Computer Standards & Interfaces, 31(2), 272–276.
Perrig, A., Stankovic, J., & Wagner, D. (2004). Security in wireless sensor networks. Communications of the ACM, 47(6), 53–57.
Shamir, A. (1979). How to share a secret. Communications of the ACM, 22(11), 612–613.
Kuen-Pin, W. U., Tseng, C. K., & Feipei, L. (2001). Hierarchical access control using the secure filter. IEICE Transactions on Information and Systems, 84(6), 700–708.
Jeng, F. G., & Wang, C. M. (2006). An efficient key-management scheme for hierarchical access control based on elliptic curve cryptosystem. Journal of Systems and Software, 79(8), 1161–1167.
Tsaur, W. J., & Pai, H. T. (2007). Dynamic key management schemes for secure group communication based on hierarchical clustering in mobile adhocnetworks. In Frontiers of high performance computing and networking ISPA 2007 workshops, Niagara Falls, Canada, pp. 475–484. Springer.
Das, A. K., Sharma, P., Chatterjee, S., & Sing, J. K. (2012). A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. Journal of Network and Computer Applications, 35(5), 1646–1656.
Sorniotti, A., Molva, R., Gomez, l, Trefois, C., Laube, A., & Scaglioso, P. (2009). Efficient access control for wireless sensor data. International Journal of Wireless Information Networks, 16(3), 165–174.
Wu, F., Pai, H. T., Zhu, X., Hsueh, P. Y., & Hu, Y. H. (2011). Dynamic access control for secure group communication in wireless sensor networks. In 8th international conference on electrical engineering/electronics, computer, telecommunications and information technology (ECTI-CON), Khon Kaen, Thailand, pp 288–291. IEEE.
Zou, X., Dai, Y. S., & Bertino, E. (2008). A practical and flexible key management mechanism for trusted collaborative computing. In 27th IEEE Conference on computer communications (INFOCOM 2008), Phoenix, AZ, USA. IEEE.
Zhou, Y., Zhang, Y., & Fang, Y. (2007). Access control in wireless sensor networks. Ad Hoc Networks, 5(1), 3–13.
Huang, H. F. (2009). A novel access control protocol for secure sensor networks. Computer Standards & Interfaces, 31(2), 272–276.
Kim, H. S., & Lee, S. W. (2009). Enhanced novel access control protocol over wireless sensor networks. IEEE Transactions on Consumer Electronics, 55(2), 492–498.
Kim, Y., Perrig, A., & Tsudik, G. (2004). Group key agreement efficient in communication. IEEE Transactions on Computers, 53(7), 905–921.
Chatterjee, S., & Das, A. K. (2014). An effective ECC-based user access control scheme with attribute-based encryption for wireless sensor networks. Security and Communication Networks. doi:10.1002/sec.1140.
Das, A. K. (2014). A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Networking and Applications, pp. 1–22. doi:10.1007/s12083-014-0324-9.
Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Proceedings of advances in cryptology—CRYPTO’99, Santa Barbara, California, USA, LNCS, vol. 1666, pp. 388–397.
Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.
Dolev, D., & Yao, A. C. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.
Ben-Or, M. (1981). Probabilistic algorithms in finite fields. In Proceedings of 22nd annual symposium on foundations of computer science (IEEE FOCS’81), Nashville, Tennessee, USA, pp. 394–398.
Das, A. K., Paul, N. R., & Tripathy, L. (2012). Cryptanalysis and improvement of an access control in user hierarchy based on elliptic curve cryptosystem. Information Sciences, 209(C), 80–92.
Knuth, D. E. (1998). The art of computer programming, semi-numerical algorithms (3rd ed., Vol. 2). Reading, MA: Addison-Wesley.
Odelu, V., Das, A. K., & Goswami, A. (2014). A secure effective key management scheme for dynamic access control in a large leaf class hierarchy. Information Sciences, 269(C), 270–285.
Goldwasser, S., & Bellare, K. (2015). Lecture notes on cryptography 2008. https://cseweb.ucsd.edu/~mihir/papers/gb. Accessed January 2015.
Advanced Encryption Standard. FIPS PUB 197, National Institute of Standards and Technology (NIST), U.S. Department of Commerce, November 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197. Accessed November 2010.
Sarkar, P. (2010). A simple and generic construction of authenticated encryption with associated data. ACM Transactions on Information and System Security, 13(4), 33.
Johnson, D., Menezes, A., & Vanstone, S. (2001). The elliptic curve digital signature algorithm (ECDSA). International Journal of Information Security, 1(1), 36–63.
Odelu, V., Das, A. K., & Goswami, A. (2014). Security analysis of an adaptable and scalable group access control scheme for managing wireless sensor networks. In Security in computing and communications (SSCC 2014), Delhi, India, Communications in Computer and Information Science Series (CCIS), vol. 467, pp 10–19. Springer.
Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems, 8(1), 18–36.
Acknowledgments
A part of this paper (cryptanalysis of Wu et al.’s scheme in Sect. 4) appeared in the Proceedings of Security in Computing and Communications (SSCC 2014), Communications in Computer and Information Science Series (CCIS), volume 467, pages 10–19, 2014 [38]. The authors would like to acknowledge the many helpful suggestions of the anonymous reviewers and the Editor of this Journal, which have improved the content and presentation of the paper.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Odelu, V., Das, A.K. & Goswami, A. A Secure and Scalable Group Access Control Scheme for Wireless Sensor Networks. Wireless Pers Commun 85, 1765–1788 (2015). https://doi.org/10.1007/s11277-015-2866-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-015-2866-4