On the design of secure user authenticated key management scheme for multigateway-based wireless sensor networks using ECC

In wireless sensor networks (WSNs), there are many critical applications (for example, healthcare, vehicle tracking, and battlefield), where the online streaming data generated from different sensor nodes need to be analyzed with respect to quick control decisions. However, as the data generated by these sensor nodes usually flow through open channel, so there are higher chances of various types of attacks either on the nodes or on to the data captured by these nodes. In this paper, we aim to design a new elliptic curve cryptography–based user authenticated key agreement protocol in a hierarchical WSN so that a legal user can only access the streaming data from generated from different sensor nodes. The proposed scheme is based upon 3-factor authentication, as it applies smart card, password, and personal biometrics of a user (for ticket generation). The proposed scheme maintains low computation cost for resource-constrained sensor nodes, as it uses efficient 1-way cryptographic hash function and bitwise exclusive-OR operations for secure key establishment between different sensor nodes. The security analysis using the broadly accepted Burrows-Abadi-Needham logic, formal security verification using the popular simulation tool (automated validation of Internet security protocols and applications), and informal security show that the proposed scheme is resilient against several well-known attacks needed for a user authentication scheme in WSNs. The comparison of security and functionality requirements, communication and computation costs of the proposed scheme, and other related existing user authentication schemes shows the superior performance of the proposed scheme