对He等人提出的无线传感器网络用户认证协议(Ad-Hoc Sensor Wireless Networks,2010,No.4)进行研究,指出该协议无法实现用户匿名性,不能抵抗用户仿冒攻击和网关节点旁路攻击,并利用高效的对称密码算法和单向hash函数对其进行改进.理论分析结果证明,改进协议可以实现用户匿名性、不可追踪性及实体认证,抵抗离线字典攻击、用户仿冒攻击和网关节点旁路攻击,与同类协议相比,计算效率更高.%This paper researches an user authentication scheme of Wireless Sensor Network(WSN) proposed by He et al, points out that it has some security weaknesses such as lacking user anonymity, vulnerability to user impersonation attacks and GW-node bypassing attacks, and provides an improved user authentication scheme based on one-way hash function and symmetric cryptosystem. Analytical results prove that the scheme not only achieves user anonymity, untraceability and entity authentication, but also can resist off-line dictionary attacks, user impersonation attacks and GW-node bypassing attacks. Compared to other related authentication schemes, it satisfies more reasonable computational consumption.
展开▼
