On the (in)security of some smart-card-based password authentication schemes for WSN

In this study, we investigate a temporal-credential-based password authentication scheme introduced by Xue et al. in 2012. This protocol only involves hash and XOR operations and thus is suitable for the resource-constrained WSN environments where an external user wants to obtain real-time data from the sensor nodes inside WSN. However, notwithstanding their security arguments, we point out that Xue et al.’s protocol is still vulnerable to smart card security breach attack and privileged insider attack, and fails to preserve user anonymity. The proposed cryptanalysis discourages any practical use of the scheme under investigation and reveals some subtleties and challenges in designing this type of schemes. Remarkably, using Xue et al.’s scheme as a case study, we further put forward a principle: public-key techniques are indispensable to passwordbased authentication schemes using non-tamper-resistant smart cards for WSN. We hope that, by following this principle, similar mistakes repeated in the past can be avoided in the future.