Anonymity preserving lightweight authentication protocol for resource-limited wireless sensor networks

Wireless sensor networks have been deployed in areas such as healthcare, military, transportation and home automation to collect data and forward it to remote users for further processing. Since open wireless communication channels are utilized for data transmissions, the exchanged messages are vulnerable to various threats such as eavesdropping and message falsifications. Therefore, many security solutions have been introduced to address these challenges. However, the resource-constrained nature of the sensor nodes makes it inefficient to deploy the conventional security schemes which require long keys for improved security. Therefore, lightweight authentication protocols have been presented. Unfortunately, majority of these schemes are still insecure while others incur relatively higher energy, computation, communication and storage complexities. In this paper, a protocol that deploys only lightweight one-way hashing and exclusive OR operations is presented. Its formal security analysis using Real-or Random (ROR) model demonstrates its capability to uphold the security of the derived session keys. In addition, its semantic security evaluation shows that it offers user privacy, anonymity, untraceability, authentication, session key agreement and key secrecy. Moreover, it is shown to resist attacks such as side-channeling, physical capture, eavesdropping, offline guessing, spoofing, password loss, session key disclosure, forgery and impersonations. In terms of performance, it has relatively lower communication overheads and improves the computation costs and supported security characteristics by 31.56% and 33.33% respectively.