Design and Analysis of a Provable Secure Two-Factor Authentication Protocol for Internet of Things

Because sensor nodes are deployed in public areas, these sensors are easy to capture by adversaries. Once a sensor is stolen, the sensitive information stored in it is likely to be exposed. Accordingly, designing a secure authentication protocol should consider this issue. Sadri et al. recently proposed a two-factor authentication protocol with anonymity for wireless sensor networks. Unfortunately, we found that their protocol had a design flaw in the user and sensor authentication phase. Besides, their protocol can not resist stolen smart card attacks, sensor capture attacks, and user impersonation attacks. In addition, their protocol does not provide perfect forward security. This paper proposes a provably secure authentication to overcome these weaknesses and flaws. By comparing the security and performance of the proposed protocol with other related protocols, we find that our work has reasonable computation overhead and better security.