Cryptanalysis of An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

With the rapid advancement of wireless network technology, usage of WSN in real time applications like military, forest monitoring etc. found increasing. Generally WSN operate in an unattended environment and handles critical data. Authenticating the user trying to access the sensor memory is one of the critical requirements. Many researchers have proposed remote user authentication schemes focusing on various parameters. In 2013, Li et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. Li et al. claimed that their scheme is secure against all major cryptographic attacks and requires less computation cost due to usage of hash function instead encryption operations. Unfortunately, in this paper we will show that their scheme is vulnerable to offline password guessing attack, stolen smart card attack, leakage of password etc. and failure to provide data privacy.