Notes on "An Effective ECC based User Access Control Scheme with Attribute based Encryption for WSN"
This work identifies security flaws in a prior scheme, which is incremental as it critiques rather than proposes new methods.
The paper analyzes an existing attribute-based authentication scheme for wireless sensor networks, showing it is vulnerable to privileged insider and node capture attacks and has inconsistencies that prevent protocol execution.
The rapid growth of networking and communication technologies results in amalgamation of 'Internet of Things' and 'Wireless sensor networks' to form WSNIT. WSNIT facilitates the WSN to connect dynamically to Internet and exchange the data with the external world. The critical data stored in sensor nodes related to patient health, environment can be accessed by attackers via insecure internet. To counterattack this, there is a demand for data integrity and controlled data access by incorporating a highly secure and light weight authentication schemes. In this context, Santanu et al had proposed an attribute based authentication framework for WSN and discussed on its security strengths. In this paper, we do a thorough analysis on Santanu et al scheme, to show that their scheme is susceptible to privileged insider attack and node capture attack. We also demonstrate that Santanu et al scheme consists of major inconsistencies which restrict the protocol execution.