An efficient ECC and fuzzy verifier based user authentication protocol for IoT enabled WSNs

Internet of Things (IoT) enabled Wireless Sensor Networks (WSNs) are spatially distributed sensor devices that monitor physical or environmental conditions, collect data, and transmit it to a central location for analysis. Ensuring integrity and privacy of data while transmitting it from sensors to the data analytics servers is crucial in open network. Numerous mutual authentication schemes have been proposed to address this challenge. Each scheme comes with its own set of advantages and drawbacks. To address the drawbacks in the prevailing schemes, this work presents a strong Two-Factor authentication (2FA) technique designed using Elliptic Curve Cryptography (ECC) and Fuzzy verifier. This approach combines the flexibility of the fuzzy verifier with the cryptographic strength of ECC to create a secure and user-friendly password authentication system to address the long-standing security-usability conflict with computational efficiency. Instead of storing a deterministic hash of the password, the system derives a fuzzy verifier password that includes randomness, makes computationally infeasible to derive. Also, the design tackles the inherent constraints of WSNs, such as their constrained processing resources and susceptibility to different types of attacks. To substantiate the efficacy of our approach, we formally validate its security using the Real-or-Random model. The comparative analysis demonstrates that the proposed scheme achieves a computational cost of 8.9569 ms, which is significantly lower than that of existing schemes. Furthermore, security and functional requirements comparative assessment demonstrates the efficacy and feasibility of our strategy for safeguarding IoT-enabled WSN applications, rendering it a promising solution for implementation in real-world scenario with limited resources.