Cryptanalysis of the Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks

User authentication and key agreement are important secure services required for wireless sensor
networks (WSNs). For this purpose, there have been a large number of proposed authentication and
key agreement scheme for WSNs. Recently in 2017, Jung et al. proposed an efficient and security enhanced
anonymous authentication with key agreement scheme by employing biometrics information
as the third authentication factor. They claimed that their scheme resists on various security attacks
and satisfies basic security requirements. However, in this paper, we reveal security weaknesses of
Jung et al.’s scheme (i.e., insecurity of the secret key of gateway node, session key compromise,
user tracking attack, information leakage attack, and user impersonation attack). We present simple
countermeasures against the security weaknesses we have found.