AN ENERGY-EFFICIENT RANDOM FINGERPRINT AND VERIFICATION FOR WIRELESS SENSOR NETWORKS AUTHENTICATION PROTOCOLS Youssou Faye 1 , Hervé Guyennet 2 and Pierre Cyrille Héam 2 1 Department of Computer Sciences, University Assane Seck of Ziguinchor, Senegal 2 Department of Computer Sciences, University of Franche Comte, France ABSTRACT Sensor devices are limited resources (memory storage, energy, power computation and transmission), thus providing security mechanisms with lightweight resources is a very challenge in Wireless Sensors Network (WSNs). Recently, we show that, Vaidya and al.’s Improved Robust scheme for Dynamic User Authentication in WSNs is vulnerable to the risk of forgery attacks and Denial-of-Service (DoS) and we have proposed a lightweight solution which is adequate for resource constrained sensor networks. In this paper, we derive from password a much shorter string that could serve as random fingerprint to improve Login and Authentication phase. After having taken note that the security analysis of authentication protocols has already demonstrated through hash function properties and computational complexity, we propose an evaluation by experimenting firstly on the real sensor platform SensLab to measure energy consumption. After, we verify secrecy and authentication properties by the widely accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and validate protocols through simulation based on attacks. KEYWORDS Wireless Sensor Networks, Authentication, Password, Verification of Authentication Protocols 1. INTRODUCTION Wireless Sensors Network are often deployed in hostile environments which make them more vulnerable to various attacks. In this context access control become necessary (Faye, 2011). In WSNs critical applications, network should be protected by preventing unauthorized users from gaining the information. User Authentication is the most basic used solution in traditional networks. Nowadays in WSNs, it has been adequately addressed with sensors limited resources. Many researchers have proposed a number of WSN authentication schemes (Vaidya, 2009), (Faye, 2012), (Wong, 2006), (Das, 2016), (Zhang, 2018), (Li, 2018). Recently, Vaidya and al. proposed an Improved Robust Dynamic User Authentication Scheme for WSNs (Vaidya, 2009). Only four phases are used in this scheme, namely, Registration Phase (RP), Login Phase (LP), Authentication Phase (AP), and Password−changing Phase (PP). In (Faye, 2012), authors shown that Vaidya and al.’s scheme is insecure and cannot prevent from DoS attacks. Hash function properties and computational complexity are generally used in password-based authentication schemes for performance evaluation and security (Kumari, 2015). In this paper, to overcome the challenge of optimizing energy consumption in (Faye, 2012) and all schemes using the same approach during the Login Phase and the Authentication Phase which are the most time-consuming part of transmission, we reduce the bits transmitted by deriving from password a much shorter string that could serve as randomized fingerprinting function to improve LP and AP phases. In the rest of the paper, Section 2 presents related works. The lack of energy reduction in (Faye, 2012). The proposed randomized fingerprinting technique is described in Section 4 and its security is discussed in Section 5. The implementation on SensLAB is done in section 6, and after, a security check and validation with AVISPA are made in section 7. Finally, we conclude the paper in section 8. International Conferences Big Data Analytics, Data Mining and Computational Intelligence 2019; and Theory and Practice in Modern Computing 2019 181