Security Analysis on a Three-Factor Authentication Scheme of 5G Wireless Sensor Networks for IoT System

To ensure the secure access control mechanisms for the wireless sensor networks (WSN) with a 5G-enabled IoT system, very recently, Sahoo et al. (IEEE Internet of Things Journal, 10(17), pp. 15087-15099, DOI: 10.1109/JIOT.2023.3264565, Sep. 1, 2023) proposed a three-factor-based authentication scheme of 5G WSN for IoT system, and claimed that their scheme can achieve all security properties. However, in this paper, we carefully analyze their scheme and point out that their scheme is vulnerable to user impersonation attacks, sensor node captured attacks, simultaneous impersonation attacks on the gateway and sensor node, and cannot achieve user unlinkability and three-factor secrecy, and an adversary can obtain the encrypted data sent from the sensor node, and can also forge the encrypted data. In addition, we analyze the reasons why their scheme suffers from these attacks and propose the remedial suggestions.