Contents I. Introduction
Wireless sensor networks (WSNs) represent a new computing class comprising large numbers of highly resource-constrained sensor nodes. These nodes are typically embedded in their operating environments, spread over wide geographic areas, and communicated with each other or a base station using a wireless channel [1], [2]. It may be necessary, in many cases, for the base station to either update new security patches or upgrade existing software on these sensor nodes for securing real-world applications. Dynamic program update provides flexibility and convenience as it allows the base station to remotely distribute program updates without the need for manual intervention and/or physical access to the sensor nodes. As a WSN is usually deployed in a harsh environment and susceptible to many security threats, securing the dynamic program update process is (and will continue to be) a major concern. in recent years, several protocols have been proposed for securing the dynamic program update [2], [3], [4]. These protocols successfully introduce a mechanism to help the sensor nodes to verify the authenticity and integrity of the received data. However, the use of digital signatures in these protocols is resource consuming [5]. More recently in 2008, Das and Joshi [5] proposed a new dynamic program update protocol for WSNs using the orthogonality principle, and claimed that their scheme is secure against impersonation attacks. in this paper, however, we demonstrate that the Das-Joshi scheme is vulnerable to an impersonation attack. We then present a possible solution to prevent this attack.
