Nothing Special   »   [go: up one dir, main page]
Skip to main content

Advertisement

Springer Nature Link
Log in

Efficient and Anonymous Authentication Scheme for Wireless Body Area Networks

  • Systems-Level Quality Improvement
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

As a significant part of the Internet of Things (IoT), Wireless Body Area Network (WBAN) has attract much attention in this years. In WBANs, sensors placed in or around the human body collect the sensitive data of the body and transmit it through an open wireless channel in which the messages may be intercepted, modified, etc. Recently, Wang et al. presented a new anonymous authentication scheme for WBANs and claimed that their scheme can solve the security problems in the previous schemes. Unfortunately, we demonstrate that their scheme cannot withstand impersonation attack. Either an adversary or a malicious legal client could impersonate another legal client to the application provider. In this paper, we give the detailed weakness analysis of Wang et al.’s scheme at first. Then we present a novel anonymous authentication scheme for WBANs and prove that it’s secure under a random oracle model. At last, we demonstrate that our presented anonymous authentication scheme for WBANs is more suitable for practical application than Wang et al.’s scheme due to better security and performance. Compared with Wang et al.’s scheme, the computation cost of our scheme in WBANs has reduced by about 31.58 %.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Movassaghi, S., Abolhasan, M., Lipman, J., Smith, D., and Jamalipour, A., Wireless body area networks: A survey. IEEE Commun. Surv. Tutorials 16(3):1658–1686, 2014.

    Article  Google Scholar 

  2. Feng, Z., Liu, C., Guan, X., and Mor, V., China’s rapidly aging population creates policy challenges in shaping a viable long-term care system. Health Aff. 31(12):2764–2773, 2012.

    Article  Google Scholar 

  3. Zimmerman, T. G., Personal area networks: near-field intrabody communication. IBM Syst. J. 35(3.4):609–617, 1996.

    Article  Google Scholar 

  4. IEEE standard for local and metropolitan area networks: Part 15.6:Wireless body area networks. IEEE, 2012.

  5. Wang, C., and Zhang, Y., New authentication scheme for wireless body area networks using the bilinear pairing. J. Med. Syst. 39(11):1–8, 2015.

    Article  Google Scholar 

  6. Li, X., Ma, J., Wang, W., Xiong, Y., and Zhang, J., A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. Math. Comput. Model. 58(1):85–95, 2013.

    Article  Google Scholar 

  7. Li, X., Niu, J., Khan, M. K., and Liao, J., An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. 36(5):1365–1371, 2013.

    Article  Google Scholar 

  8. Li, X., Niu, J., Kumari, S., Liao, J., Liang, W., and Khan, M. K., A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity. Secur. Commun. Netw. 2014. doi:10.1002/sec.1214.

    Google Scholar 

  9. Li, X., Niu, J., Wang, Z., and Chen, C., Applying biometrics to design three‐factor remote user authentication scheme with key agreement. Secur. Commun. Netw. 7(10):1488–1497, 2014.

    Google Scholar 

  10. Rivest, R. L., Shamir, A., and Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2):120–126, 1978.

    Article  Google Scholar 

  11. ElGamal, T., A public key cryptosystem and a signature scheme based on discrete logarithms. Crypto 84:10–18, 1984.

    Google Scholar 

  12. He, D., Kumar, N., Shen, H., and Lee, J., One-to-many authentication for access control in mobile pay-TV systems. Sci. China Inf. Sci. 2015. doi:10.1007/s11432-015-5469-5.

    Google Scholar 

  13. Jia, Z., Zhang, Y., Shao, H., Lin, Y., and Wang, J., A remote user authentication scheme using bilinear pairings and ECC. In: Sixth International Conference on Intelligent Systems Design and Applications, pp. 1091–1094, 2006.

  14. Jiang, C., Li, B., & Xu, H., An efficient scheme for user authentication in wireless sensor networks. In: 21st International Conference on Advanced Information Networking and Applications Workshops, pp. 438–442, 2007.

  15. Liao, Y. P., and Wang, S. S., A secure and efficient scheme of remote user authentication based on bilinear pairings. In: TENCON 2007–2007 I.E. Region 10 Conference (pp. 1–4). IEEE, 2007.

  16. Abi-char, P. E., Mhamed, A., and El-Hassan, B., A fast and secure elliptic curve based authenticated key agreement protocol for low power mobile communications. In Next Generation Mobile Applications, Services and Technologies, 2007. NGMAST’07. The 2007 International Conference on (pp. 235–240). IEEE, 2007.

  17. Chen, Z. G., and Song, X. X., A distributed electronic authentication scheme based on elliptic curve. In: 2007 International Conference on Machine Learning and Cybernetics, pp. 2179–2182, 2007.

  18. Miller, V. S., Use of elliptic curves in cryptography. In: Proceedings of CRYPTO’85. pp. 417–426, 1985.

  19. Koblitz, N., Elliptic curve cryptosystems. Math. Comput. 48(177):203–209, 1987.

    Article  Google Scholar 

  20. Yang, J. H., and Chang, C. C., An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Comput. Secur. 28(3):138–143, 2009.

    Article  Google Scholar 

  21. Cao, X., Zeng, X., Kou, W., and Hu, L., Identity-based anonymous remote authentication for value-added services in mobile networks. IEEE Trans. Veh. Technol. 58(7):3508–3517, 2009.

    Article  Google Scholar 

  22. Huang, X., Xiang, Y., Bertino, E., Zhou, J., and Xu, L., Robust multi-factor authentication for fragile communications. IEEE Trans. Dependable Secure Comput. 11(6):568–581, 2014.

    Article  Google Scholar 

  23. Huang, X., Xiang, Y., Chonka, A., Zhou, J., and Deng, R., A generic framework for three-factor authentication: Preserving security and privacy in distributed systems. IEEE Trans. Parallel Distrib. Syst. 22(8):1390–1397, 2011.

    Article  Google Scholar 

  24. Islam, S. H., and Biswas, G. P., A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J. Syst. Softw. 84(11):1892–1898, 2011.

    Article  Google Scholar 

  25. He, D., Zeadally, S., Kumar, N., and Lee, J., Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J. 2016. doi:10.1109/JSYST.2016.2544805.

    Google Scholar 

  26. Shamir, A., Identity-based cryptosystems and signature schemes. Crypto 84:47–53, 1984.

    Google Scholar 

  27. Liu, J., Zhang, Z., Chen, X., and Kwak, K. S., Certificateless remote anonymous authentication schemes for wireless body area networks. IEEE Trans. Parallel Distrib. Syst. 25(2):332–342, 2014.

    Article  Google Scholar 

  28. Zhao, Z., An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. J. Med. Syst. 38(2):1–7, 2014.

    Article  CAS  Google Scholar 

  29. He, D., Zeadally, S., Xu, B., and Huang, X., An efficient identity-based conditional privacy-preserving authentication scheme for vehicular ad-hoc networks. IEEE Trans. Inf. Forensics Secur. 10(12):1681–2691, 2015.

    Article  Google Scholar 

  30. Tsai, J. L., and Lo, N. W., A privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst. J. 9(3):805–815, 2015.

    Article  Google Scholar 

  31. Shunmuganathan, S., Saravanan, R. D., and Palanichamy, Y., Secure and efficient smart-card-based remote user authentication scheme for multiserver environment. Can. J. Electr. Comput. Eng. 38(1):20–30, 2015.

    Article  Google Scholar 

  32. Li, X., Niu, J., Kumari, S., Liao, J., and Liang, W., An enhancement of a smart card authentication scheme for multi-server architecture. Wirel. Pers. Commun. 80(1):175–192, 2015.

    Article  Google Scholar 

  33. Shi, L., Yuan, J., Yu, S., and Li, M., ASK-BAN: authenticated secret key extraction utilizing channel characteristics for body area networks. In: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks (pp. 155–166). ACM, 2013.

  34. Bellare, M., Pointcheval, D., and Rogaway, P., Authenticated key exchange secure against dictionary attacks. In: Advances in cryptology—EUROCRYPT 2000 (pp. 139–155). Berlin: Springer, 2000.

  35. Choon, J. C., and Cheon, J. H., An identity-based signature from gap Diffie-Hellman groups. In: Public key cryptography—PKC 2003 (pp. 18–30). Berlin: Springer, 2003.

  36. Pointcheval, D., and Stern, J., Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3):361–396, 2000.

    Article  Google Scholar 

  37. Xiong, X., Wong, D. S., & Deng, X., TinyPairing: a fast and lightweight pairing-based cryptographic library for wireless sensor networks. In: Wireless Communications and Networking Conference (WCNC), 2010 I.E. (pp. 1–6). IEEE, 2010.

Download references

Acknowledgments

The authors thank Dr. Jesse M Ehrenfeld and the anonymous reviewer for their valuable comments. This research was supported by the National Natural Science Foundation of China (nos. 61272112, 61472287, 61402339, 61572370), Key project of Natural Science Foundation of Hubei Province (No.2015CFA068), the Project Funded by the Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD) and the Jiangsu Collaborative Innovation Center on Atmospheric Environment and Equipment Technology (CICAEET).

Author information

Authors and Affiliations

  1. State Key Lab of Software Engineering, Wuhan University, Wuhan, China

    Libing Wu & Yubo Zhang

  2. School of Computer Science, Wuhan University, Wuhan, China

    Libing Wu & Yubo Zhang

  3. International School of Software, Wuhan University, Wuhan, China

    Li Li

  4. School of Computer and Software, Nanjing University of Information Science and Technology, Nanjing, China

    Jian Shen

Authors
  1. Libing Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yubo Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Li Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jian Shen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jian Shen.

Ethics declarations

Conflict of Interest

The authors declare that they have no conflict of interest.

Additional information

This article is part of the Topical Collection on Systems-Level Quality Improvement

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wu, L., Zhang, Y., Li, L. et al. Efficient and Anonymous Authentication Scheme for Wireless Body Area Networks. J Med Syst 40, 134 (2016). https://doi.org/10.1007/s10916-016-0491-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-016-0491-8

Keywords

Search

Navigation