Nothing Special   »   [go: up one dir, main page]
Skip to main content

Advertisement

Springer Nature Link
Log in

Secure and Efficient Cloud-based IoT Authenticated Key Agreement scheme for e-Health Wireless Sensor Networks

  • Research Article-Computer Engineering and Computer Science
  • Published:
Arabian Journal for Science and Engineering Aims and scope Submit manuscript

Abstract

With the advancement and innovations in mobile and wireless communication technologies including cloud computing and Internet of Things, the paradigms of dispensing heath-based services have massively transformed. The telecare medical information system (TMIS) or wireless body area networks technology frameworks facilitate patients to remotely receive medical treatment from physicians through the Internet without paying a visit to the hospital. In order to ensure the medical privacy of the patients and the verification of authenticity of all entities in TMIS-based system before exchange of sensitive credentials and diagnosis reports, many TMIS-based authentication protocols have been presented so far; however, there is a still need of more efficient and secure key agreements. Recently, Karthegaveni et al. demonstrated a remote health care monitoring protocol with the use of elliptic curve cryptography crypto-primitives. However, we discover many drawbacks in their protocol including replay attack, denial of service attack, lacking mutual authenticity between the client and server. Moreover, the scheme has several technical limitations. We propose an efficient and secure TMIS-based protocol employing lightweight symmetric key operations. The contributed model is proven by rigorous formal security analysis, while its security features are also validated under automated ProVerif tool. The proposed scheme supports 38% more security features on average than compared schemes. The performance evaluation also depicts that the demonstrated and comparative findings are in the favour of the proposed model.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Sharma, G.; Kalra, S.: A lightweight user authentication scheme for cloud-IoT based healthcare services. Iran. J. Sci. Technol. Trans. Electr. Eng. 43(1), 619–636 (2019)

    Article  Google Scholar 

  2. Kumar, V.; Jangirala, S.; Ahmad, M.: An efficient mutual authentication framework for healthcare system in cloud computing. J. Med. Syst. 42(8), 142 (2018)

    Article  Google Scholar 

  3. Mishra, D.; Srinivas, J.; Mukhopadhyay, S.: A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(10), 1–10 (2014)

    Article  Google Scholar 

  4. Jiang, Q.; Chen, Z.; Ma, J.; Ma, X.; Shen, J.; Wu, D.: Optimized fuzzy commitment based key agreement protocol for wireless body area network. IEEE Trans. Emerg. Top. Comput. (2019). https://doi.org/10.1109/tetc.2019.2949137

    Article  Google Scholar 

  5. Amin, R.; Islam, S.H.; Biswas, G.P.; Khan, M.K.; Kumar, N.: A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Gener. Comput. Syst. 80, 483–495 (2018)

    Article  Google Scholar 

  6. Li, X.; Niu, J.; Kumari, S.; Liao, J.; Liang, W.; Khan, M.K.: A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity. Secur. Commun. Netw. (2015). https://doi.org/10.1002/sec.1214

    Article  Google Scholar 

  7. Irshad, A.; Usman, M.; Ashraf Chaudhry, S.; Naqvi, H.; Shafiq, M.: A provably secure and efficient authenticated key agreement scheme for Energy Internet based Vehicle-to-Grid technology framework. In: IEEE Transactions on Industry applications. https://doi.org/10.1109/tia.2020.2966160

  8. Amin, R.; Biswas, G.P.A.: Secure three-factor user authentication and key agreement protocols for TMIS with user anonymity. J. Med. Syst. 39(8), 1–19 (2015)

    Google Scholar 

  9. Amin, R.; Islam, S.H.; Biswas, G.P.; Khan, M.K.; Kumar, N.: An efficient and practical smart card based anonymity preserving user authentication scheme for TMIS using elliptic curve cryptography. J. Med. Syst. 39(11), 1–18 (2015)

    Google Scholar 

  10. Chang, C.C.; Le, H.D.: A provably secure, efficient and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Trans. Wirel. Commun. 15(1), 357–366 (2016)

    Article  MathSciNet  Google Scholar 

  11. Chaudhry, S.A.; Naqvi, H.; Shon, T.; Sher, M.; Farash, M.S.: Cryptanalysis and improvement of an improved two factor authentication protocol for telecare medical information systems. J. Med. Syst. 39(6), 1–11 (2015)

    Article  Google Scholar 

  12. Islam, S.H.; Khan, M.K.: Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems. J. Med. Syst. 38(10), 1–16 (2014)

    Article  Google Scholar 

  13. Karthigaiveni, M.; Indrani, B.: An efficient two-factor authentication scheme with key agreement for IoT based E-health care application using smart card. J. Ambient Intell. Human. Comput. (2019). https://doi.org/10.1007/s12652-019-01513-w

  14. Kim, H.-S.; Lee, S.-W.; Yoo, K.-Y.: ID-based password authentication scheme using smart cards and fingerprints. ACM SIGOPS Oper. Syst. Rev. 37(4), 32–41 (2003)

    Article  Google Scholar 

  15. Chen, C.M.; Xu, L.; Wu, T.Y.; Li, C.R.: On the security of a chaotic maps-based three-party authenticated key agreement protocol. J. Netw. Intell. 2, 61–65 (2016)

    Google Scholar 

  16. Chen, C.-M.; Xu, L.; Fang, W.; Wu, T.-Y.: A three-party password authenticated key exchange protocol resistant to stolen smart card attacks. Adv. Intell. Inf. Hiding Multimed. Signal Process. 2016, 331–336 (2016)

    Google Scholar 

  17. Li, X.; Niu, J.; Kumari, S.; Khan, M.K.; Liao, J.; Liang, W.: Design and analysis of a chaotic maps-based three-party authenticated key agreement protocol. Nonlinear Dyn. 80(3), 1209–1220 (2015)

    Article  MathSciNet  Google Scholar 

  18. Yeh, H.L.; Chen, T.H.; Shih, W.K.: Robust smart card secured authentication scheme on sip using elliptic curve cryptography. Comput. Stand. Interfaces 36(2), 397–402 (2014)

    Article  Google Scholar 

  19. Xu, X.; Zhu, P.; Wen, Q.; Jin, Z.; Zhang, H.; He, L.: A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine information systems. J. Med. Syst. 38, 9994 (2014)

    Article  Google Scholar 

  20. Alzahrani, B.A.; Irshad, A.; Albeshri, A.; Alsubhi, K.: A Provably secure and lightweight patient-healthcare authentication protocol in wireless body area networks. Wirel. Pers. Commun. (2020). https://doi.org/10.1007/s11277-020-07237-x

  21. Wu, S.; Chen, K.: An efficient key-management scheme for hierarchical access control in e-medicine system. J. Med. Syst. 36(4), 2325–2337 (2012)

    Article  Google Scholar 

  22. Mishra, D.; Mukhopadhyay, S.; Chaturvedi, A.; Kumari, S.; Khan, M.K.: Cryptanalysis and improvement of Yan et al.’s biometricbased authentication scheme for telecare medicine information systems. J. Med. Syst. 38(6), 1–12 (2014)

    Article  Google Scholar 

  23. Li, X.; Wen, Q.; Zhang, H.; Jin, Z.: An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks. Int. J. Netw. Manag. 23(5), 311–324 (2013)

    Article  Google Scholar 

  24. Li, X.; Niu, J.; Khan, M.K.; Liao, J.: An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. (2013). https://doi.org/10.1016/j.jnca.2013.02.034

    Article  Google Scholar 

  25. Zhang, L.; Zhu, S.; Tang, S.: Privacy protection for telecare medicine information systems using a chaotic map-based three-factor authenticated key agreement scheme. IEEE J. Biomed. Health Inf. 21(2), 465–475 (2017)

    Article  Google Scholar 

  26. Tseng, H.R.; Jan, R.H.; Yang, W.: A chaotic maps-based key agreement protocol that preserves user anonymity. In: IEEE International Conference on Communications, ICC09, pp. 1–6, Dresden, Germany (2009)

  27. Niu, Y.J.; Wang, X.Y.: An anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul. 16(4), 1986–1992 (2011)

    Article  MathSciNet  Google Scholar 

  28. Xue, K.P.; Hong, P.L.: Security improvement on an anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul. 17(7), 2969–2977 (2012)

    Article  MathSciNet  Google Scholar 

  29. Xu, X.; Zhu, P.; Wen, Q.; Jin, Z.; Zhang, H.; He, L.: A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine information system. J. Med. Syst. 38(1), 1–7 (2013)

    Google Scholar 

  30. Lu, Y.; Li, L.; Peng, H.; Yang, Y.: An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. J. Med. Syst. 39(3), 1–8 (2015)

    Article  Google Scholar 

  31. Brown, D.: Generic groups, collision resistance, and ECDSA. Des. Codes Crypt. 35(2005), 119–152 (2005)

    Article  MathSciNet  Google Scholar 

  32. Lumini, A.; Loris, N.: An improved Bio-hashing for human authentication. Pattern Recogn. 40(3), 1057–1065 (2007)

    Article  Google Scholar 

  33. Abdalla, M.; Fouque, P.; Pointcheval, D.: Password-based authenticated key exchange in the three-party setting. In: Proceedings of the PKC’05, vol. 3386, pp. 65–84. Lecture Notes in Computer Science, Springer, Interlaken (2005)

  34. Bellare, M.; Rogaway, P.: Entity authentication and key distribution. In: Stinson DR (ed) Advances in Cryptology—CRYPTO’ 93. Lecture notes in computer science, vol. 773, pp. 232–249. Springer, New York (1994)

  35. Dolev, D.; Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    Article  MathSciNet  Google Scholar 

  36. Canetti, R.; Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques, pp. 453–474, Innsbruck, Austria. Springer (2001)

  37. Blanchet, B.; Cheval, V.; Allamigeon, X.; Smyth, B. ProVerif: Cryptographic protocol verifier in the formal model. http://prosecco.gforge.inria.fr/personal/bblanche/proverif/

  38. Amin, R.; Islam, S.H.; Biswas, G.P.; Khan, M.K.; Obaidat, M.S.: Design and analysis of an enhanced patient-server mutual authentication protocol for telecare medical information system. J. Med. Syst. 39(11), 1–20 (2015)

    Google Scholar 

  39. Vijayakumar, P.; Obaidat, M.S.; Azees, M.; Islam, S.H.; Kumar, N.: Efficient and secure anonymous authentication with location privacy for IoT-based WBANs. IEEE Trans. Ind. Inf. 16(4), 2603–2611 (2019)

    Article  Google Scholar 

  40. Irshad, A.; Sher, M.; Nawaz, O.; Chaudhry, S.A.; Khan, I.; Kumari, S.: A secure and provable multi-server authenticated key agreement for TMIS based on Amin et al. scheme. Multimed. Tools Appl. 76(15), 16463–16489 (2017)

    Article  Google Scholar 

  41. Alzahrani, B.A.; Irshad, A.; Alsubhi, K.; Albeshri, A.: A secure and efficient remote patient-monitoring authentication protocol for cloud-IoT. Int. J. Commun. Syst. (2020). https://doi.org/10.1002/dac.4423

Download references

Acknowledgements

This project was funded by the Deanship of Scientific Research (DSR), King Abdulaziz University, Jeddah, under Grant No. (D-142-611-1440). The authors, therefore, gratefully acknowledge the DSR technical and financial support.

Author information

Authors and Affiliations

  1. Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah, Saudi Arabia

    Bander A. Alzahrani

Authors
  1. Bander A. Alzahrani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bander A. Alzahrani.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alzahrani, B.A. Secure and Efficient Cloud-based IoT Authenticated Key Agreement scheme for e-Health Wireless Sensor Networks. Arab J Sci Eng 46, 3017–3032 (2021). https://doi.org/10.1007/s13369-020-04905-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13369-020-04905-9

Keywords

Search

Navigation