Secure Authentication for Remote Patient Monitoring with Wireless Medical Sensor Networks †

There is broad consensus that remote health monitoring will benefit all stakeholders in the healthcare system and that it has the potential to save billions of dollars. Among the major concerns that are preventing the patients from widely adopting this technology are data privacy and security. Wireless Medical Sensor Networks (MSNs) are the building blocks for remote health monitoring systems. This paper helps to identify the most challenging security issues in the existing authentication protocols for remote patient monitoring and presents a lightweight public-key-based authentication protocol for MSNs. In MSNs, the nodes are classified into sensors that report measurements about the human body and actuators that receive commands from the medical staff and perform actions. Authenticating these commands is a critical security issue, as any alteration may lead to serious consequences. The proposed protocol is based on the Rabin authentication algorithm, which is modified in this paper to improve its signature signing process, making it suitable for delay-sensitive MSN applications. To prove the efficiency of the Rabin algorithm, we implemented the algorithm with different hardware settings using Tmote Sky motes and also programmed the algorithm on an FPGA to evaluate its design and performance. Furthermore, the proposed protocol is implemented and tested using the MIRACL (Multiprecision Integer and Rational Arithmetic C/C++) library. The results show that secure, direct, instant and authenticated commands can be delivered from the medical staff to the MSN nodes.

[1]  Kyung Sup Kwak,et al.  Certificateless Remote Anonymous Authentication Schemes for WirelessBody Area Networks , 2014, IEEE Transactions on Parallel and Distributed Systems.

[2]  Cormac J. Sreenan,et al.  A context aware wireless body area network (BAN) , 2009, 2009 3rd International Conference on Pervasive Computing Technologies for Healthcare.

[3]  Prashant Krishnamurthy,et al.  DeWorm: A Simple Protocol to Detect Wormhole Attacks in Wireless Ad Hoc Networks , 2009, 2009 Third International Conference on Network and System Security.

[4]  Berk Sunar,et al.  Public Key Cryptography in Sensor Networks - Revisited , 2004, ESAS.

[5]  Thaier Hayajneh,et al.  Wavelet-transform steganography: algorithm and hardware implementation , 2013, Int. J. Electron. Secur. Digit. Forensics.

[6]  Bassam Jamil Mohd,et al.  Low power Wallace multiplier design based on wide counters , 2012, Int. J. Circuit Theory Appl..

[7]  H. S. Wolff,et al.  iRun: Horizontal and Vertical Shape of a Region-Based Graph Compression , 2022, Sensors.

[8]  Miodrag Potkonjak,et al.  Toward energy-efficient and distributed mobile health monitoring using parallel offloading , 2013, EMBC.

[9]  Athanasios V. Vasilakos,et al.  ReTrust: Attack-Resistant and Lightweight Trust Management for Medical Sensor Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[10]  Sana Ullah,et al.  An Enhanced WLAN Security System With FPGA Implementation for Multimedia Applications , 2017, IEEE Systems Journal.

[11]  Sungyoung Lee,et al.  An Efficient Mutual Authentication and Access Control Scheme for Wireless Sensor Networks in Healthcare , 2011, J. Networks.

[12]  Ming Li,et al.  Secure ad hoc trust initialization and key management in wireless body area networks , 2013, TOSN.

[13]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[14]  Sana Ullah,et al.  A Hybrid and Secure Priority-Guaranteed MAC Protocol for Wireless Body Area Network , 2014, Int. J. Distributed Sens. Networks.

[15]  Zhenguo Zhao,et al.  An Efficient Anonymous Authentication Scheme for Wireless Body Area Networks Using Elliptic Curve Cryptosystem , 2014, Journal of Medical Systems.

[16]  Peng Ning,et al.  An efficient scheme for authenticating public keys in sensor networks , 2005, MobiHoc '05.

[17]  Athanasios V. Vasilakos,et al.  QoS-Aware Health Monitoring System Using Cloud-Based WBANs , 2014, Journal of Medical Systems.

[18]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[19]  Prashant Krishnamurthy,et al.  Secure Neighborhood Creation in Wireless Ad Hoc Networks using Hop Count Discrepancies , 2012, Mob. Networks Appl..

[20]  Howard M. Heys,et al.  FPGA Implementation and Energy Cost Analysis of Two Light-Weight Involutional Block Ciphers Targeted to Wireless Sensor Networks , 2013, Mob. Networks Appl..

[21]  Ming Li,et al.  BANA: Body Area Network Authentication Exploiting Channel Characteristics , 2013, IEEE J. Sel. Areas Commun..

[22]  Moonseong Kim,et al.  A Provably-Secure ECC-Based Authentication Scheme for Wireless Sensor Networks , 2014, Sensors.

[23]  Thaier Hayajneh,et al.  An energy-efficient and security aware route selection protocol for wireless sensor networks , 2014, Secur. Commun. Networks.

[24]  Rachit Agarwal,et al.  Hardware - Software Implementation of Public-Key Cryptography for Wireless Sensor Networks , 2006 .

[25]  Farid Touati,et al.  U-Healthcare System: State-of-the-Art Review and Challenges , 2013, Journal of Medical Systems.

[26]  P. Brandão Abstracting information on body area networks , 2012 .

[27]  Christof Paar,et al.  Security on FPGAs: State-of-the-art implementations and attacks , 2004, TECS.

[28]  Christof Paar,et al.  Elliptic and hyperelliptic curves on embedded μP , 2004, TECS.

[29]  David Harris,et al.  CMOS VLSI Design: A Circuits and Systems Perspective , 2004 .

[30]  Athanasios V. Vasilakos,et al.  A comparative study of steganography designs based on multiple FPGA platforms , 2016, Int. J. Electron. Secur. Digit. Forensics.

[31]  Athanasios V. Vasilakos,et al.  A survey of wireless technologies coexistence in WBAN: analysis and open research issues , 2014, Wireless Networks.

[32]  Hu Xiong,et al.  Cost-Effective Scalable and Anonymous Certificateless Remote Authentication Protocol , 2014, IEEE Transactions on Information Forensics and Security.

[33]  Prashant Krishnamurthy,et al.  Source - destination obfuscation in wireless ad hocnetworks , 2011, Secur. Commun. Networks.

[34]  Athanasios V. Vasilakos,et al.  Energy model for light-weight block ciphers for WBAN applications , 2014, 2014 4th International Conference on Wireless Mobile Communication and Healthcare - Transforming Healthcare Through Innovations in Mobile and Wireless Technologies (MOBIHEALTH).

[35]  Athanasios V. Vasilakos,et al.  Cloud-assisted body area networks: state-of-the-art and future challenges , 2014, Wirel. Networks.

[36]  Pardeep Kumar,et al.  Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey , 2011, Sensors.

[37]  Prashant Krishnamurthy,et al.  On limited-range strategic/random jamming attacks in wireless ad hoc networks , 2009, 2009 IEEE 34th Conference on Local Computer Networks.

[38]  Ingrid Moerman,et al.  A Comprehensive Survey of Wireless Body Area Networks , 2012, Journal of Medical Systems.

[39]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[40]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[41]  Chonho Lee,et al.  A survey of mobile cloud computing: architecture, applications, and approaches , 2013, Wirel. Commun. Mob. Comput..

[42]  Michael Baentsch,et al.  Remote Client Authentication , 2008, IEEE Security & Privacy.

[43]  Berk Sunar,et al.  State of the art in ultra-low power public key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[44]  Daojing He,et al.  A Novel and Lightweight System to Secure Wireless Medical Sensor Networks , 2014, IEEE Journal of Biomedical and Health Informatics.

[45]  Miodrag Potkonjak,et al.  mHealthMon: Toward Energy-Efficient and Distributed Mobile Health Monitoring Using Parallel Offloading , 2013, 2013 35th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC).

[46]  Xiaofei Wang,et al.  Cloud-enabled wireless body area networks for pervasive healthcare , 2013, IEEE Network.

[47]  Djamal Zeghlache,et al.  A Hybrid Authentication and Key Establishment Scheme for WBAN , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[48]  Ingrid Moerman,et al.  A survey on wireless body area networks , 2011, Wirel. Networks.

[49]  Zhiguang Qin,et al.  Revocable and Scalable Certificateless Remote Authentication Protocol With Anonymity for Wireless Body Area Networks , 2015, IEEE Transactions on Information Forensics and Security.

[50]  Athanasios V. Vasilakos,et al.  Public-Key Authentication for Cloud-based WBANs , 2014, BODYNETS.

[51]  Sheng Zhong,et al.  IBE-Lite: A Lightweight Identity-Based Cryptography for Body Sensor Networks , 2009, IEEE Transactions on Information Technology in Biomedicine.

[52]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[53]  Vicki Almstrum,et al.  Low-cost remote patient monitoring system based on reduced platform computer technology. , 2011, Telemedicine journal and e-health : the official journal of the American Telemedicine Association.

[54]  Thaier Hayajneh,et al.  Optimization and modeling of FPGA implementation of the Katan Cipher , 2015, 2015 6th International Conference on Information and Communication Systems (ICICS).

[55]  Thaier Hayajneh,et al.  Analysis and Modeling of FPGA Implementations of Spatial Steganography Methods , 2014, J. Circuits Syst. Comput..

[56]  Athanasios V. Vasilakos,et al.  A survey on lightweight block ciphers for low-resource devices: Comparative study and open issues , 2015, J. Netw. Comput. Appl..

[57]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[58]  Sana Ullah,et al.  A Green Approach for Selfish Misbehavior Detection in 802.11-Based Wireless Networks , 2015, Mobile Networks and Applications.

[59]  Yuesheng Zhu,et al.  TinyZKP: A Lightweight Authentication Scheme Based on Zero-Knowledge Proof for Wireless Body Area Networks , 2014, Wirel. Pers. Commun..

[60]  Huifang Chen,et al.  A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks , 2015, Sensors.

[61]  Xuemin Shen,et al.  SPS: Secure personal health information sharing with patient-centric access control in cloud computing , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[62]  Andrei V. Gurtov,et al.  An Efficient and Adaptive Mutual Authentication Framework for Heterogeneous Wireless Sensor Network-Based Applications , 2014, Sensors.

[63]  Lan Wang,et al.  Design and Implementation of a Secure Wireless Mote-Based Medical Sensor Network , 2008, Sensors.

[64]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[65]  Hoh Peter In,et al.  A scheme for data confidentiality in Cloud-assisted Wireless Body Area Networks , 2014, Inf. Sci..

[66]  Vlado Handziski,et al.  Experimental Study of the Impact of WLAN Interference on IEEE 802.15.4 Body Area Networks , 2009, EWSN.

[67]  J. M. Peeters,et al.  Key factors influencing the implementation success of a home telecare application , 2012, Int. J. Medical Informatics.

[68]  Prashant Krishnamurthy,et al.  Detecting Malicious Packet Dropping in the Presence of Collisions and Channel Errors in Wireless Ad Hoc Networks , 2009, 2009 IEEE International Conference on Communications.

[69]  Mohammad S. Obaidat,et al.  Design and Analysis of an Enhanced Patient-Server Mutual Authentication Protocol for Telecare Medical Information System , 2015, Journal of Medical Systems.

[70]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[71]  Ming Li,et al.  BANA: Body Area Network Authentication Exploiting Channel Characteristics , 2012, IEEE Journal on Selected Areas in Communications.

[72]  Sye Loong Keoh,et al.  Efficient Group Key Management and Authentication for Body Sensor Networks , 2011, 2011 IEEE International Conference on Communications (ICC).

[73]  Athanasios V. Vasilakos,et al.  ECG-Cryptography and Authentication in Body Area Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[74]  Peris-LopezPedro,et al.  Security and privacy issues in implantable medical devices , 2015 .

[75]  Athanasios V. Vasilakos,et al.  Mobile Cloud Computing: A Survey, State of Art and Future Directions , 2013, Mobile Networks and Applications.

[76]  Hong Liu,et al.  Modeling of WBAN and Cloud Integration for Secure and Reliable Healthcare , 2013, BODYNETS.

[77]  Prashant Krishnamurthy,et al.  SECLOUD: Source and Destination Seclusion Using Clouds for wireless ad hoc networks , 2009, 2009 IEEE Symposium on Computers and Communications.

[78]  Pardeep Kumar,et al.  E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks , 2012, Sensors.