Certificateless Authenticated Key Agreement for Decentralized WBANs

Security and privacy of sensitive data are crucial nowadays. Internet of things (IoTs) is emerging and has brought critical security issues. Wireless body networks (WBANs) as one branch of IoTs are vulnerable systems today because they carry sensitive information from implanted and wearable sensors. Authentication and key agreement for WBAN are important to protect its security and privacy. Several authentication and key agreement protocols have been proposed for WBANs. However, many of them are administered by a single server. Addition to that, a malicious key generation center can become a threat to other entities in WBANs, i.e impersonate the user by causing a key escrow problem. In this paper, we propose a certificateless authenticated key agreement (CLAKA) for a decentralized/blockchain WBAN in the first phase. CLAKA has advantage to be designed in a decentralized architecture that is suitable for low computation devices. A security mediated signature (SMC) for blockchain authentication is described in the second phase of our protocol. SMC has advantage in solving public key revocation while maintaining the characteristics of certificateless public key cryptography i.e. solving the key escrow problem. Our protocol can compute a session key between WBAN controller and blockchain node and verify the eligibility of node to collect WBAN data.

[1]  Fagen Li,et al.  Efficient Certificateless Access Control for Wireless Body Area Networks , 2016, IEEE Sensors Journal.

[2]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[3]  Sang-Jae Moon,et al.  How to Solve Key Escrow and Identity Revocation in Identity-Based Encryption Schemes , 2005, ICISS.

[4]  Jian Shen,et al.  A lightweight multi-layer authentication protocol for wireless body area networks , 2018, Future Gener. Comput. Syst..

[5]  Josep Domingo-Ferrer,et al.  Simulatable certificateless two-party authenticated key agreement protocol , 2010, Inf. Sci..

[6]  Xiong Li,et al.  An enhanced 1-round authentication protocol for wireless body area networks with user anonymity , 2017, Comput. Electr. Eng..

[7]  Sherman S. M. Chow,et al.  Security Mediated Certificateless Signatures , 2007, ACNS.

[8]  Sahadeo Padhye,et al.  A pairing‐free certificateless authenticated key agreement protocol , 2012, Int. J. Commun. Syst..

[9]  Athanasios V. Vasilakos,et al.  A Novel Authentication and Key Agreement Scheme for Implantable Medical Devices Deployment , 2018, IEEE Journal of Biomedical and Health Informatics.

[10]  Athanasios V. Vasilakos,et al.  Authenticated key management protocol for cloud-assisted body area sensor networks , 2018, J. Netw. Comput. Appl..

[11]  Jennifer Xu,et al.  Are blockchains immune to all malicious attacks? , 2016 .

[12]  Yong Jin,et al.  Low-Cost and Active Control of Radiation of Wearable Medical Health Device for Wireless Body Area Network , 2019, Journal of Medical Systems.

[13]  Rui Zhang,et al.  A new two-round certificateless authenticated key agreement protocol without bilinear pairings , 2011, Mathematical and computer modelling.

[14]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[15]  Yuhui Zheng,et al.  Efficient Anonymous Authenticated Key Agreement Scheme for Wireless Body Area Networks , 2017, Secur. Commun. Networks.

[16]  Jian Shen,et al.  Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks , 2018, J. Netw. Comput. Appl..

[17]  Fang Liu,et al.  Security and Privacy in the Medical Internet of Things: A Review , 2018, Secur. Commun. Networks.

[18]  Nian-Shing Chen,et al.  Exploring blockchain technology and its potential applications for education , 2018, Smart Learning Environments.

[19]  Xiaotie Deng,et al.  TinyPairing: A Fast and Lightweight Pairing-Based Cryptographic Library for Wireless Sensor Networks , 2010, 2010 IEEE Wireless Communication and Networking Conference.