A lightweight multi-layer authentication protocol for wireless body area networks

Abstract Nowadays, the technology of Internet of Things (IoT) is getting more and more important which brings a lot of convenience to people’s life and city’s development. As a key application of IoT, wireless body area networks (WBANs) provides people high quality of life and high level of medical service. However, due to the sensitiveness of medical system, security and privacy issues in WBANs are very important. In previous research, there are no comprehensive authentication protocols designed for WBANs according to its characteristics of network structure. In this paper, we propose an efficient multilayer authentication protocol and a secure session key generation method for WBANs. Firstly, we design a one-to-many group authentication protocol and a group key establishment algorithm between personal digital assistance (PDA) and each of sensor nodes with energy efficiency and low computational cost. Then, we present a new certificateless authentication protocol with no pairings based on certificateless cryptography between PDA and application provider (AP), using ECC algorithm that provides low computational cost with high security. In addition, the validation of the proposed protocol can be proved. Finally, the security and performance analysis shows that our protocol is secure and efficient.

[1]  Jin Wang,et al.  A Variable Threshold-Value Authentication Architecture for Wireless Mesh Networks , 2014 .

[2]  Ingrid Moerman,et al.  A survey on wireless body area networks , 2011, Wirel. Networks.

[3]  Jian Shen,et al.  A secure identity-based dynamic group data sharing scheme for cloud computing , 2017 .

[4]  Zhiguang Qin,et al.  Revocable and Scalable Certificateless Remote Authentication Protocol With Anonymity for Wireless Body Area Networks , 2015, IEEE Transactions on Information Forensics and Security.

[5]  Young-Sil Lee,et al.  Secure key management scheme based on ECC algorithm for patient's medical information in healthcare system , 2014, The International Conference on Information Networking 2014 (ICOIN2014).

[6]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[7]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[8]  Xingming Sun,et al.  Achieving Efficient Cloud Search Services: Multi-Keyword Ranked Search over Encrypted Cloud Data Supporting Parallel Computing , 2015, IEICE Trans. Commun..

[9]  Wei Liang,et al.  Cryptanalysis of a dynamic identity‐based remote user authentication scheme with verifiable password update , 2015, Int. J. Commun. Syst..

[10]  Jian Shen,et al.  Identity-based key agreement protocol employing a symmetric balanced incomplete block design , 2012, Journal of Communications and Networks.

[11]  Roozbeh Jafari,et al.  Enabling Effective Programming and Flexible Management of Efficient Body Sensor Network Applications , 2013, IEEE Transactions on Human-Machine Systems.

[12]  Michael Faulkner,et al.  A Survey on Intrabody Communications for Body Area Network Applications , 2013, IEEE Transactions on Biomedical Engineering.

[13]  Sheng Zhong,et al.  IBE-Lite: A Lightweight Identity-Based Cryptography for Body Sensor Networks , 2009, IEEE Transactions on Information Technology in Biomedicine.

[14]  Rabiah Ahmad,et al.  Surveying the Wireless Body Area Network in the realm of wireless communication , 2011, 2011 7th International Conference on Information Assurance and Security (IAS).

[15]  Eun-Jun Yoon,et al.  Robust ID-Based Remote Mutual Authentication with Key Agreement Scheme for Mobile Devices on ECC , 2009, 2009 International Conference on Computational Science and Engineering.

[16]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[17]  Xiong Li,et al.  Applying biometrics to design three-factor remote user authentication scheme with key agreement , 2014, Secur. Commun. Networks.

[18]  Z. Mehmood,et al.  An efficient key agreement with rekeying for secured body sensor networks , 2012, 2012 Second International Conference on Digital Information Processing and Communications (ICDIPC).

[19]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[20]  Sherali Zeadally,et al.  Anonymous Authentication for Wireless Body Area Networks With Provable Security , 2017, IEEE Systems Journal.

[21]  Hu Xiong,et al.  Cost-Effective Scalable and Anonymous Certificateless Remote Authentication Protocol , 2014, IEEE Transactions on Information Forensics and Security.

[22]  Benton H. Calhoun,et al.  Body Area Sensor Networks: Challenges and Opportunities , 2009, Computer.

[23]  Jian Shen,et al.  Enhanced secure sensor association and key management in wireless body area networks , 2015, Journal of Communications and Networks.

[24]  Lu Zhang,et al.  An Efficient and Lightweight Certificateless Authentication Protocol for Wireless Body Area Networks , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[25]  Jin Wang,et al.  An Efficient Verifiably Encrypted Signature from Weil Pairing , 2013 .

[26]  Sachin Tripathi,et al.  Design of Queue-Based Group Key Agreement Protocol Using Elliptic Curve Cryptography , 2015 .

[27]  Abbas Jamalipour,et al.  Wireless Body Area Networks: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[28]  Sherali Zeadally,et al.  Certificateless Public Auditing Scheme for Cloud-Assisted Wireless Body Area Networks , 2018, IEEE Systems Journal.

[29]  Jian Shen,et al.  An Efficient RFID Authentication Protocol Providing Strong Privacy and Security , 2016 .

[30]  J. Martin Leo Manickam,et al.  Public key cryptosystem based security in wireless body area network , 2014, 2014 International Conference on Circuits, Power and Computing Technologies [ICCPCT-2014].

[31]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[32]  Debiao He,et al.  One-to-many authentication for access control in mobile pay-TV systems , 2016, Science China Information Sciences.

[33]  Jian Shen,et al.  A Novel Routing Protocol Providing Good Transmission Reliability in Underwater Sensor Networks , 2015 .

[34]  Xiong Li,et al.  An enhanced smart card based remote user password authentication scheme , 2013, J. Netw. Comput. Appl..

[35]  Sheng Zhong,et al.  Body sensor network security: an identity-based cryptography approach , 2008, WiSec '08.

[36]  Xiaochen Li,et al.  Energy-Efficient Group Key Agreement for Wireless Networks , 2015, IEEE Transactions on Wireless Communications.

[37]  Sung-Woon Lee,et al.  Enhanced novel access control protocol over wireless sensor networks , 2009, IEEE Transactions on Consumer Electronics.

[38]  Jin Li,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2015, IEEE Transactions on Computers.

[39]  Chao Hu,et al.  A Wireless Sensor Network for Pervasive Medical Supervision , 2007, 2007 IEEE International Conference on Integration Technology.

[40]  Kyung Sup Kwak,et al.  Certificateless Remote Anonymous Authentication Schemes for WirelessBody Area Networks , 2014, IEEE Transactions on Parallel and Distributed Systems.

[41]  Athanasios V. Vasilakos,et al.  Body Area Networks: A Survey , 2010, Mob. Networks Appl..

[42]  Ivan Grech,et al.  Body area network for wireless patient monitoring , 2008, IET Commun..

[43]  Qian Wang,et al.  Searchable Encryption over Feature-Rich Data , 2018, IEEE Transactions on Dependable and Secure Computing.

[44]  Qian Wang,et al.  Securing SIFT: Privacy-Preserving Outsourcing Computation of Feature Extractions Over Encrypted Image Data , 2016, IEEE Transactions on Image Processing.

[45]  T. Jebarajan,et al.  Level based Fault Monitoring and Security for Long Range Transmission in WBAN , 2013 .

[46]  Ming Li,et al.  Group Device Pairing based Secure Sensor Association and Key Management for Body Area Networks , 2010, 2010 Proceedings IEEE INFOCOM.