A provably secure password-based anonymous authentication scheme for wireless body area networks

Abstract Wireless body area networks (WBANs) comprise many tiny sensor nodes which are planted in or around a patient’s body. These sensor nodes can collect biomedical data of the patient and transmit these valuable data to a data sink or a personal digital assistant. Later, health care service providers can get access to these data through authorization. The biomedical data are usually personal and privacy. Consequently, data confidentiality and user privacy are primary concerns for WBANs. In order to achieve these goals, we propose an anonymous authentication scheme for WBANs based on low-entropy password and prove its security in the random oracle model. Our scheme enjoys strong anonymity in the sense that only the client knows his identity during the authentication phase of the scheme. Compared with other related proposals, our scheme is efficient in terms of computation. Moreover, the authentication of the client relies on human-rememberable password, which makes our scheme more suitable for applications in WBANs.

[1]  Sherali Zeadally,et al.  Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks , 2017, IEEE Access.

[2]  Naveen K. Chilamkurti,et al.  A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks , 2015, Inf. Sci..

[3]  Jian Shen,et al.  An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks , 2016, J. Netw. Comput. Appl..

[4]  Sandeep K. S. Gupta,et al.  Physiological value-based efficient usable security solutions for body sensor networks , 2010, TOSN.

[5]  Sherali Zeadally,et al.  Anonymous Authentication for Wireless Body Area Networks With Provable Security , 2017, IEEE Systems Journal.

[6]  Xiaodong Liu,et al.  A speculative approach to spatial-temporal efficiency with multi-objective optimization in a heterogeneous cloud environment , 2016, Secur. Commun. Networks.

[7]  Sherali Zeadally,et al.  Authentication protocol for an ambient assisted living system , 2015, IEEE Communications Magazine.

[8]  Ming Li,et al.  BANA: Body Area Network Authentication Exploiting Channel Characteristics , 2013, IEEE J. Sel. Areas Commun..

[9]  Xuexian Hu,et al.  Practical Anonymous Password Authentication and TLS with Anonymous Client Authentication , 2016, CCS.

[10]  Prasant Mohapatra,et al.  Good Neighbor: Ad hoc Pairing of Nearby Wireless Devices by Multiple Antennas , 2011, NDSS.

[11]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[12]  Ping Wang,et al.  Targeted Online Password Guessing: An Underestimated Threat , 2016, CCS.

[13]  Xingming Sun,et al.  Toward Efficient Multi-Keyword Fuzzy Search Over Encrypted Outsourced Data With Accuracy Improvement , 2016, IEEE Transactions on Information Forensics and Security.

[14]  Hao Wang,et al.  A measure system of zero moment point using wearable inertial sensors , 2016, China Communications.

[15]  V. Muthukkumarasamy,et al.  Authenticated Key Establishment Protocols for a Home Health Care System , 2007, 2007 3rd International Conference on Intelligent Sensors, Sensor Networks and Information.

[16]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[17]  Kim-Kwang Raymond Choo,et al.  A Provably-Secure Cross-Domain Handshake Scheme with Symptoms-Matching for Mobile Healthcare Social Network , 2018, IEEE Transactions on Dependable and Secure Computing.

[18]  Chengsheng Yuan,et al.  Fingerprint liveness detection based on multi-scale LPQ and PCA , 2016, China Communications.

[19]  Kyung Sup Kwak,et al.  Certificateless Remote Anonymous Authentication Schemes for WirelessBody Area Networks , 2014, IEEE Transactions on Parallel and Distributed Systems.

[20]  Xingming Sun,et al.  Efficient algorithm for k-barrier coverage based on integer linear programming , 2016, China Communications.

[21]  Mohsen Toorani On Vulnerabilities of the Security Association in the IEEE 802.15.6 Standard , 2015, Financial Cryptography Workshops.

[22]  Ping Wang,et al.  On the Implications of Zipf's Law in Passwords , 2016, ESORICS.

[23]  Prasant Mohapatra,et al.  Non-cryptographic authentication and identification in wireless networks [Security and Privacy in Emerging Wireless Networks] , 2010, IEEE Wireless Communications.

[24]  Minjie Zhang,et al.  A belief propagation-based method for task allocation in open and dynamic cloud environments , 2017, Knowl. Based Syst..

[25]  Zhihua Xia,et al.  A Secure and Dynamic Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data , 2016, IEEE Transactions on Parallel and Distributed Systems.

[26]  Hwajeong Seo,et al.  On Emerging Family of Elliptic Curves to Secure Internet of Things: ECC Comes of Age , 2017, IEEE Transactions on Dependable and Secure Computing.

[27]  Jianfeng Ma,et al.  A privacy preserving three-factor authentication protocol for e-Health clouds , 2016, The Journal of Supercomputing.

[28]  Husen Wang,et al.  Elliptic Curve Cryptography with Efficiently Computable Endomorphisms and Its Hardware Implementations for the Internet of Things , 2017, IEEE Transactions on Computers.

[29]  Ming Li,et al.  Group Device Pairing based Secure Sensor Association and Key Management for Body Area Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[30]  John Keeney,et al.  Multilevel pattern mining architecture for automatic network monitoring in heterogeneous wireless communication networks , 2016, China Communications.