BAKMP-IoMT: Design of Blockchain Enabled Authenticated Key Management Protocol for Internet of Medical Things Deployment

The Internet of Medical Things (IoMT) is a kind of connected infrastructure of smart medical devices along with software applications, health systems and services. These medical devices and applications are connected to healthcare systems through the Internet. The Wi-Fi enabled devices facilitate machine-to-machine communication and link to the cloud platforms for data storage. IoMT has the ability to make accurate diagnoses, with fewer mistakes and lower costs of care. IoMT with smartphone applications permits the patients to exchange their health related confidential and private information to the healthcare experts (i.e., doctors) for the better control of diseases, and also for tracking and preventing chronic illnesses. Due to insecure communication among the entities involved in IoMT, an attacker can tamper with the confidential and private health related information for example an attacker can not only intercept the messages, but can also modify, delete or insert malicious messages during communication. To deal this sensitive issue, we design a novel blockchain enabled authentication key agreement protocol for IoMT environment, called BAKMP-IoMT. BAKMP-IoMT provides secure key management between implantable medical devices and personal servers and between personal servers and cloud servers. The legitimate users can also access the healthcare data from the cloud servers in a secure way. The entire healthcare data is stored in a blockchain maintained by the cloud servers. A detailed formal security including the security verification of BAKMP-IoMT using the widely-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is performed to demonstrate its resilience against the different types of possible attack. The comparison of BAKMP-IoMT with relevant existing schemes is conducted which identifies that the proposed system furnishes better security and functionality, and also needs low communication and computational costs as compared to other schemes. Finally, the simulation of BAKMP-IoMT is conducted to demonstrate its impact on the performance parameters.

[1]  Ping Wang,et al.  Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks , 2014, Ad Hoc Networks.

[2]  Robin Doss,et al.  An Improved Authentication Scheme for Internet of Vehicles Based on Blockchain Technology , 2019, IEEE Access.

[3]  Ashok Kumar Das,et al.  Certificate-Based Anonymous Device Access Control Scheme for IoT Environment , 2019, IEEE Internet of Things Journal.

[4]  Joel J. P. C. Rodrigues,et al.  AKM-IoV: Authenticated Key Management Protocol in Fog Computing-Based Internet of Vehicles Deployment , 2019, IEEE Internet of Things Journal.

[5]  Samiran Chattopadhyay,et al.  Chaotic Map-Based Anonymous User Authentication Scheme With User Biometrics and Fuzzy Extractor for Crowdsourcing Internet of Things , 2018, IEEE Internet of Things Journal.

[6]  Neeraj Kumar,et al.  On the Design of Conditional Privacy Preserving Batch Verification-Based Authentication Scheme for Internet of Vehicles Deployment , 2020, IEEE Transactions on Vehicular Technology.

[7]  Xiong Li,et al.  Provably secure user authentication and key agreement scheme for wireless sensor networks , 2016, Secur. Commun. Networks.

[8]  Zibin Zheng,et al.  Blockchain challenges and opportunities: a survey , 2018, Int. J. Web Grid Serv..

[9]  Athanasios V. Vasilakos,et al.  An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks , 2017, Comput. Electr. Eng..

[10]  Joel J. P. C. Rodrigues,et al.  Cloud Centric Authentication for Wearable Healthcare Monitoring System , 2019, IEEE Transactions on Dependable and Secure Computing.

[11]  Mauro Conti,et al.  Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks , 2018, IEEE Internet of Things Journal.

[12]  Kim-Kwang Raymond Choo,et al.  Expressive CP-ABE Scheme for Mobile Devices in IoT Satisfying Constant-Size Keys and Ciphertexts , 2017, IEEE Access.

[13]  Ashok Kumar Das,et al.  A novel and efficient user access control scheme for wireless body area sensor networks , 2014, J. King Saud Univ. Comput. Inf. Sci..

[14]  Zhang Zhe,et al.  A review on consensus algorithm of blockchain , 2017, 2017 IEEE International Conference on Systems, Man, and Cybernetics (SMC).

[15]  Kirti Kamthe,et al.  Enhanced Three-Factor Security Protocol For Consumer USB Mass Storage Devices , 2017 .

[16]  Yuemin Ding,et al.  Blockchain-based decentralized and secure keyless signature scheme for smart grid , 2019, Energy.

[17]  Hugo Krawczyk,et al.  Universally Composable Notions of Key Exchange and Secure Channels , 2002, EUROCRYPT.

[18]  Xiaohong Zhang,et al.  Consortium Blockchain Based Data Aggregation and Regulation Mechanism for Smart Grid , 2019, IEEE Access.

[19]  Xiong Li,et al.  On the design of a secure user authentication and key agreement scheme for wireless sensor networks , 2017, Concurr. Comput. Pract. Exp..

[20]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[21]  Xiong Li,et al.  Design of an efficient and provably secure anonymity preserving three-factor user authentication and key agreement scheme for TMIS , 2016, Secur. Commun. Networks.

[22]  Ashok Kumar Das,et al.  A Secure User Anonymity-Preserving Three-Factor Remote User Authentication Scheme for the Telecare Medicine Information Systems , 2015, Journal of Medical Systems.

[23]  Neeraj Kumar,et al.  SURVIVOR: A blockchain based edge-as-a-service framework for secure energy trading in SDN-enabled vehicle-to-grid environment , 2019, Comput. Networks.

[24]  Athanasios V. Vasilakos,et al.  Secure Biometric-Based Authentication Scheme Using Chebyshev Chaotic Map for Multi-Server Environment , 2018, IEEE Transactions on Dependable and Secure Computing.

[25]  Mauro Conti,et al.  ECCAuth: A Secure Authentication Protocol for Demand Response Management in a Smart Grid System , 2019, IEEE Transactions on Industrial Informatics.

[26]  Sherali Zeadally,et al.  Authentication protocol for an ambient assisted living system , 2015, IEEE Communications Magazine.

[27]  Athanasios V. Vasilakos,et al.  A Novel Authentication and Key Agreement Scheme for Implantable Medical Devices Deployment , 2018, IEEE Journal of Biomedical and Health Informatics.

[28]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[29]  Eun-Jun Yoon,et al.  Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications , 2017, IEEE Access.

[30]  Joel J. P. C. Rodrigues,et al.  Secure Three-Factor User Authentication Scheme for Renewable-Energy-Based Smart Grid Environment , 2017, IEEE Transactions on Industrial Informatics.

[31]  Debiao He,et al.  DCAP: A Secure and Efficient Decentralized Conditional Anonymous Payment System Based on Blockchain , 2020, IEEE Transactions on Information Forensics and Security.

[32]  Vanga Odelu,et al.  SEAP: Secure and efficient authentication protocol for NFC applications using pseudonyms , 2016, IEEE Transactions on Consumer Electronics.

[33]  Karl Andersson,et al.  A Survey of Blockchain From the Perspectives of Applications, Challenges, and Opportunities , 2019, IEEE Access.

[34]  Kim-Kwang Raymond Choo,et al.  BEST: Blockchain-based secure energy trading in SDN-enabled intelligent transportation system , 2019, Comput. Secur..

[35]  Kim-Kwang Raymond Choo,et al.  Blockchain-based system for secure outsourcing of bilinear pairings , 2020, Inf. Sci..

[36]  Ashok Kumar Das,et al.  Designing secure blockchain-based access control scheme in IoT-enabled Internet of Drones deployment , 2020, Comput. Commun..

[37]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[38]  Willy Susilo,et al.  Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment , 2020, IEEE Transactions on Dependable and Secure Computing.

[39]  David von Oheimb The High-Level Protocol Specification Language HLPSL developed in the EU project AVISPA , 2005 .

[40]  Brad Chase,et al.  Analysis of the XRP Ledger Consensus Protocol , 2018, ArXiv.

[41]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[42]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[43]  Jong Hyuk Park,et al.  Hybrid security protocol for wireless body area networks , 2011, Wirel. Commun. Mob. Comput..

[44]  Vanga Odelu,et al.  Design of Lightweight Authentication and Key Agreement Protocol for Vehicular Ad Hoc Networks , 2017, IEEE Access.

[45]  Xiong Li,et al.  An efficient multi-gateway-based three-factor user authentication and key agreement scheme in hierarchical wireless sensor networks , 2016, Secur. Commun. Networks.

[46]  Athanasios V. Vasilakos,et al.  Biometrics-Based Privacy-Preserving User Authentication Scheme for Cloud-Based Industrial Internet of Things Deployment , 2018, IEEE Internet of Things Journal.

[47]  Damien Sauveron,et al.  New efficient M2C and M2M mutual authentication protocols for IoT-based healthcare applications , 2019, Peer-to-Peer Networking and Applications.

[48]  Ashok Kumar Das,et al.  A dynamic password-based user authentication scheme for hierarchical wireless sensor networks , 2012, J. Netw. Comput. Appl..

[49]  Ashok Kumar Das,et al.  Certificateless-Signcryption-Based Three-Factor User Access Control Scheme for IoT Environment , 2020, IEEE Internet of Things Journal.

[50]  Yi Peng,et al.  Soft consensus cost models for group decision making and economic interpretations , 2019, Eur. J. Oper. Res..

[51]  Xiong Li,et al.  Provably secure three-factor authentication and key agreement scheme for session initiation protocol , 2016, Secur. Commun. Networks.

[52]  Albert Y. Zomaya,et al.  Blockchain for smart communities: Applications, challenges and opportunities , 2019, J. Netw. Comput. Appl..

[53]  Ashok Kumar Das,et al.  An effective group-based key establishment scheme for large-scale wireless sensor networks using bivariate polynomials , 2008, 2008 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE '08).

[54]  Joel J. P. C. Rodrigues,et al.  TCALAS: Temporal Credential-Based Anonymous Lightweight Authentication Scheme for Internet of Drones Environment , 2019, IEEE Transactions on Vehicular Technology.

[55]  Xinyi Huang,et al.  HomeChain: A Blockchain-Based Secure Mutual Authentication System for Smart Homes , 2020, IEEE Internet of Things Journal.

[56]  Sherali Zeadally,et al.  BPAS: Blockchain-Assisted Privacy-Preserving Authentication System for Vehicular Ad Hoc Networks , 2020, IEEE Transactions on Industrial Informatics.