Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks

With the fast development of wireless communication technologies and semiconductor technologies, the wireless sensor network (WSN) has been widely used in many applications. As an application of the WSN, the wireless medical sensor network (WMSN) could improve health-care quality and has become important in the modern medical system. In the WMSN, physiological data are collected by sensors deployed in the patient’s body and sent to health professionals’ mobile devices through wireless communication. Then health professionals could get the status of the patient anywhere and anytime. The data collected by sensors are very sensitive and important. The leakage of them could compromise the patient’s privacy and their malicious modification could harm the patient’s health. Therefore, both security and privacy are two important issues in WMSNs. Recently, Kumar et al. proposed an efficient authentication protocol for health-care applications using WMSNs and claimed that it could withstand various attacks. However, we find that their protocol is vulnerable to the off-line password guessing attack and the privileged insider attack. We also point out that their protocol cannot provide user anonymity. In this paper, we will propose a robust anonymous authentication protocol for health-care applications using WMSNs. Compared with Kumar et al.’s protocol, the proposed protocol has strong security and computational efficiency. Therefore, it is more suitable for health-care applications using WMSNs.

[1]  Pardeep Kumar,et al.  E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks , 2012, Sensors.

[2]  Juho Kim,et al.  A Security-Performance-Balanced User Authentication Scheme for Wireless Sensor Networks , 2012, Int. J. Distributed Sens. Networks.

[3]  Y. M. Huang,et al.  Pervasive, secure access to a hierarchical sensor-based healthcare monitoring architecture in wireless heterogeneous networks , 2009, IEEE Journal on Selected Areas in Communications.

[4]  Debiao He,et al.  Cryptanalysis and Improvement of a Password-Based Remote User Authentication Scheme without Smart Cards , 2013, Inf. Technol. Control..

[5]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[6]  Chun-Hung Liu,et al.  Enhancement of Two-Factor User Authentication in Wireless Sensor Networks , 2010, 2010 Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[7]  Azzedine Boukerche,et al.  A secure mobile healthcare system using trust-based multicast scheme , 2009, IEEE Journal on Selected Areas in Communications.

[8]  W. Han Weakness of a Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, IACR Cryptol. ePrint Arch..

[9]  Fei Hu,et al.  Privacy-Preserving Telecardiology Sensor Networks: Toward a Low-Cost Portable Wireless Hardware/Software Codesign , 2007, IEEE Transactions on Information Technology in Biomedicine.

[10]  Zhang Rui,et al.  A More Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of medical systems.

[11]  Wei-Kuan Shih,et al.  A Robust Mutual Authentication Protocol for Wireless Sensor Networks , 2010 .

[12]  G. Pekhteryev,et al.  Real-Time and Secure Wireless Health Monitoring , 2008, International journal of telemedicine and applications.

[13]  Peng Gong,et al.  A New User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2013, Int. J. Distributed Sens. Networks.

[14]  Xiaodong Lin,et al.  Sage: a strong privacy-preserving scheme against global eavesdropping for ehealth systems , 2009, IEEE Journal on Selected Areas in Communications.

[15]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[16]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[17]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[18]  Jianhua Chen,et al.  Note on 'Design of improved password authentication and update scheme based on elliptic curve cryptography' , 2012, Math. Comput. Model..

[19]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[20]  Lan Wang,et al.  Design and Implementation of a Secure Wireless Mote-Based Medical Sensor Network , 2008, Sensors.

[21]  Mun-Kyu Lee,et al.  Improvement of Das's Two-Factor Authentication Protocol in Wireless Sensor Networks , 2009, IACR Cryptol. ePrint Arch..

[22]  Debiao He,et al.  Cryptanalysis of a Dynamic ID-Based Remote User Authentication Scheme with Access Control for Multi-Server Environments , 2013, IEICE Trans. Inf. Syst..

[23]  Choong Seon Hong,et al.  Securing U-Healthcare Sensor Networks using Public Key Based Scheme , 2008, 2008 10th International Conference on Advanced Communication Technology.

[24]  Pardeep Kumar,et al.  Secure health monitoring using medical wireless sensor networks , 2010, The 6th International Conference on Networked Computing and Advanced Information Management.

[25]  Muhammad Khurram Khan,et al.  Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’ , 2010, Sensors.

[26]  Sungyoung Lee,et al.  An Efficient Mutual Authentication and Access Control Scheme for Wireless Sensor Networks in Healthcare , 2011, J. Networks.

[27]  Kuan-Lin Chen,et al.  Consistency Analysis of the Duration Parameter Within a Syllable for Mandarin Speech , 2013, Inf. Technol. Control..

[28]  Debiao He,et al.  Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol , 2012, Nonlinear Dynamics.