An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring

With the rapid growth of wireless medical sensor networks (WMSNs) based healthcare applications, protecting both the privacy and security from illegitimate users, are major concern issues since patient’s precise information is vital for the proper diagnosis procedure. So, authentication protocol is one of the efficient mechanisms to deal with trustworthy and authentic users. Several authentication protocols have been proposed in WMSNs environment. However, the most of these protocols are so susceptible to security threats and not suitable for practical use. In this article, recently proposed Amin et al.’s authentication scheme is reviewed and some vulnerabilities like off-line password guessing attack, user impersonation attack, known session-key temporary information attack, the revelation of secret parameters, and identity guessing attack are pointed out. To overcome all the above mentioned vulnerabilities, we have proposed an enhanced three-factor based remote user authentication protocol in WMSNs environment. Further, the proposed protocol is validated using Burrows–Abadi–Needham logic and then simulated using Automated Validation of Internet Security Protocols and Applications tool. Moreover, the security analysis ensures that the proposed protocol is well protected from various types of malicious attacks. In addition, the performance evaluation shows better efficiency and suitability of our protocol over other related protocols.

[1]  Jian Shen,et al.  A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server , 2017, Comput. Electr. Eng..

[2]  Jianfeng Ma,et al.  An Efficient Ticket Based Authentication Protocol with Unlinkability for Wireless Access Networks , 2014, Wireless Personal Communications.

[3]  Tian-Fu Lee,et al.  Enhancing the security of password authenticated key agreement protocols based on chaotic maps , 2015, Inf. Sci..

[4]  Muhammad Khurram Khan,et al.  An Improved User Authentication Protocol for Healthcare Services via Wireless Medical Sensor Networks , 2014, Int. J. Distributed Sens. Networks.

[5]  Jianhong Zhang,et al.  A novel authenticated encryption scheme and its extension , 2015, Inf. Sci..

[6]  Yu-Fang Chung,et al.  Secure user authentication scheme for wireless healthcare sensor networks , 2017, Comput. Electr. Eng..

[7]  Hari Om,et al.  An Efficient Two-Factor Remote User Authentication and Session Key Agreement Scheme Using Rabin Cryptosystem , 2017, Arabian Journal for Science and Engineering.

[8]  Hari Om,et al.  Cryptanalysis and Extended Three-Factor Remote User Authentication Scheme in Multi-Server Environment , 2017 .

[9]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[10]  Muhammad Khurram Khan,et al.  A robust and anonymous patient monitoring system using wireless medical sensor networks , 2018, Future Gener. Comput. Syst..

[11]  Jian Shen,et al.  An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment , 2017, J. Netw. Comput. Appl..

[12]  Xiong Li,et al.  Applying biometrics to design three-factor remote user authentication scheme with key agreement , 2014, Secur. Commun. Networks.

[13]  Ping Wang,et al.  Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity , 2015, Inf. Sci..

[14]  Hari Om,et al.  Cryptanalysis and Security Enhancement of Three-Factor Remote User Authentication Scheme for Multi-Server Environment , 2017, Int. J. Bus. Data Commun. Netw..

[15]  Han-Yu Lin,et al.  Provably secure proxy convertible authenticated encryption scheme based on RSA , 2014, Inf. Sci..

[16]  Xiong Li,et al.  Robust three-factor remote user authentication scheme with key agreement for multimedia systems , 2016, Secur. Commun. Networks.

[17]  Arup Kumar Pal,et al.  A Secure and Robust Three-Factor Based Authentication Scheme Using RSA Cryptosystem , 2017, Int. J. Bus. Data Commun. Netw..

[18]  Arup Kumar Pal,et al.  An efficient three factor-based authentication scheme in multiserver environment using ECC , 2018, Int. J. Commun. Syst..

[19]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[20]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[21]  Mauro Conti,et al.  A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring , 2017, Future Gener. Comput. Syst..

[22]  Hari Om,et al.  A Secure Two-Factor Remote User Authentication and Session Key Agreement Scheme , 2016, Int. J. Bus. Data Commun. Netw..

[23]  Xiong Li,et al.  Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards , 2011, J. Netw. Comput. Appl..

[24]  Jianhua Li,et al.  Strongly secure identity-based authenticated key agreement protocols without bilinear pairings , 2016, Inf. Sci..

[25]  Sheikh Iqbal Ahamed,et al.  AnonPri: A secure anonymous private authentication protocol for RFID systems , 2017, Inf. Sci..

[26]  David von Oheimb The High-Level Protocol Specification Language HLPSL developed in the EU project AVISPA , 2005 .

[27]  Arup Kumar Pal,et al.  A Secure Three-Factor Remote User Authentication Scheme Using Elliptic Curve Cryptosystem , 2018 .

[28]  Wei-Kuan Shih,et al.  An efficient anonymous authentication protocol for mobile pay-TV , 2011, J. Netw. Comput. Appl..

[29]  Hari Om,et al.  A secure and robust anonymous three-factor remote user authentication scheme for multi-server environment using ECC , 2017, Comput. Commun..

[30]  Wenfen Liu,et al.  Cryptanalysis and Improvement of a Robust Smart Card Authentication Scheme for Multi-server Architecture , 2014, Wirel. Pers. Commun..

[31]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[32]  Cheng-Chi Lee,et al.  Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks , 2013, Multimedia Systems.

[33]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[34]  Ashok Kumar Das,et al.  Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards , 2011, IET Inf. Secur..

[35]  Xiong Li,et al.  A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments , 2018, J. Netw. Comput. Appl..

[36]  Ping Wang,et al.  Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment , 2015, IEEE Transactions on Dependable and Secure Computing.

[37]  Naveen K. Chilamkurti,et al.  A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks , 2015, Inf. Sci..

[38]  Saru Kumari,et al.  Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems , 2016, Comput. Methods Programs Biomed..

[39]  Hari Om,et al.  Cryptanalysis and improvement of a biometric‐based remote user authentication protocol usable in a multiserver environment , 2017, Trans. Emerg. Telecommun. Technol..

[40]  Pardeep Kumar,et al.  E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks , 2012, Sensors.

[41]  Hari Om,et al.  An extended ECC-based anonymity-preserving 3-factor remote authentication scheme usable in TMIS , 2018, Int. J. Commun. Syst..

[42]  A. K. Pal,et al.  Cryptanalysis and Biometric-Based Enhancement of a Remote User Authentication Scheme for E-Healthcare System , 2018 .

[43]  Muhammad Khurram Khan,et al.  Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks , 2016, Comput. Networks.

[44]  Younghwa An,et al.  Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards , 2012, Journal of biomedicine & biotechnology.

[45]  Xiong Li,et al.  An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks , 2017, Multimedia Systems.

[46]  Lei Zhang,et al.  Certificateless one-pass and two-party authenticated key agreement protocol and its extensions , 2015, Inf. Sci..

[47]  Wei Liang,et al.  A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity , 2016, Secur. Commun. Networks.