Due to the outbreak of COVID-19, the Internet of Medical Things (IoMT) has enabled the doctors to remotely diagnose the patients, control the medical equipment, and monitor the quarantined patients through their digital devices. Security is a major concern in IoMT because the IoT nodes exchange sensitive information between virtual medical facilities over the vulnerable wireless medium. Hence, the virtual facilities must be protected from adversarial threats through secure sessions. This paper proposes a lightweight and physically secure mutual authentication and secret key establishment protocol that uses Physical Unclonable Functions (PUF) to enable the network devices to verify the doctor's legitimacy (user) and sensor node before establishing a session key. PUF also protects the sensor nodes deployed in an unattended and hostile environment from tampering, cloning, and side-channel attacks. The proposed protocol exhibits all the necessary security properties required to protect the IoMT networks, like authentication, confidentiality, integrity, and anonymity. The formal AVISPA and informal security analysis demonstrate its robustness against attacks like impersonation, replay, a man in the middle, etc. The proposed protocol also consumes fewer resources to operate and is safe from physical attacks, making it more suitable for IoT-enabled medical network applications.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.