Design of a lightweight and anonymous authenticated key agreement protocol for wireless body area networks

Ostad-Sharif, Arezou; Nikooghadam, Morteza; Abbasinezhad-Mood, Dariush

doi:10.1002/dac.3974

Cited by 30 publications

(18 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“… ROM‐based verification proof This formal security analysis verifies that an adversary may not be able to retrieve crucial secret parameters such as ID i , PW i , V 1 , and session key SK. We adopted the similar procedure to for this analysis as given in previous studies 23,36,37 . The random oracle is defined as follows:…”

Section: Security Analysismentioning

confidence: 99%

“…We adopted the similar procedure to for this analysis as given in previous studies. 23,36,37 The random oracle is defined as follows:…”

Section: Rom-based Verification Proofmentioning

confidence: 99%

“…Chandraker and Om 36 put forward another authentication scheme for TMIS‐based patient health care; however, it was vulnerable to offline‐password guessing and impersonation attack. Sharif et al 37 demonstrated an improved authentication scheme for WBAN; however, it is prone to session‐specific temporary information attack as well as key‐compromise impersonation attack. Later, Kumar et al 38 scheme was presented for patient monitoring for cloud‐based environment; however, it suffers anonymity issues and vulnerable to impersonation and session key attacks.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A secure and efficient remote patient‐monitoring authentication protocol for cloud‐IoT

Alzahrani

Irshad

Alsubhi

et al. 2020

Int J Communication

View full text Add to dashboard Cite

Summary The ongoing Cloud‐IoT (Internet of Things)–based technological advancements have revolutionized the ways in which remote patients could be monitored and provided with health care facilities. The real‐time monitoring of patient's health leads to dispensing the right medical treatment at the right time. The health professionals need to access patients' sensitive data for such monitoring, and if treated with negligence, it could also be used for malevolent objectives by the adversary. Hence, the Cloud‐IoT–based technology gains could only be conferred to the patients and health professionals, if the latter authenticate one another properly. Many authentication protocols are proposed for remote patient health care monitoring, but with limitations. Lately, Sharma and Kalra (DOI: 10.1007/s40998‐018‐0146‐5) present a remote patient‐monitoring authentication scheme based on body sensors. However, we discover that the scheme still bears many drawbacks including stolen smart card attack, session key compromise, and user impersonation attacks. In view of those limitations, we have designed an efficient authentication protocol for remote patient health monitoring that counters all the above‐mentioned drawbacks. Moreover, we prove the security features of our protocol using BAN logic‐based formal security analysis and validate the results in ProVerif automated security tool.

show abstract

Section: Security Analysismentioning

confidence: 99%

“…We adopted the similar procedure to for this analysis as given in previous studies. 23,36,37 The random oracle is defined as follows:…”

Section: Rom-based Verification Proofmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A secure and efficient remote patient‐monitoring authentication protocol for cloud‐IoT

Alzahrani

Irshad

Alsubhi

et al. 2020

Int J Communication

View full text Add to dashboard Cite

show abstract

“…the attacker should not be able to compute earlier sessions keys in case the long term secret or current session key is revealed to the former. Nonetheless, many AKA schemes for WBAN network including few recent schemes [4], [31], [35]- [37], [44] do not comply with the stipulated objectives, since these are prone to many issues such as lacking anonymity, susceptible to impersonation, replay and forgery attacks [50].…”

Section: B Motivation and Contributionmentioning

confidence: 99%

“…The reviewed schemes above although claim to be lightweight, however these are not suitable for perfect WBAN environment due to limited power constraints, and were also bearing many security loopholes. Recently, we came across another efficient WBAN-based authentication protocol [37], nonetheless, we examine that the scheme is susceptible to session-specific ephemeral information attack, key compromise impersonation attack, and master secret compromise leading to session key recovery attack. In this study, we propose an efficient, secure and anonymous WBAN authenticated key agreement scheme which overcomes the pointed limitations in [37].…”

Section: Related Workmentioning

confidence: 99%

An Improved Lightweight Authentication Protocol for Wireless Body Area Networks

et al. 2020

View full text Add to dashboard Cite

The wireless body area networks (WBANs) play a vital role in the state-of-the-art medical systems for remote monitoring and maintaining the health of patients. These WBANs collect the real-time health status of patients using intelligent sensors and submit to servers through internet for being utilized by the medical experts. This communication must be anonymous as well as secure from attackers for reliable dispensation of medical services. In recent years, many authentication protocols for WBAN could be witnessed. In this study, we demonstrate that one of the most recently presented WBAN-based authentication protocol is found to be prone to session-specific temporary information attack, key compromise impersonation as well as session key recovery attacks. Thereafter, we propose an efficient, secure and anonymous WBAN authenticated key agreement scheme addressing the identified concerns in previous scheme. In due course, we assess the performance of contributed scheme informally as well as formally with the use of ProVerif automated tool and random oracle model. The performance findings also indicate that our scheme not only achieves efficiency but offers robust and implementable security features.

show abstract

A secure protocol for patient monitoring in wireless body area networks

Tyagi

Kumari

Gupta

et al. 2023

Concurrency and Computation

View full text Add to dashboard Cite

Recently, an authentication scheme was presented for health-care in IoT for WBANs by Fotouhi et al. Authors asserted their scheme to be free from a number of attacks.Here, we find that Fotouhi et al.'s scheme suffers from insider attack, fails to provide proper authentication and bears inefficient password update phase. Therefore their scheme has security pitfalls that can lead to further security breaches. We remove the weaknesses of Fotouhi et al.'s scheme and hence propose a user authentication scheme for patient care. Our scheme is suitable for providing special care to patients in the healthcare industry. The proposed scheme facilitates health professionals to access the real-time data of patients under treatment for some diseases.It also safeguards the medical staff from catching an infection from the patients by minimizing the need to come in direct contact with the patients. We justify the security of our proposed scheme by applying the random oracle model to it. The proposed scheme is compared with some related works to judge its efficacy over the compared counterparts.

show abstract

Design of a lightweight and anonymous authenticated key agreement protocol for wireless body area networks

Cited by 30 publications

References 45 publications

A secure and efficient remote patient‐monitoring authentication protocol for cloud‐IoT

A secure and efficient remote patient‐monitoring authentication protocol for cloud‐IoT

An Improved Lightweight Authentication Protocol for Wireless Body Area Networks

A secure protocol for patient monitoring in wireless body area networks

Contact Info

Product

Resources

About