nach oben

Wireless Networks

Erschienen in:

16.08.2022 | Original Paper

A PUF-based anonymous authentication protocol for wireless medical sensor networks

verfasst von: Xiaowei Shao, Yajun Guo, Yimin Guo

Erschienen in: Wireless Networks | Ausgabe 8/2022

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Wireless medical sensor networks (WMSNs) play a major role in remote medical monitoring systems. Generally, in a WMSN, professionals need to obtain real-time physiological data of patients, and these data often encounter various security and privacy issues during the transmission process. Thus, the secure transmission of data is particularly critical. To ensure data security and patient privacy, many authentication schemes have been proposed. However, most of the existing schemes either cannot withstand known attacks (such as privileged-insider attack, desynchronization attack, etc.) or require more communication and computation costs, and are not suitable for resource-constrained WMSNs. Therefore, this paper proposes a new anonymous physically unclonable function (PUF)-based authentication protocol for WMSNs by using PUFs, fuzzy extractor, cryptographic one-way hash functions, and bitwise XOR operations. Formal security analysis under the real-or-random model shows that this scheme is provably secure. And informal security analysis shows that our scheme is secure against various known attacks. At the same time, compared with other existing related schemes, the proposed scheme not only provides more security and functionality features, but also requires less communication (5360 bits) and computation costs (57.047 ms).

Vorheriger Artikel Enhancing diversity of OFDM with joint spread spectrum and subcarrier index modulations

Nächster Artikel Performance improvement of OFDM systems using compressive sensing with group LASSO signal reconstruction algorithm

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Huang, Y.-M., Hsieh, M.-Y., Chao, H.-C., Hung, S.-H., & Park, J. H. (2009). Pervasive, secure access to a hierarchical sensor-based healthcare monitoring architecture in wireless heterogeneous networks. IEEE Journal on Selected Areas in Communications, 27(4), 400–411.CrossRef

Kumar, P., Lee, S.-G., & Lee, H.-J. (2012). E-SAP: Efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors, 12(2), 1625–1647.CrossRef

Son, S., Lee, J., Kim, M., Yu, S., Das, A. K., & Park, Y. (2020). Design of secure authentication protocol for cloud-assisted telecare medical information system using blockchain. IEEE Access, 8, 192177–192191.CrossRef

Chen, F., Tang, Y., Cheng, X., Xie, D., Wang, T., & Zhao, C. (2021). Blockchain-based efficient device authentication protocol for medical cyber-physical systems. Security and Communication Networks, 6, 66.

Garg, N., Wazid, M., Das, A. K., Singh, D. P., Rodrigues, J. J., & Park, Y. (2020). BAKMP-IoMT: Design of blockchain enabled authenticated key management protocol for Internet of medical things deployment. IEEE Access, 8, 95956–95977.CrossRef

Jiang, Q., Ma, J., Yang, C., Ma, X., Shen, J., & Chaudhry, S. A. (2017). Efficient end-to-end authentication protocol for wearable health monitoring systems. Computers & Electrical Engineering, 63, 182–195.CrossRef

Wu, F., Li, X., Xu, L., Kumari, S., Karuppiah, M., & Shen, J. (2017). A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Computers & Electrical Engineering, 63, 168–181.CrossRef

Das, A. K., Pathak, P. H., Chuah, C.-N., & Mohapatra, P. (2016). Uncovering privacy leakage in ble network traffic of wearable fitness trackers. In Proceedings of the 17th international workshop on mobile computing systems and applications (pp. 99–104).

Majumder, S., Mondal, T., & Deen, M. J. (2017). Wearable sensors for remote health monitoring. Sensors, 17(1), 130.CrossRef

10.

Pantelopoulos, A., & Bourbakis, N. G. (2009). A survey on wearable sensor-based systems for health monitoring and prognosis. IEEE Transactions on Systems, Man, and Cybernetics Part C (Applications and Reviews), 40(1), 1–12.CrossRef

11.

Kalid, N., Zaidan, A., Zaidan, B., Salman, O. H., Hashim, M., & Muzammil, H. (2018). Based real time remote health monitoring systems: A review on patients prioritization and related" big data" using body sensors information and communication technology. Journal of Medical Systems, 42(2), 30.CrossRef

12.

Shuwandy, M. L., Zaidan, B., Zaidan, A., & Albahri, A. S. (2019). Sensor-based mHealth authentication for real-time remote healthcare monitoring system: A multilayer systematic review. Journal of Medical Systems, 43(2), 33.CrossRef

13.

Darwish, A., & Hassanien, A. E. (2011). Wearable and implantable wireless sensor network solutions for healthcare monitoring. Sensors, 11(6), 5561–5595.CrossRef

14.

Xu, G., Wang, F., Zhang, M., & Peng, J. (2020). Efficient and provably secure anonymous user authentication scheme for patient monitoring using wireless medical sensor networks. IEEE Access, 8, 47282–47294.CrossRef

15.

Li, X., Peng, J., Obaidat, M. S., Wu, F., Khan, M. K., & Chen, C. (2019). A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems. IEEE Systems Journal, 14(1), 39–50.CrossRef

16.

Srinivas, J., Das, A. K., Kumar, N., & Rodrigues, J. J. (2018). Cloud centric authentication for wearable healthcare monitoring system. IEEE Transactions on Dependable and Secure Computing, 17(5), 942–956.CrossRef

17.

Chen, Y., Ge, Y., Wang, Y., & Zeng, Z. (2019). An improved three-factor user authentication and key agreement scheme for wireless medical sensor networks. IEEE Access, 7, 85440–85451.CrossRef

18.

Ali, R., Pal, A. K., Kumari, S., Sangaiah, A. K., Li, X., & Wu, F. (2018). An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring. Journal of Ambient Intelligence and Humanized Computing, 66, 1–22.

19.

Wu, F., et al. (2018). A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Future Generation Computer Systems, 82, 727–737.CrossRef

20.

Chandrakar, P. (2019). A secure remote user authentication protocol for healthcare monitoring using wireless medical sensor networks. International Journal of Ambient Computing and Intelligence (IJACI), 10(1), 96–116.CrossRef

21.

Far, H. A. N., Bayat, M., Das, A. K., Fotouhi, M., Pournaghi, S. M., & Doostari, M.-A. (2021). LAPTAS: Lightweight anonymous privacy-preserving three-factor authentication scheme for WSN-based IIoT. Wireless Networks, 27(2), 1389–1412.CrossRef

22.

Jiang, Q., Chen, Z., Li, B., Shen, J., Yang, L., & Ma, J. (2018). Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems. Journal of Ambient Intelligence and Humanized Computing, 9(4), 1061–1073.CrossRef

23.

Jiang, Q., Qian, Y., Ma, J., Ma, X., Cheng, Q., & Wei, F. (2019). User centric three-factor authentication protocol for cloud-assisted wearable devices. International Journal of Communication Systems, 32(6), e3900.CrossRef

24.

De Smet, R., Vandervelden, T., Steenhaut, K., & Braeken, A. (2021). Lightweight PUF based authentication scheme for fog architecture. Wireless Networks, 27(2), 947–959.CrossRef

25.

He, D., Kumar, N., Chen, J., Lee, C.-C., Chilamkurti, N., & Yeo, S.-S. (2015). Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Systems, 21(1), 49–60.CrossRef

26.

Li, X., Niu, J., Kumari, S., Liao, J., Liang, W., & Khan, M. K. (2016). A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity. Security and Communication Networks, 9(15), 2643–2655.CrossRef

27.

Das, A. K., Sutrala, A. K., Odelu, V., & Goswami, A. (2017). A secure smartcard-based anonymous user authentication scheme for healthcare applications using wireless medical sensor networks. Wireless Personal Communications, 94(3), 1899–1933.CrossRef

28.

Amin, R., Islam, S. H., Biswas, G., Khan, M. K., & Kumar, N. (2018). A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Generation Computer Systems, 80, 483–495.CrossRef

29.

Shuai, M., Liu, B., Yu, N., & Xiong, L. (2019). Lightweight and secure three-factor authentication scheme for remote patient monitoring using on-body wireless networks. Security and Communication Networks, 6, 66.

30.

Mo, J., Hu, Z., & Lin, Y. (2020). Cryptanalysis and security improvement of two authentication schemes for healthcare systems using wireless medical sensor networks. Security and Communication Networks, 6, 66.

31.

Hayajneh, T., Mohd, B. J., Imran, M., Almashaqbeh, G., & Vasilakos, A. V. (2016). Secure authentication for remote patient monitoring with wireless medical sensor networks. Sensors, 16(4), 424.CrossRef

32.

Mao, D., Zhang, L., Li, X., & Mu, D. (2018). Trusted authority assisted three-factor authentication and key agreement protocol for the implantable medical system. Wireless Communications and Mobile Computing, 6, 66.

33.

Challa, S., et al. (2018). An efficient ECC-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Computers & Electrical Engineering, 69, 534–554.CrossRef

34.

Soni, P., Pal, A. K., & Islam, S. H. (2019). An improved three-factor authentication scheme for patient monitoring using WSN in remote health-care system. Computer Methods and Programs in Biomedicine, 182, 105054.CrossRef

35.

Ji, S., Gui, Z., Zhou, T., Yan, H., & Shen, J. (2018). An efficient and certificateless conditional privacy-preserving authentication scheme for wireless body area networks big data services. IEEE Access, 6, 69603–69611.CrossRef

36.

Xie, Y., Zhang, S., Li, X., Li, Y., & Chai, Y. (2019). Cascp: Efficient and secure certificateless authentication scheme for wireless body area networks with conditional privacy-preserving. Security and Communication Networks, 6, 66.

37.

Kumar, D. A., Mohammad, W., Neeraj, K., Khurram, K. M., Raymond, C.K.-K., & YoungHo, P. (2017). Design of secure and lightweight authentication protocol for wearable devices environment. IEEE Journal of Biomedical and Health Informatics, 6, 66.

38.

Shen, J., Gui, Z., Ji, S., Shen, J., Tan, H., & Tang, Y. (2018). Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. Journal of Network and Computer Applications, 106, 117–123.CrossRef

39.

Gupta, A., Tripathi, M., Shaikh, T. J., & Sharma, A. (2019). A lightweight anonymous user authentication and key establishment scheme for wearable devices. Computer Networks, 149, 29–42.CrossRef

40.

Bringer, J., Chabanne, H., & Icart, T. (2008). Improved privacy of the tree-based hash protocols using physically unclonable function. In International conference on security and cryptography for networks (pp. 77–91). Springer.

41.

Lee, Y. S., Lee, H. J., & Alasaarela, E. (2013). Mutual authentication in wireless body sensor networks (WBSN) based on physical unclonable function (PUF). In 2013 9th International wireless communications and mobile computing conference (IWCMC) (pp. 1314–1318). IEEE.

42.

Aysu, A., Gulcan, E., Moriyama, D., Schaumont, P., & Yung, M. (2015). End-to-end design of a PUF-based privacy preserving authentication protocol. In International workshop on cryptographic hardware and embedded systems (pp. 556–576). Springer.

43.

Gope, P., Lee, J., & Quek, T. Q. (2018). Lightweight and practical anonymous authentication protocol for RFID systems using physically unclonable functions. IEEE Transactions on Information Forensics and Security, 13(11), 2831–2843.CrossRef

44.

Chatterjee, U., et al. (2018). Building PUF based authentication and key exchange protocol for IoT without explicit CRPs in verifier database. IEEE Transactions on Dependable and Secure Computing, 16(3), 424–437.CrossRef

45.

Chatterjee, U., Chakraborty, R. S., & Mukhopadhyay, D. (2017). A PUF-based secure communication protocol for IoT. ACM Transactions on Embedded Computing Systems (TECS), 16(3), 1–25.CrossRef

46.

Gope, P., & Sikdar, B. (2018). Lightweight and privacy-preserving two-factor authentication scheme for IoT devices. IEEE Internet of Things Journal, 6(1), 580–589.CrossRef

47.

Aman, M. N., Basheer, M. H., & Sikdar, B. (2018). Two-factor authentication for IoT with location information. IEEE Internet of Things Journal, 6(2), 3335–3351.CrossRef

48.

Banerjee, S., Odelu, V., Das, A. K., Chattopadhyay, S., Rodrigues, J. J., & Park, Y. (2019). Physically secure lightweight anonymous user authentication protocol for internet of things using physically unclonable functions. IEEE Access, 7, 85627–85644.CrossRef

49.

Aman, M. N., Javaid, U., & Sikdar, B. (2020). A privacy-preserving and scalable authentication protocol for the internet of vehicles. IEEE Internet of Things Journal, 8(2), 1123–1139.CrossRef

50.

Sarkar, P. (2010). A simple and generic construction of authenticated encryption with associated data. ACM Transactions on Information and System Security (TISSEC), 13(4), 1–16.CrossRef

51.

Gope, P., Das, A. K., Kumar, N., & Cheng, Y. (2019). Lightweight and physically secure anonymous mutual authentication protocol for real-time data access in industrial wireless sensor networks. IEEE Transactions on Industrial Informatics, 15(9), 4957–4968.CrossRef

52.

Dodis, Y., Reyzin, L., & Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In International conference on the theory and applications of cryptographic techniques (pp. 523–540). Springer.

53.

Juels, A., & Wattenberg, M. (1999). A fuzzy commitment scheme. In Proceedings of the 6th ACM conference on computer and communications security (pp. 28–36).

54.

Dolev, D., & Yao, A. (1983). On the security of public key protocols. IEEE Transactions on Information Theory, 29(2), 198–208.MathSciNetMATHCrossRef

55.

Canetti, R., & Krawczyk, H. (2002). Universally composable notions of key exchange and secure channels. In International conference on the theory and applications of cryptographic techniques (pp. 337–351). Springer.

56.

Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5), 541–552.MathSciNetMATHCrossRef

57.

Roy, S., Chatterjee, S., Das, A. K., Chattopadhyay, S., Kumar, N., & Vasilakos, A. V. (2017). On the design of provably secure lightweight remote user authentication scheme for mobile cloud computing services. IEEE Access, 5, 25808–25825.CrossRef

58.

Chatterjee, S., Roy, S., Das, A. K., Chattopadhyay, S., Kumar, N., & Vasilakos, A. V. (2016). Secure biometric-based authentication scheme using Chebyshev chaotic map for multi-server environment. IEEE Transactions on Dependable and Secure Computing, 15(5), 824–839.CrossRef

59.

Wazid, M., Das, A. K., Odelu, V., Kumar, N., Conti, M., & Jo, M. (2017). Design of secure user authenticated key management protocol for generic IoT networks. IEEE Internet of Things Journal, 5(1), 269–282. CrossRef

60.

Padmavathy, R., & Rajkumar, M.-N. (2022). Secured cloud communication using lightweight hash authentication with PUF. Computer Systems Science and Engineering, 43(1), 233–243.CrossRef

61.

Chaterjee, U., Mukhopadhyay, D., & Chakraborty, R. S. (2020). 3PAA: A private PUF protocol for anonymous authentication. IEEE Transactions on Information Forensics and Security, 16, 756–769.CrossRef

62.

Gao, Y., Van Dijk, M., Xu, L., et al. (2020). TREVERSE: Trial-and-error lightweight secure reverse authentication with simulatable PUFs. IEEE Transactions on Dependable and Secure Computing, 6, 66.

63.

Qureshi, M. A., & Munir, A. (2021). PUF-RAKE: A PUF-based robust and lightweight authentication and key establishment protocol. IEEE Transactions on Dependable and Secure Computing, 6, 66.

64.

Abdalla, M., Fouque, P.-A., & Pointcheval, D. (2005). Password-based authenticated key exchange in the three-party setting. In International workshop on public key cryptography (pp. 65–84). Springer.

65.

Chang, C.-C., & Le, H.-D. (2015). A provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks. IEEE Transactions on Wireless Communications, 15(1), 357–366.CrossRef

66.

Guo, Y., Zhang, Z., & Guo, Y. (2021). Anonymous authenticated key agreement and group proof protocol for wearable computing. IEEE Transactions on Mobile Computing, 6, 66.

67.

Guo, Y., Zhang, Z., & Guo, Y. (2020). Fog-centric authenticated key agreement scheme without trusted parties. IEEE Systems Journal, 6, 66.

68.

Xie, Q., Wong, D. S., Wang, G., Tan, X., Chen, K., & Fang, L. (2017). Provably secure dynamic ID-based anonymous two-factor authenticated key exchange protocol with extended security model. IEEE Transactions on Information Forensics and Security, 12(6), 1382–1392.CrossRef

69.

Roy, S., Das, A. K., Chatterjee, S., Kumar, N., Chattopadhyay, S., & Rodrigues, J. J. (2018). Provably secure fine-grained data access control over multiple cloud servers in mobile cloud computing based healthcare applications. IEEE Transactions on Industrial Informatics, 15(1), 457–468.CrossRef

70.

Wazid, M., Das, A. K., Kumar, N., & Vasilakos, A. V. (2019). Design of secure key management and user authentication scheme for fog computing services. Future Generation Computer Systems, 91, 475–492.CrossRef

71.

Jia, X., He, D., Kumar, N., & Choo, K.-K.R. (2019). Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Networks, 25(8), 4737–4750.CrossRef

72.

Naoui, S., Elhdhili, M. E., & Saidane, L. A. (2019). Lightweight and secure password based smart home authentication protocol: LSP-SHAP. Journal of Network and Systems Management, 66, 1.

73.

Guo, Y., & Guo, Y. (2021). FogHA: An efficient handover authentication for mobile devices in fog computing. Computers & Security, 66, 102358.CrossRef

74.

Guo, Y., Zhang, Z., & Guo, Y. (2022). SecFHome: Secure remote authentication in fog-enabled smart home environment. Computer Networks, 207, 108818.CrossRef

75.

Shen, J., Chang, S., Shen, J., Liu, Q., & Sun, X. (2018). A lightweight multi-layer authentication protocol for wireless body area networks. Future Generation Computer Systems, 78, 956–963.CrossRef

76.

Shuai, M., Yu, N., Wang, H., & Xiong, L. (2019). Anonymous authentication scheme for smart home environment with provable security. Computers & Security, 86, 132–146.CrossRef

77.

Sikder, A. K., Aksu, H., & Uluagac, A. S. (2019). A context-aware framework for detecting sensor-based threats on smart devices. IEEE Transactions on Mobile Computing, 66, 245–261.

Titel: A PUF-based anonymous authentication protocol for wireless medical sensor networks
verfasst von: Xiaowei Shao
Yajun Guo
Yimin Guo
Publikationsdatum: 16.08.2022
Verlag: Springer US
Erschienen in: Wireless Networks / Ausgabe 8/2022
Print ISSN: 1022-0038
Elektronische ISSN: 1572-8196
DOI: https://doi.org/10.1007/s11276-022-03070-1

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 8/2022

DR-NET: a novel mobile anchor-assisted localization method based on the density of nodes distribution

FEELS: fuzzy based energy efficient and low SAR routing protocol for wireless body area networks

Memetic algorithm applied to topology control optimization of a wireless sensor network

Buffer transference strategy for power control in B5G-ultra-dense wireless cellular networks

Exploiting effects of imperfect-CSI and SIC, and intercell interference on the outage performance of NOMA over shadowed faded channels

Fading-ratio-based selection for massive MIMO systems under line-of-sight propagation