A Provably Secure and Lightweight Patient-Healthcare Authentication Protocol in Wireless Body Area Networks

As an extension of the 4G system, 5G is a new generation of broadband mobile communication with high speed, low latency, and large connection characteristics. It solves the problem of human-to-thing and thing-to-thing communication to meet the needs of intelligent medical devices, automotive networking, smart homes, industrial control, environmental monitoring, and other IoT application needs. This has resulted in new research topics related to wireless body area networks. However, such networks are still subject to significant security and privacy threats. Recently, Fotouhi et al. proposed a lightweight and secure two-factor authentication protocol for wireless body area networks in medical IoT. However, in this study, we demonstrate that their proposed protocol is still vulnerable to sensor-capture attacks and the lack of authentication between users and mobile devices. In addition, we propose a new protocol to overcome the limitations mentioned above. A detailed comparison shows that our proposed protocol is better than the previous protocols in terms of security and performance.

Download Full-text

Comments on “Revocable and Scalable Certificateless Remote Authentication Protocol With Anonymity for Wireless Body Area Networks”

IEEE Transactions on Information Forensics and Security ◽

10.1109/tifs.2018.2871761 ◽

2020 ◽

Vol 15 ◽

pp. 81-82

Author(s):

Kyung-Ah Shim

Keyword(s):

Body Area Networks ◽

Wireless Body Area Networks ◽

Authentication Protocol ◽

Body Area ◽

Remote Authentication

Download Full-text

Privacy-Preserving Authentication Protocol for Wireless Body Area Networks in Healthcare Applications

Healthcare ◽

10.3390/healthcare9091114 ◽

2021 ◽

Vol 9 (9) ◽

pp. 1114

Author(s):

Hyunho Ryu ◽

Hyunsung Kim

Keyword(s):

Healthcare Service ◽

Body Area Networks ◽

Wireless Body Area Networks ◽

Privacy Preserving ◽

Authentication Protocol ◽

Security And Privacy ◽

Body Area ◽

Healthcare Applications ◽

Privacy And Security ◽

Comparison Results

Mobile healthcare service has become increasingly popular thanks to the significant advances in the wireless body area networks (WBANs). It helps medical professionals to collect patient’s healthcare data remotely and provides remote medical diagnosis. Since the health data are privacy-related, they should provide services with privacy-preserving, which should consider security and privacy at the same time. Recently, some lightweight patient healthcare authentication protocols were proposed for WBANs. However, we observed that they are vulnerable to tracing attacks because the patient uses the same identifier in each session, which could leak privacy-related information on the patient. To defeat the weakness, this paper proposes a privacy-preserving authentication protocol for WBANs in healthcare service. The proposed protocol is only based on one-way hash function and with exclusive-or operation, which are lightweight operations than asymmetric cryptosystem operations. We performed two rigorous formal security proofs based on BAN logic and ProVerif tool. Furthermore, comparison results with the relevant protocols show that the proposed protocol achieves more privacy and security features than the other protocols and has suitable efficiency in computational and communicational concerns.

Download Full-text