scholarly journals A Secure and Lightweight Three-Factor-Based Authentication Scheme for Smart Healthcare Systems

Sensors ◽  
2020 ◽  
Vol 20 (24) ◽  
pp. 7136
Author(s):  
Jihyeon Ryu ◽  
Dongwoo Kang ◽  
Hakjun Lee ◽  
Hyoungshick Kim ◽  
Dongho Won
Keyword(s):  
User Authentication ◽  
Healthcare Systems ◽  
Authentication Scheme ◽  
Sensitive Information ◽  
Symmetric Encryption ◽  
Healthcare Data ◽  
Smart Healthcare ◽  
Verification Tool ◽  
User Authentication Scheme ◽  
Three Factor

Internet of Things (IoT) technology has recently been integrated with various healthcare devices to monitor patients’ health status and share it with their healthcare practitioners. Since healthcare data often contain personal and sensitive information, healthcare systems must provide a secure user authentication scheme. Recently, Adavoudi-Jolfaei et al. and Sharma and Kalra proposed a lightweight protocol using hash function encryption only for user authentication on wireless sensor systems. In this paper, we found some weaknesses in target schemes. We propose a novel three-factor lightweight user authentication scheme that addresses these weaknesses and verifies the security of the proposed scheme using a formal verification tool called ProVerif. In addition, our proposed scheme outperforms other proposed symmetric encryption-based schemes or elliptic curve-based schemes.

scholarly journals Improvement of Wu et al.'s Three-Factor User Authentication Scheme for Wireless Sensor Networks

2018 ◽  
Author(s):  
Jihyeon Ryu ◽  
Hakjun Lee ◽  
Hyoungshick Kim ◽  
Dongho Won
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
User Authentication ◽  
Security Protocols ◽  
User Anonymity ◽  
Authentication Scheme ◽  
Wireless Sensor ◽  
User Authentication Scheme ◽  
Inherent Nature ◽  
Three Factor

Wireless sensor networks are widely used in many applications such as environmental monitoring, health care, smart grid and surveillance. Many security protocols have been proposed and intensively studied due to the inherent nature of wireless networks. In particular, Wu et al. proposed a promising authentication scheme which is sufficiently robust against various attacks. However, according to our analysis, Wu et al.'s scheme has two serious security weaknesses against malicious outsiders. First, their scheme can lead to user impersonation attacks. Second, user anonymity is not preserved in their scheme. In this paper, we present these vulnerabilities of Wu et al.'s scheme in detail. We also propose a new scheme by fixing such vulnerabilities and improving the performance of the protocol.

scholarly journals A Secure Lightweight Three-Factor Authentication Scheme for IoT in Cloud Computing Environment

Sensors ◽  
2019 ◽  
Vol 19 (16) ◽  
pp. 3598 ◽  
Author(s):  
SungJin Yu ◽  
KiSung Park ◽  
YoungHo Park
Keyword(s):  
Cloud Computing ◽  
Mutual Authentication ◽  
Internet Security ◽  
Authentication Scheme ◽  
Sensitive Information ◽  
Computing Environment ◽  
Session Key ◽  
Cloud Computing Environment ◽  
Smart Healthcare ◽  
Three Factor

With the development of cloud computing and communication technology, users can access the internet of things (IoT) services provided in various environments, including smart home, smart factory, and smart healthcare. However, a user is insecure various types of attacks, because sensitive information is often transmitted via an open channel. Therefore, secure authentication schemes are essential to provide IoT services for legal users. In 2019, Pelaez et al. presented a lightweight IoT-based authentication scheme in cloud computing environment. However, we prove that Pelaez et al.’s scheme cannot prevent various types of attacks such as impersonation, session key disclosure, and replay attacks and cannot provide mutual authentication and anonymity. In this paper, we present a secure and lightweight three-factor authentication scheme for IoT in cloud computing environment to resolve these security problems. The proposed scheme can withstand various attacks and provide secure mutual authentication and anonymity by utilizing secret parameters and biometric. We also show that our scheme achieves secure mutual authentication using Burrows–Abadi–Needham logic analysis. Furthermore, we demonstrate that our scheme resists replay and man-in-the-middle attacks usingthe automated validation of internet security protocols and applications (AVISPA) simulation tool. Finally, we compare the performance and the security features of the proposed scheme with some existing schemes. Consequently, we provide better safety and efficiency than related schemes and the proposed scheme is suitable for practical IoT-based cloud computing environment.

Sign in / Sign up

Export Citation Format

Share Document