A lightweight anonymous mutual authentication and key agreement scheme for WBAN

Xu, Zisang; Xu, Cheng; Chen, Haixian; Yang, Fang

doi:10.1002/cpe.5295

Cited by 45 publications

(39 citation statements)

References 30 publications

(51 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The several lightweight authentication and key agreement schemes [26]- [28], [30] have been proposed, considering computational costs. Ibrahim et al [27] introduced a "secure and lightweight mutual authentication for WBANs" to provide anonymity and secure mutual authentication.…”

Section: Related Workmentioning

confidence: 99%

“…Li et al [28] designed an anonymous mutual authentica-tion and key agreement scheme for WBANs that guaranteed anonymity and unlinkability for wearable sensors. Xu et al [26] presented a lightweight mutual authentication and key agreement scheme for WBANs and claimed the scheme was secure against various attacks, including manin-the-middle, spoofing, replay, and impersonation attacks. Xu et al [30] subsequently introduced a "lightweight mutual authentication and key agreement scheme for medical IoT".…”

Section: Related Workmentioning

confidence: 99%

“…However, they did not prove their scheme security using the (mathematical) formal security analysis. The above schemes [26]- [28], [30] are all vulnerable to leaking verification table attack because they store sensitive user data in a server database.…”

Section: Related Workmentioning

confidence: 99%

“…We compared the propose scheme performance with contemporary authentication schemes for medical IoT [26], [28], [30], and also compared security features to verify LAKS-NVT offers enhanced secure. more potential attacks than any other scheme, and is secure against leaking verification table attack because user sensitive information is not stored in the server database.…”

Section: Performance Analysismentioning

confidence: 99%

See 3 more Smart Citations

LAKS-NVT: Provably Secure and Lightweight Authentication and Key Agreement Scheme Without Verification Table in Medical Internet of Things

et al. 2020

View full text Add to dashboard Cite

Wireless body area networks (WBANs) and wireless sensor networks (WSNs) are important concepts for the Internet of Things (IoT). They have been applied to various healthcare services to ensure that users can access convenient medical services by exchanging physiological data between user and medical server. User physiological data is collected by sensor nodes and sent to medical service providers, doctors, etc. using public channels. However, these channels are vulnerable to various potential attacks, and hence, it is essential to design provably secure and lightweight mutual authentication (MA) schemes for medical IoT to protect user privacy and achieve secure communication. A lightweight mutual authentication and key agreement (MAKA) scheme was designed in 2019 to guarantee user privacy, but we found that the scheme does not withstand impersonation, stolen senor node and leaking verification table attacks, and it does not also ensure anonymity, untraceability and secure mutual authentication. This paper proposes a provably secure and lightweight MAKA scheme for medical IoT, called LAKS Non-verification table (NVT), that does not require a server verification table. We assess LAKS-NVT's security against various potential attacks and demonstrate that it achieves secure MA between sensor node and server using Burrows-Abadi-Needham logic. We employ the well-known Real-Or-Random which is random oracle model to prove that LAKS-NVT provides a session key security. In addition, the formal security verification using the widely-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) software tool has been performed and the results show that LAKS-NVT is also secure. We compare LAKS-NVT's performance against contemporary authentication schemes, and verify that it achieves better security and comparable efficiency. The practical perspective of LAKS-NVT is also carried out via the Network Simulator 2 (NS2) simulation study.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Performance Analysismentioning

confidence: 99%

See 2 more Smart Citations

LAKS-NVT: Provably Secure and Lightweight Authentication and Key Agreement Scheme Without Verification Table in Medical Internet of Things

et al. 2020

View full text Add to dashboard Cite

show abstract

“…ProVerif is a widely known authentication protocol verification tool that can prove the security of multiple encryption schemes or authentication protocols, such as signature schemes and Diffie–Hellman key exchange algorithms [ 31 , 32 ]. Since each

does not need to communicate with other nodes during the group key generation phase, we use ProVerif to verify the security of the mutual authentication phase of our protocol.…”

Section: Security and Performance Analysismentioning

confidence: 99%

A Blockchain-Based Authentication and Dynamic Group Key Agreement Protocol

Deng

et al. 2020

Sensors

Self Cite

View full text Add to dashboard Cite

With the rapid development of mobile networks, there are more and more application scenarios that require group communication. For example, in mobile edge computing, group communication can be used to transmit messages to all group members with minimal resources. The group key directly affects the security of the group communication. Most existing group key agreement protocols are often flawed in performance, scalability, forward or backward secrecy, or single node failure. Therefore, this paper proposes a blockchain-based authentication and dynamic group key agreement protocol. With our protocol, each group member only needs to authenticate its left neighbor once to complete the authentication, which improved authentication efficiency. In addition, our protocol guarantees the forward secrecy of group members after joining the group and the backward secrecy of group members after leaving the group. Based on blockchain technology, we solve the problem of single node failure. Furthermore, we use mathematics to prove the correctness and security of our protocol, and the comparison to related protocols shows that our protocol reduces computation and communication costs.

show abstract

An efficient hash‐based authentication protocol for wireless sensor networks in Internet of Things applications with forward secrecy

Sadri

Asaar

2021

Int J Communication

View full text Add to dashboard Cite

Wireless sensor networks (WSNs) play an influential role in the advancement of Internet of Things (IoT) because the infrastructure of WSNs consists of lots of sensors, which can be used to collect online data by the users or service providers; however, in the process of collecting the data, the users and service providers have to communicate with the sensors through an unprotected channel, so the confidentiality and integrity of the transmitted messages might be threatened by an adversary. Consequently, several authentication protocols have been proposed to provide a secure authentication process for IoT-based WSNs. In this paper, we analyze Ghani et al.'s protocol and demonstrate that their protocol is vulnerable to user impersonation attack, malicious gateway attack, and traceability attack. Furthermore, it suffers from some design weaknesses. To fix these drawbacks, we propose a new hash-based authentication protocol for IoT-based WSNs. We analyze our protocol with both formal and informal methods to show that our protocol is secure against various known attacks such as sensor and user trace, sensor capture, off-line password guessing, and replay attacks. Finally, we evaluate our protocol in terms of security features and communication and computation costs. The results show that not only the proposed protocol is more secure than other existing protocols but also reduces 60% of the execution time of the user authentication process in comparison with Ghani et al.'s protocol.

show abstract

A lightweight anonymous mutual authentication and key agreement scheme for WBAN

Cited by 45 publications

References 30 publications

LAKS-NVT: Provably Secure and Lightweight Authentication and Key Agreement Scheme Without Verification Table in Medical Internet of Things

LAKS-NVT: Provably Secure and Lightweight Authentication and Key Agreement Scheme Without Verification Table in Medical Internet of Things

A Blockchain-Based Authentication and Dynamic Group Key Agreement Protocol

An efficient hash‐based authentication protocol for wireless sensor networks in Internet of Things applications with forward secrecy

Contact Info

Product

Resources

About