A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity

Li, Xiong; Niu, Jianwei; Kumari, Saru; Liao, Junguo; Liang, Wei; Khan, Muhammad Khurram

doi:10.1002/sec.1214

Cited by 134 publications

(168 citation statements)

References 36 publications

(68 reference statements)

Supporting

Mentioning

168

Contrasting

Order By: Relevance

“…Li et al [23] showed that He et al's scheme was under the de-synchronization attack. This attack occurs if there is some inconsistency in a legal users normal authentication process.…”

Section: Discussion Of the De-synchronization Attackmentioning

confidence: 99%

“…This will lead to the failure of subsequent authentication. [23] criticized the password change phase, which is under the de-synchronization attack. We only use their conclusion and omit the phase here.…”

Section: Discussion Of the De-synchronization Attackmentioning

confidence: 99%

“…So He et al presented an improvement. But Li et al[23] pointed out that the improvement has weaknesses such as no password detection and under the de-synchronization attack. Moreover, we find that there are some other disadvantages in He et al's scheme.…”

mentioning

confidence: 99%

See 2 more Smart Citations

An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks

et al. 2015

Self Cite

View full text Add to dashboard Cite

Wireless sensor networks (WSNs) are fast developed and widely used in many applications. One of the most important applications is wireless medical sensor network (WMSN) which makes modern health-care more popular. The doctor can get the patient's physiological data collected by special sensors deployed on or in the patient's body in real time with the mobile devices via the wireless communication channel. The collected data are important and should be confidential. So security measures are considered in the process of communication. Recently, He et al. (Multimed Syst,21(1), 49-60, 2015) proposed a new two-factor authentication scheme for health-care with WMSNs and claimed it to be secure. But we find that it is vulnerable to the off-line guessing attack, the user impersonation attack, and the sensor node capture attack. Moreover, we present an improved scheme to overcome the disadvantages. Through the formal verification with Proverif and the analysis presented by us, our scheme is secure. It is more practical for applications through the comparison between some recent schemes for WMSNs.Keywords Wireless medical sensor network Á Smart card Á The off-line guessing attack Á The sensor capture attack Á Mutual authentication

show abstract

“…Li et al [23] showed that He et al's scheme was under the de-synchronization attack. This attack occurs if there is some inconsistency in a legal users normal authentication process.…”

Section: Discussion Of the De-synchronization Attackmentioning

confidence: 99%

Section: Discussion Of the De-synchronization Attackmentioning

confidence: 99%

See 1 more Smart Citation

An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks

et al. 2015

Self Cite

View full text Add to dashboard Cite

show abstract

“…Besides, it is widely accepted that an adversary has the full control of the channel; that is, A can intercept, delete, modify, resend, and reroute the messages in an open channel [33][34][35]. Furthermore, A may also learn users' passwords via a malicious terminal or extract the parameters from the smart card by side-channel attack, but cannot achieve both [2,27,36].…”

Section: Adversary Modelmentioning

confidence: 99%

A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment

Wang

2018

Security and Communication Networks

View full text Add to dashboard Cite

With the great development of network technology, the multiserver system gets widely used in providing various of services. And the two-factor authentication protocols in multiserver system attract more and more attention. Recently, there are two new schemes for multiserver environment which claimed to be secure against the known attacks. However, after a scrutinization of these two schemes, we found that (1) their description of the adversary's abilities is inaccurate; (2) their schemes suffer from many attacks. Thus, firstly, we corrected their description on the adversary capacities to introduce a widely accepted adversary model and then summarized fourteen security requirements of multiserver based on the works of pioneer contributors. Secondly, we revealed that one of the two schemes fails to preserve forward secrecy and user anonymity and cannot resist stolen-verifier attack and off-line dictionary attack and so forth and also demonstrated that another scheme fails to preserve forward secrecy and user anonymity and is not secure to insider attack and off-line dictionary attack, and so forth. Finally, we designed an enhanced scheme to overcome these identified weaknesses, proved its security via BAN logic and heuristic analysis, and then compared it with other relevant schemes. The comparison results showed the superiority of our scheme.

show abstract

“…However, we find that Shim's proposed improved protocol is unworkable because the signature verification does not hold true. Among various secure protocols in WSNs [3][4][5][6][7][8][9][11][12][13][14][15][16][17][18][19][20][21][22][23][24], most of the published reprogramming protocols [3, 6, 12-14, 16, 18, 20-23] are based on the centralized approach, which assumes the existence of a base station, and only the base station has the authority to reprogram sensor nodes. The centralized approach is not reliable in reality because of inefficiency, weak scalability, and vulnerability to potential attacks along the communication path [24].…”

Section: Introductionmentioning

confidence: 99%

Robust Distributed Reprogramming Protocol of Wireless Sensor Networks for Healthcare Systems

Tsai

2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

With the development of the wireless communication technologies, the wireless sensor networks (WSNs for short) are considered as one of the key research areas in healthcare systems. However, there is sometimes a need for removing bugs or adding new functionalities after WSNs are deployed. Wireless reprogramming is a process for propagating a new code image or relevant commands to sensor nodes in WSNs. In this paper, we propose a robust distributed reprogramming protocol of WSNs for healthcare systems, in which the security requirements are proved to be secure based on the elliptic curve discrete logarithm problem, such as existential unforgeability of signature for code image, authenticity of code image, freshness, and node compromised tolerance.

show abstract

A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity

Cited by 134 publications

References 36 publications

An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks

An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks

A Secure and Anonymous Two-Factor Authentication Protocol in Multiserver Environment

Robust Distributed Reprogramming Protocol of Wireless Sensor Networks for Healthcare Systems

Contact Info

Product

Resources

About