An Improved User Authentication Protocol for Healthcare Services via Wireless Medical Sensor Networks

Khan, Muhammad Khurram; Kumari, Saru

doi:10.1155/2014/347169

Cited by 38 publications

(54 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…But as the identity is a fixed value, a user could be tracked by an adversary. Schemes [29][30][31][32] use a similar method, but all these procedures are prone to suffer from tractability attack.…”

Section: Related Workmentioning

confidence: 99%

“…Thus, only the gateway could learn the identities. As for the shared key between user and sensor, in some schemes, the gateway knows the shared key in schemes [6][7][8][11][12][13][14], while, in some others, the gateway does not know the key, they use Diffie-Hellman (DH) anonymous key agreement protocol to build the shared key [1,2,4,5,9,30]. As we have discussed, the gateway is not allowed to know the shared key in order to prevent a curious gateway from eavesdropping the sensor data.…”

Section: Related Workmentioning

confidence: 99%

“…Traceability means the adversary can track a user or a sensor according to their identities or masked identities like in the scheme [5,10,[29][30][31][32]. Once some fixed information about the identities is used in a scheme, then this scheme could probably be tracked by an adversary.…”

Section: Traceability Protectionmentioning

confidence: 99%

See 2 more Smart Citations

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Chen

Martínez-Ortega

Castillejo

et al. 2017

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

In a wearable sensor-based deployment, sensors are placed over the patient to monitor their body health parameters. Continuous physiological information monitored by wearable sensors helps doctors have a better diagnostic and a suitable treatment. When doctors want to access the patient's sensor data remotely via network, the patient will authenticate the identity of the doctor first, and then they will negotiate a key for further communication. Many lightweight schemes have been proposed to enable a mutual authentication and key establishment between the two parties with the help of a gateway node, but most of these schemes cannot enable identity confidentiality. Besides, the shared key is also known by the gateway, which means the patient's sensor data could be leaked to the gateway. In PriAuth, identities are encrypted to guarantee confidentiality. Additionally, Elliptic Curve Diffie-Hellman (ECDH) key exchange protocol has been adopted to ensure the secrecy of the key, avoiding the gateway access to it. Besides, only hash and XOR computations are adopted because of the computability and power constraints of the wearable sensors. The proposed scheme has been validated by BAN logic and AVISPA, and the results show the scheme has been proven as secure.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Chen

Martínez-Ortega

Castillejo

et al. 2017

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…If so, terminates the session; otherwise proceeds further. 8) Obtains (CIDu*|| Tg*||M*||Tu*) as in (18), computes Au* as in (19) and compares Au* with Au. If the verification holds, the legitimacy of the GW node is successful and hence of U.…”

Section: Introductionmentioning

confidence: 99%

Authentication Protocol for Healthcare Services over Wireless Body Area Networks

Shin¹,

Lee²,

Kim³

2016

IJCCE

View full text Add to dashboard Cite

Ubiquitous healthcare service is one of the major fields of research for wireless body area networks (WBANs). Ensuring complete and a good level of security for such types of WBANs, is not a trivial task. It is practically impossible to deal with all sorts of security threats with a single mechanism. This paper reviews Khan et al.'s authentication protocol for healthcare service over WBANs and shows that it does not provide forward secrecy. Furthermore, this paper proposes a remedy protocol for Khan et al.'s authentication protocol and the previous related protocols. The proposed protocol could be utilized as a basic security building block for healthcare applications based on WBANs.

show abstract

“…When we enjoy online shopping, online game, on line documentation, data exchange, and so forth, identity authentication is a basic protection measure to authenticate the identity of remote users [1]. Since Lamport [2] first protocol was shown in 1981, numerous protocols have been proposed and used in many communication systems [3][4][5][6][7]. In 2000, Hwang and Li [8] proposed a new remote user authentication scheme using smart card based on ElGamal's public key cryptosystem.…”

Section: Introductionmentioning

confidence: 99%

A Lightweight ID Based Authentication and Key Agreement Protocol for Multiserver Architecture

Peng

et al. 2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

There is an increasing demand of an anonymous authentication to secure communications between numerous different network members while preserving privacy for the members. In this study, we address this issue by using an ID based authenticated and key agreement protocol to improve the recent protocol proposed by Xue et al. They claimed that their protocol could resist masquerade and insider attacks. Unfortunately, we find that Xue et al. 's protocol is not only really insecure against masquerade and insider attacks but also vulnerable to off-line password guessing attack. Therefore, a slight modification to their protocol is proposed to improve their shortcomings. Moreover, our protocol does not use timestamps, so it is not required to synchronize the time. As a result, according to our performance and security analyses, we can prove that our proposed protocol can enhance efficiency and improve security in comparison to previous protocols.

show abstract

An Improved User Authentication Protocol for Healthcare Services via Wireless Medical Sensor Networks

Cited by 38 publications

References 23 publications

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

A Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: PriAuth

Authentication Protocol for Healthcare Services over Wireless Body Area Networks

A Lightweight ID Based Authentication and Key Agreement Protocol for Multiserver Architecture

Contact Info

Product

Resources

About