Lightweight and Anonymity-Preserving User Authentication Scheme for IoT-Based Healthcare

Masud, Mehedi; Gaba, Gurjot Singh; Choudhary, Karanjeet; Hossain, M. Shamim; Alhamid, Mohammed F.; Muhammad, Ghulam

doi:10.1109/jiot.2021.3080461

Cited by 141 publications

(137 citation statements)

References 31 publications

Supporting

Mentioning

100

Contrasting

Unclassified

Order By: Relevance

“…In 2021, Masud et al [7] proposed a lightweight user authentication scheme for IoTbased healthcare. They asserted that their scheme can protect against impersonation attacks and replay attacks and provide data privacy and anonymity.…”

Section: Related Workmentioning

confidence: 99%

“…In 2021, Masud et al [7] proposed a lightweight and anonymity-preserving user authentication scheme for IoT-based healthcare environments. Their scheme consists of user registration, sensor node registration, and mutual authentication and key agreement phases.…”

Section: Review Of Masud Et Al's Schemementioning

confidence: 99%

“…In this section, we compare the security features of the proposed scheme with other related schemes [7,[18][19][20]25]. Moreover, we show the communication costs, computation costs, and energy consumption of the proposed scheme.…”

Section: Performancementioning

confidence: 99%

“…We present the security features of the proposed scheme compared with related schemes [7,[18][19][20]25]. In Table 3, we consider various security attacks and functionalities.…”

Section: Security Features Comparisonmentioning

confidence: 99%

“…In 2021, Masud et al [7] proposed a lightweight and anonymity-preserving user authentication scheme for IoT-based healthcare environments. They claimed that their scheme is lightweight and prevents various security attacks (e.g., replay, privileged insider, and impersonation attacks).…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Provably Secure Three-Factor-Based Mutual Authentication Scheme with PUF for Wireless Medical Sensor Networks

Kwon

Park

2021

Sensors

View full text Add to dashboard Cite

Wireless medical sensor networks (WMSNs) are used in remote medical service environments to provide patients with convenient healthcare services. In a WMSN environment, patients wear a device that collects their health information and transmits the information via a gateway. Then, doctors make a diagnosis regarding the patient, utilizing the health information. However, this information can be vulnerable to various security attacks because the information is exchanged via an insecure channel. Therefore, a secure authentication scheme is necessary for WMSNs. In 2021, Masud et al. proposed a lightweight and anonymity-preserving user authentication scheme for healthcare environments. We discover that Masud et al.’s scheme is insecure against offline password guessing, user impersonation, and privileged insider attacks. Furthermore, we find that Masud et al.’s scheme cannot ensure user anonymity. To address the security vulnerabilities of Masud et al.’s scheme, we propose a three-factor-based mutual authentication scheme with a physical unclonable function (PUF). The proposed scheme is secure against various security attacks and provides anonymity, perfect forward secrecy, and mutual authentication utilizing biometrics and PUF. To prove the security features of our scheme, we analyze the scheme using informal analysis, Burrows–Abadi–Needham (BAN) logic, the Real-or-Random (RoR) model, and Automated Verification of Internet Security Protocols and Applications (AVISPA) simulation. Furthermore, we estimate our scheme’s security features, computation costs, communication costs, and energy consumption compared with the other related schemes. Consequently, we demonstrate that our scheme is suitable for WMSNs.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Review Of Masud Et Al's Schemementioning

confidence: 99%

Section: Performancementioning

confidence: 99%

“…We present the security features of the proposed scheme compared with related schemes [7,[18][19][20]25]. In Table 3, we consider various security attacks and functionalities.…”

Section: Security Features Comparisonmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Provably Secure Three-Factor-Based Mutual Authentication Scheme with PUF for Wireless Medical Sensor Networks

Kwon

Park

2021

Sensors

View full text Add to dashboard Cite

show abstract

Continuous lightweight authentication according group priority and key agreement for Internet of Things

Miyanaji

Jabbehdari

Modiri

2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

In the IoT, authentication is challenged by the limited resources of devices. Most existing continuous authentications require plenty of memory and computing. Also, the time interval between static authentications is fixed, and no attention is paid to the importance of their traffic. Therefore, in this article, we propose a lightweight protocol for mutual authentication between nodes and servers in IoT. To this aim, the nodes have been divided into three priority groups, and for the high priority group, a longer time interval is considered. Each group node at the beginning of the time interval performs static authentication and generates tokens. Continuous authentication is performed until the end of the time interval using this token. High‐priority nodes also perform more continuous authentication instead of static authentication. The proposed method provides privacy‐preserving through node anonymity, forward secrecy without using asynchronous encryption, key agreement. It is resistant to eavesdropping, replay, server spoofing, and impersonation attacks. Also, the proposed method has been verified using BAN logic and AVISPA tools. The computation time of the node and server in authentication has been decreased by 16.8% and 8.7%, respectively, compared with reviewing protocols, and the communication cost is 1902 bits.

show abstract

Lightweight and efficient privacy‐preserving mutual authentication scheme to secure Internet of Things‐based smart healthcare

Das

Namasudra

2023

Trans Emerging Tel Tech

View full text Add to dashboard Cite

In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

show abstract

Lightweight and Anonymity-Preserving User Authentication Scheme for IoT-Based Healthcare

Cited by 141 publications

References 31 publications

Provably Secure Three-Factor-Based Mutual Authentication Scheme with PUF for Wireless Medical Sensor Networks

Provably Secure Three-Factor-Based Mutual Authentication Scheme with PUF for Wireless Medical Sensor Networks

Continuous lightweight authentication according group priority and key agreement for Internet of Things

Lightweight and efficient privacy‐preserving mutual authentication scheme to secure Internet of Things‐based smart healthcare

Contact Info

Product

Resources

About