Lightweight user authentication scheme for roaming service in GLOMONET with privacy preserving

Kang, Dong-Woo; Lee, Hakjun; Lee, Youngsook; Won, Dongho

doi:10.1371/journal.pone.0247441

Cited by 13 publications

(9 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For security analysis in our scheme, we consider the following attack model [ 20 , 21 , 22 ]: The attacker can extract the data in the device that stores some security parameters. The attacker can access the public communication channel, at which point the attacker can interrupt, return, amend and eliminate or transmit the message.…”

Section: Preliminariesmentioning

confidence: 99%

An Improved Lightweight User Authentication Scheme for the Internet of Medical Things

Kim

Ryu

Lee

et al. 2023

Sensors

Self Cite

View full text Add to dashboard Cite

The Internet of Medical Things (IoMT) is used in the medical ecosystem through medical IoT sensors, such as blood glucose, heart rate, temperature, and pulse sensors. To maintain a secure sensor network and a stable IoMT environment, it is important to protect the medical IoT sensors themselves and the patient medical data they collect from various security threats. Medical IoT sensors attached to the patient’s body must be protected from security threats, such as being controlled by unauthorized persons or transmitting erroneous medical data. In IoMT authentication, it is necessary to be sensitive to the following attack techniques. (1) The offline password guessing attack easily predicts a healthcare administrator’s password offline and allows for easy access to the healthcare worker’s account. (2) Privileged-insider attacks executed through impersonation are an easy way for an attacker to gain access to a healthcare administrator’s environment. Recently, previous research proposed a lightweight and anonymity preserving user authentication scheme for IoT-based healthcare. However, this scheme was vulnerable to offline password guessing, impersonation, and privileged insider attacks. These attacks expose not only the patients’ medical data such as blood pressure, pulse, and body temperature but also the patients’ registration number, phone number, and guardian. To overcome these weaknesses, in the present study we propose an improved lightweight user authentication scheme for the Internet of Medical Things (IoMT). In our scheme, the hash function and XOR operation are used for operation in low-spec healthcare IoT sensor. The automatic cryptographic protocol tool ProVerif confirmed the security of the proposed scheme. Finally, we show that the proposed scheme is more secure than other protocols and that it has 266.48% better performance than schemes that have been previously described in other studies.

show abstract

Section: Preliminariesmentioning

confidence: 99%

An Improved Lightweight User Authentication Scheme for the Internet of Medical Things

Kim

Ryu

Lee

et al. 2023

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…In 2018, Baig et al proposed a new lightweight scheme to solve these issues [24]. However, in [25] have been shown the Baig et al's scheme cannot provide user privacy. They also proposed a new lightweight scheme and claimed their scheme provides user untraceability and privacy and resistance against identity/password guessing attacks.…”

Section: Related Workmentioning

confidence: 99%

“…The time of the hash function i.e. T h is considered to be 0.038 milliseconds using [25]. Comparing AMAPG with its predecessor i.e.…”

Section: Security and Performance Comparisonmentioning

confidence: 99%

See 1 more Smart Citation

AMAPG: Advanced Mobile Authentication Protocol for GLOMONET

et al. 2021

View full text Add to dashboard Cite

show abstract

“…(3) A can obtain the information in the smart card and the information transmitted by the user on the secure channel during the registration process [25]. (4) A can simultaneously obtain the information in the smart card and perform offline password guessing as stated in [26,27]. (5) A can know any two of the user's password, smart card, and biological information.…”

Section: Reat Modelmentioning

confidence: 99%

Improved Secure and Lightweight Authentication Scheme for Next-Generation IoT Infrastructure

Chen

Liu

2021

Security and Communication Networks

View full text Add to dashboard Cite

The Internet of Things (IoT) is a huge network formed by connecting various information sensing devices through the Internet. Although IoT has been popularized in many fields, connected devices can be used only when network security is guaranteed. Recently, Rana et al. proposed a secure and lightweight authentication protocol for the next-generation IoT infrastructure. They claim that their protocol can resist major security attacks. However, in this study, we prove that their protocol is still vulnerable to offline password guessing attacks and privilege internal attacks. In order to solve these shortcomings, we propose an improved protocol, which is proved to be secure by formal and informal analysis. In addition, after comparing the time and memory consumption with other protocols, we find that our protocol has more advantages.

show abstract

Lightweight user authentication scheme for roaming service in GLOMONET with privacy preserving

Cited by 13 publications

References 34 publications

An Improved Lightweight User Authentication Scheme for the Internet of Medical Things

An Improved Lightweight User Authentication Scheme for the Internet of Medical Things

AMAPG: Advanced Mobile Authentication Protocol for GLOMONET

Improved Secure and Lightweight Authentication Scheme for Next-Generation IoT Infrastructure

Contact Info

Product

Resources

About