Privacy-Preserving Mutual Authentication and Key Agreement Scheme for Multi-Server Healthcare System

Abstract: The usage of different technologies and smart devices helps people to get medical services remotely for multiple benefits. Thus, critical and sensitive data is exchanged between a user and a doctor. When health data is transmitted over a common channel, it becomes essential to preserve various privacy and security properties in the system. Further, the number of users for remote services is increasing day-by-day exponentially, and thus, it is not adequate to deal with all users using the one server due to the … Show more

“…Limbasiya et al [9], discussed a hash-based privacy-preserving MAKA protocol for multi-server healthcare applications. The protocol presents an efficient way to directly authenticate U i from S j 's database.…”

“…However, in worst case, even if the group key of a particular group is compromised, communications in other groups will not be affected as the group key is computed based on the unique identifier of the group. Each time a new S j is included in the group, there is no need to share such information with individual U i maintaining one-to-one communication (in contrast to [9,24]). In that case, RC simply broadcasts the updated list s to all registered U i in the group (over public channel).…”

“…In that case, RC simply broadcasts the updated list s to all registered U i in the group (over public channel). In turn, U i simply replaces its old list with the new one without performing any additional computation (in contrast to [9]). Thus, achieving transparent server addition.…”

“…As a result, a large volume of traffic needs to be managed at the application server to fulfill user's demand. In such scenario, the traditional single-server architecture becomes a performance bottleneck due to its limited computation, communication and storage capacity [8,9]. Moreover, the higher energy-efficiency requirements of the emerging 5G technology left the single-server architecture inefficient due to the management and control of heterogeneous network connectivity (including small cells and micro cells) [10][11][12].…”

A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment

“…Limbasiya et al [9], discussed a hash-based privacy-preserving MAKA protocol for multi-server healthcare applications. The protocol presents an efficient way to directly authenticate U i from S j 's database.…”

“…However, in worst case, even if the group key of a particular group is compromised, communications in other groups will not be affected as the group key is computed based on the unique identifier of the group. Each time a new S j is included in the group, there is no need to share such information with individual U i maintaining one-to-one communication (in contrast to [9,24]). In that case, RC simply broadcasts the updated list s to all registered U i in the group (over public channel).…”

“…In that case, RC simply broadcasts the updated list s to all registered U i in the group (over public channel). In turn, U i simply replaces its old list with the new one without performing any additional computation (in contrast to [9]). Thus, achieving transparent server addition.…”

“…As a result, a large volume of traffic needs to be managed at the application server to fulfill user's demand. In such scenario, the traditional single-server architecture becomes a performance bottleneck due to its limited computation, communication and storage capacity [8,9]. Moreover, the higher energy-efficiency requirements of the emerging 5G technology left the single-server architecture inefficient due to the management and control of heterogeneous network connectivity (including small cells and micro cells) [10][11][12].…”

A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment

“…The paper by Limbasiya et al (2021) proposes a novel privacy-preserving mutual authentication and key agreement scheme for multi-server healthcare systems using lightweight cryptography primitives to access medical services remotely through smart devices. Their security analysis shows that the proposed protocol can withstand user impersonation, server impersonation, session key disclosure, stolen smart card, modification, forward secrecy, password guessing, man-in-the-middle, denial of service, replay, and insider attacks.…”

Advances in Secure Knowledge Management in the Artificial Intelligence Era

An Efficient CH Based Authentication and Authorization for Secure EHR Using DF-BCrypt and Hashed Access Structure