A lightweight mutual authentication and key agreement protocol for remote surgery application in Tactile Internet environment (original) (raw)
Related papers
A Lightweight Mutual Authentication and Key Agreement Scheme for Medical Internet of Things
IEEE Access, 2019
Wireless body area networks play an indispensable role in the medical Internet of Things. It is a network of several wearables or implantable devices that use wireless technologies to communicate. These devices usually collect the wearer's physiological data and send it to the server. Some health care providers can access the server over the network and provide medical care to the wearer. Due to the openness and mobility of the wireless network, the adversary can easily steal and forge information, which exchanged in the communication channel that leaks wearer's privacy. Therefore, a secure and reliable authentication scheme is essential. Most of the existing authentication schemes are based on asymmetric encryption. However, since the sensor devices in wireless body area networks are typically resource-constrained devices, their computing resources cannot afford to use asymmetric encryption. In addition, most of the existing lightweight authentication schemes have various security vulnerabilities, especially the lack of forwarding secrecy. Therefore, we propose a secure lightweight authentication scheme for the wireless body area networks. With this scheme, forward secrecy can be guaranteed without using asymmetric encryption. We use the automatic security verification tool ProVerif to verify the security of our scheme and analyze informal security. The experimental results and the theoretical analysis indicate that our scheme significantly reduces the computational cost compared with the schemes using asymmetric encryption and that it has a lower security risk compared with the lightweight schemes. INDEX TERMS Authentication, IoT, security, wireless body area network.
Secure Lightweight Authentication and Key Agreement for Wireless Body Area Networks
Wireless Body Area Networks (WBANs) are rapidly evolving research field for patients' health monitoring and immediate medical response. In WBANs, tiny biosensor nodes deployed on body sense physiological data of patients and transmit it to Medical Server (MS) via Base Station (BS) for utilization by the Medical Officers (MOs). The security of human physiological data during dissemination in WBANs is of prime importance. In this paper we have proposed a light weight secure authentication and key agreement scheme which has three phases. In first phase we use encrypted í µí±í µí±í µí±í µí±í µí± for secure node authentication and key agreement, a shortened form of hash " compressed hash (í µí° ¶ℎí µí±í µí± ℎ) " is used for the integrity of critical data packets. In second phase only critical data packets are transmitted instead of transmitting all sensed data. In third phase, updating round wise session keys maintain forward and backward secrecy. Patient Sensor Tracking (PST) feature of our scheme enhance physical security. Our solution is 43.75% efficient in communication cost and 28.27% in energy overhead as compare to other existing schemes, while satisfying all basic security parameters (authentication, confidentiality, integrity) and shields WBANs from the attacks of the adversaries with minimal communication overhead, computational cost, and energy overhead.
IEEE Access, 2020
Wireless body area networks (WBANs) and wireless sensor networks (WSNs) are important concepts for the Internet of Things (IoT). They have been applied to various healthcare services to ensure that users can access convenient medical services by exchanging physiological data between user and medical server. User physiological data is collected by sensor nodes and sent to medical service providers, doctors, etc. using public channels. However, these channels are vulnerable to various potential attacks, and hence, it is essential to design provably secure and lightweight mutual authentication (MA) schemes for medical IoT to protect user privacy and achieve secure communication. A lightweight mutual authentication and key agreement (MAKA) scheme was designed in 2019 to guarantee user privacy, but we found that the scheme does not withstand impersonation, stolen senor node and leaking verification table attacks, and it does not also ensure anonymity, untraceability and secure mutual authentication. This paper proposes a provably secure and lightweight MAKA scheme for medical IoT, called LAKS Non-verification table (NVT), that does not require a server verification table. We assess LAKS-NVT's security against various potential attacks and demonstrate that it achieves secure MA between sensor node and server using Burrows-Abadi-Needham logic. We employ the well-known Real-Or-Random which is random oracle model to prove that LAKS-NVT provides a session key security. In addition, the formal security verification using the widely-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) software tool has been performed and the results show that LAKS-NVT is also secure. We compare LAKS-NVT's performance against contemporary authentication schemes, and verify that it achieves better security and comparable efficiency. The practical perspective of LAKS-NVT is also carried out via the Network Simulator 2 (NS2) simulation study. INDEX TERMS Authentication, key agreement, medical Internet of Things, NS2 simulation, ROR model, session key security. I. INTRODUCTION A. BACKGROUND AND MOTIVATION Recent information and communication (ICT) and embedded technology advances have facilitated the emerging internet The associate editor coordinating the review of this manuscript and approving it for publication was Lorenzo Mucchi .
International Journal of Electrical and Computer Engineering (IJECE), 2023
Wireless body area networks (WBANs) have lately been combined with different healthcare equipment to monitor patients' health status and communicate information with their healthcare practitioners. Since healthcare data often contain personal and sensitive information, it is important that healthcare systems have a secure way for users to log in and access resources and services. The lack of security and presence of anonymous communication in WBANs can cause their operational failure. There are other systems in this area, but they are vulnerable to offline identity guessing attacks, impersonation attacks in sensor nodes, and spoofing attacks in hub node. Therefore, this study provides a secure approach that overcomes these issues while maintaining comparable efficiency in wireless sensor nodes and mobile phones. To conduct the proof of security, the proposed scheme uses the Scyther tool for formal analysis and the Canetti-Krawczyk (CK) model for informal analysis. Furthermore, the suggested technique outperforms the existing symmetric and asymmetric encryption-based schemes.
Provably secure certificateless protocol for wireless body area network
Wireless Networks
Wireless body area networks are gaining popularity due to their innovative applications such as timely analysis, remote monitoring of patients' health, and high patient care quality. However, these healthcare systems that carry patient's physiological data need special attention for the security and privacy of information. Due to the openness of transmitted data, the healthcare system gets prone to several adverse attacks. In this paper, a provably secure remote healthcare system is proposed based on the elliptic curve cryptosystem. The goal is to enable confidentiality and privacy of sensitive information by designing a certificateless authenticated key agreement protocol with low computational cost and higher security. The proposed scheme achieves anonymity, resistance to key escrow problems, mutual authentication between the sensor nodes attached to patients and the application provider. Furthermore, the protocol undergoes formal security analysis using the random oracle model, and the soundness of the proposed scheme is validated using ProVerif. Finally, the performance analysis depicts that the proposed scheme is efficient compared to existing methods.
2016
Recently, with the technical advancements in wearable medical sensors and wireless communication techniques, Wireless Body Area Network (WBAN) has emerged as a new technology for e-health care service. The wearable medical device (WMD) aims at collecting an individual's medical data unobtrusively and ubiquitously. The security of the data collected from a WBAN remains a major unsolved concern. So, a certificateless remote anonymous authentication protocol is used to overcome the above challenges and to prevent the leakage of user's private information from unauthorized users. It eliminates the need for distributing clients account information to the application providers and also it achieves forward security. However the revocation functionality of anonymous remote authentication for the WBANs has not been considered in case the private key of the user has been leaked or the misbehaviour of the user has been detected. To address the demand a certificateless remote authentication protocol with efficient revocation is proposed. KUNodes algorithm is used to achieve the efficient revocation function. The revocation mechanism is highly scalable and it is especially suitable for the large-scale WBANs. The proposed authentication protocol is computationally efficient and it is provably secure against existential forgery compared with the existing one. Several key applications ranging from remote health monitoring to military/fitness training can be enabled by remote authentication in WBANs.
PSKA: usable and secure key agreement scheme for body area networks
IEEE Transactions on Information Technology in Biomedicine, 2010
A Body Area Network (BAN) is a wireless network of health monitoring sensors designed to deliver personalized health-care. Securing inter-sensor communications within BANs is essential for preserving not only the privacy of health data but also for ensuring safety of healthcare-delivery. This paper presents Physiological Signal based Key Agreement (PSKA), a scheme for enabling secure inter-sensor communication within a BAN in a usable (plug-n-play, transparent) manner. PSKA allows neighboring nodes in a BAN to agree to a symmetric (shared) cryptographic key, in an authenticated manner, using physiological signals obtained from the subject. No initialization or pre-deployment is required; simply deploying sensors in BAN is enough to make them communicate securely. Contributions of the paper are as follows: 1) description of PSKA key agreement protocol, 2) analysis of its security characteristics, 3) validation of PSKA utilizing two of the most commonly collected physiological signals photoplethysmogram (PPG) and electrocardiogram (EKG), and 4) cost analysis of executing PSKA, based on a prototype VHDL implementation, and its comparison with Diffie-Hellman key agreement protocol. Our analysis and prototyping shows that PSKA is a viable inter-sensor key agreement protocol for BANs.
An End-to-End Authentication Mechanism for Wireless Body Area Networks
Cornell University - arXiv, 2021
Wireless Body Area Network (WBAN) ensures highquality healthcare services by endowing distant and continual monitoring of patients' health conditions. The security and privacy of the sensitive health-related data transmitted through the WBAN should be preserved to maximize its benefits. In this regard, user authentication is one of the primary mechanisms to protect health data that verifies the identities of entities involved in the communication process. Since WBAN carries crucial health data, every entity engaged in the data transfer process must be authenticated. In literature, an end-to-end user authentication mechanism covering each communicating party is absent. Besides, most of the existing user authentication mechanisms are designed assuming that the patient's mobile phone is trusted. In reality, a patient's mobile phone can be stolen or comprised by malware and thus behaves maliciously. Our work addresses these drawbacks and proposes an end-to-end user authentication and session key agreement scheme between sensor nodes and medical experts in a scenario where the patient's mobile phone is semi-trusted. We present a formal security analysis using BAN logic. Besides, we also provide an informal security analysis of the proposed scheme. Both studies indicate that our method is robust against well-known security attacks. In addition, our scheme achieves comparable computation and communication costs concerning the related existing works. The simulation shows that our method preserves satisfactory network performance.
An Authentication Protocol for the Medical Internet of Things
Symmetry
The progress in biomedical sensors, Internet of Things technologies, big data, cloud computing, and artificial intelligence is leading the development of e-health medical systems, offering a range of new and innovative services. One such service is remote patient monitoring, where medical professionals are able to collect and examine a patient’s medical data remotely. Of course, in these systems, security and privacy are of utmost importance and we need to verify the identities of system users before granting them access to sensitive patient-related data. To this end, several authentication protocols have been recently designed specifically for e-health systems. We survey several of these protocols and report on flaws and shortcomings we discovered. Moreover, we propose an authentication protocol that enables a medical professional and the network of sensors used by a patient to authenticate each other and share a cryptographic key to be used for security in a communication session....
Research article, 2022
Critical patient data collected by body sensor units and transmitted over public wireless communication channels is exposed to numerous privacy and security attacks. As such, there is need for deployment of robust security solutions to uphold integrity, confidentiality and availability. In addition, the resource constrained nature of sensor nodes require efficient authentication protocols in terms of computation power, energy, bandwidth and storage requirements. To this end, many protocols based on public key infrastructure, blockchain and bilinear pairings are unsuitable for deployment in these sensor networks. Apart from efficiency shortfalls, most of the conventional security protocols cannot withstand majority of the typical wireless body area networks attacks. To this effect, a verifiable security and privacy provisioning protocol based on elliptic curve is presented in this paper. The reliability of the proposed is demonstrated via its robustness under Dolev-Yao (D-Y) and Canetti-Krawczyk (CK) threat models. On the other hand, its lightweight and efficient nature is investigated using execution time and bandwidth requirements, which are shown to be the least when compared with other schemes.