Advertisement

An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring

  • Rifaqat Ali
  • Arup Kumar Pal
  • Saru Kumari
  • Arun Kumar Sangaiah
  • Xiong Li
  • Fan Wu
Original Research
  • 22 Downloads

Abstract

With the rapid growth of wireless medical sensor networks (WMSNs) based healthcare applications, protecting both the privacy and security from illegitimate users, are major concern issues since patient’s precise information is vital for the proper diagnosis procedure. So, authentication protocol is one of the efficient mechanisms to deal with trustworthy and authentic users. Several authentication protocols have been proposed in WMSNs environment. However, the most of these protocols are so susceptible to security threats and not suitable for practical use. In this article, recently proposed Amin et al.’s authentication scheme is reviewed and some vulnerabilities like off-line password guessing attack, user impersonation attack, known session-key temporary information attack, the revelation of secret parameters, and identity guessing attack are pointed out. To overcome all the above mentioned vulnerabilities, we have proposed an enhanced three-factor based remote user authentication protocol in WMSNs environment. Further, the proposed protocol is validated using Burrows–Abadi–Needham logic and then simulated using Automated Validation of Internet Security Protocols and Applications tool. Moreover, the security analysis ensures that the proposed protocol is well protected from various types of malicious attacks. In addition, the performance evaluation shows better efficiency and suitability of our protocol over other related protocols.

Keywords

Authentication Cryptanalysis Security attacks Wireless medical sensor networks 

Notes

References

  1. Ali R, Pal AK (2017) A secure and robust three-factor based authentication scheme using RSA cryptosystem. Int J Bus Data Commun Netw 13(1):74–84CrossRefGoogle Scholar
  2. Ali R, Pal AK (2018a) Cryptanalysis and biometric-based enhancement of a remote user authentication scheme for e-healthcare system. Arab J Sci Eng.  https://doi.org/10.1007/s13369-018-3220-4 CrossRefGoogle Scholar
  3. Ali R, Pal AK (2018b) An efficient three factor-based authentication scheme in multiserver environment using ECC. Int J Commun Syst 31:4Google Scholar
  4. Ali R, Pal AK (2018c) A secure three-factor remote user authentication scheme using elliptic curve cryptosystem. In: Proceedings of the international conference on microelectronics, computing and communication systems. Springer, pp 9–24Google Scholar
  5. Ali R, Pal AK, Kumari S, Karuppiah M, Conti M (2017) A secure user authentication and key-agreement scheme using wireless sensor networks for agriculture monitoring. Futur Gener Comput Syst.  https://doi.org/10.1016/j.future.2017.06.018 CrossRefGoogle Scholar
  6. Amin R, Islam SH, Biswas G, Khan MK, Kumar N (2018) A robust and anonymous patient monitoring system using wireless medical sensor networks. Futur Gener Comput Syst 80:483–495CrossRefGoogle Scholar
  7. Amin R, Islam SH, Biswas G, Khan MK, Leng L, Kumar N (2016) Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput Netw 101:42–62CrossRefGoogle Scholar
  8. An Y (2012) Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards. BioMed Res IntGoogle Scholar
  9. Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc Lond A Math Phys Eng Sci 426:233–271MathSciNetCrossRefGoogle Scholar
  10. Chandrakar P, Om H (2016) A secure two-factor remote user authentication and session key agreement scheme. Int J Bus Data Commun Netw 12(2):62–79CrossRefGoogle Scholar
  11. Chandrakar P, Om H (2017a) Cryptanalysis and extended three-factor remote user authentication scheme in multi-server environment. Arab J Sci Eng 42(2):765–786CrossRefGoogle Scholar
  12. Chandrakar P, Om H (2017b) Cryptanalysis and improvement of a biometric-based remote user authentication protocol usable in a multiserver environment. Trans Emerg Telecommun Technol 28:12Google Scholar
  13. Chandrakar P, Om H (2017c) Cryptanalysis and security enhancement of three-factor remote user authentication scheme for multi-server environment. Int J Bus Data Commun Netw 13(1):85–101CrossRefGoogle Scholar
  14. Chandrakar P, Om H (2017d) A secure and robust anonymous three-factor remote user authentication scheme for multi-server environment using ECC. Comput Commun 110:26–34CrossRefGoogle Scholar
  15. Chandrakar P, Om H (2018a) An efficient two-factor remote user authentication and session key agreement scheme using Rabin cryptosystem. Arab J Sci Eng 43(2):661–673CrossRefGoogle Scholar
  16. Chandrakar P, Om H (2018b) An extended ecc-based anonymity-preserving 3-factor remote authentication scheme usable in TMIS. Int J Commun Syst.  https://doi.org/10.1002/dac.3540 CrossRefGoogle Scholar
  17. Chen T-H, Chen Y-C, Shih W-K, Wei H-W (2011) An efficient anonymous authentication protocol for mobile pay-tv. J Netw Comput Appl 34(4):1131–1137CrossRefGoogle Scholar
  18. Das AK (2011) Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Inf Secur 5(3):145–151CrossRefGoogle Scholar
  19. He D, Kumar N, Chen J, Lee C-C, Chilamkurti N, Yeo S-S (2015a) Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimed Syst 21(1):49–60CrossRefGoogle Scholar
  20. He D, Kumar N, Chilamkurti N (2015b) A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf Sci 321:263–277CrossRefGoogle Scholar
  21. Jiang Q, Ma J, Li G, Yang L (2014) An efficient ticket based authentication protocol with unlinkability for wireless access networks. Wirel Person Commun 77(2):1489–1506CrossRefGoogle Scholar
  22. Khan MK, Kumari S (2014) An improved user authentication protocol for healthcare services via wireless medical sensor networks. Int J Distrib Sens Netw 10(4):347169CrossRefGoogle Scholar
  23. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Annual international cryptology conference. Springer, pp 388–397Google Scholar
  24. Kumar P, Lee S-G, Lee H-J (2012) E-sap: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors 12(2):1625–1647CrossRefGoogle Scholar
  25. Lee T-F (2015) Enhancing the security of password authenticated key agreement protocols based on chaotic maps. Inf Sci 290:63–71CrossRefGoogle Scholar
  26. Li C-T, Hwang M-S (2010) An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 33(1):1–5CrossRefGoogle Scholar
  27. Li X, Niu J, Khan MK, Liao J, Zhao X (2014a) Robust three-factor remote user authentication scheme with key agreement for multimedia systems. Secu Commun Netw 9(13):1916–1927Google Scholar
  28. Li X, Niu J, Kumari S, Liao J, Liang W, Khan MK (2015) A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity. Secu Commun Netw 9(15):2643–2655CrossRefGoogle Scholar
  29. Li X, Niu J, Kumari S, Wu F, Sangaiah AK, Choo K-KR (2018) A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. J Netw Comput Appl 103:194–204CrossRefGoogle Scholar
  30. Li X, Niu J, Wang Z, Chen C (2014b) Applying biometrics to design three-factor remote user authentication scheme with key agreement. Secur Commun Netw 7(10):1488–1497Google Scholar
  31. Li X, Niu J-W, Ma J, Wang W-D, Liu C-L (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 34(1):73–79CrossRefGoogle Scholar
  32. Liu C-H, Chung Y-F (2017) Secure user authentication scheme for wireless healthcare sensor networks. Comput Electr Eng 59:250–261CrossRefGoogle Scholar
  33. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552MathSciNetCrossRefGoogle Scholar
  34. Ni L, Chen G, Li J, Hao Y (2016) Strongly secure identity-based authenticated key agreement protocols without bilinear pairings. Inf Sci 367:176–193CrossRefGoogle Scholar
  35. von Oheimb D (2005) The high-level protocol specification language HLPSL developed in the EU project AVISPA. In: Proceedings of APPSEM workshop, pp 1–17Google Scholar
  36. Rahman F, Hoque ME, Ahamed SI (2017) Anonpri: a secure anonymous private authentication protocol for RFID systems. Inf Sci 379:195–210CrossRefGoogle Scholar
  37. Shin S, Lee SW, Kim H (2016) Authentication protocol for healthcare services over wireless body area networks. Int J Comput Commun Eng 5(1):50CrossRefGoogle Scholar
  38. Sutrala AK, Das AK, Odelu V, Wazid M, Kumari S (2016) Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems. Comput Methods Programs Biomed 135:167–185CrossRefGoogle Scholar
  39. Turkanović M, Brumen B, Hölbl M (2014) A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Netw 20:96–112CrossRefGoogle Scholar
  40. Wang D, He D, Wang P, Chu C-H (2015a) Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans Depend Secur Comput 12(4):428–442CrossRefGoogle Scholar
  41. Wang D, Wang N, Wang P, Qing S (2015b) Preserving privacy for free: efficient and provably secure two-factor authentication scheme with user anonymity. Inf Sci 321:162–178CrossRefGoogle Scholar
  42. Wei J, Liu W, Hu X (2014) Cryptanalysis and improvement of a robust smart card authentication scheme for multi-server architecture. Wirel Person Commun 77(3):2255–2269CrossRefGoogle Scholar
  43. World Health Organization (2010) Increasing access to health workers in remote and rural areas through improved retention: global policy recommendations. World Health Organization, GenevaGoogle Scholar
  44. Wu T-S, Lin H-Y (2014) Provably secure proxy convertible authenticated encryption scheme based on RSA. Inf Sci 278:577–587MathSciNetCrossRefGoogle Scholar
  45. Wu F, Li X, Xu L, Kumari S, Karuppiah M, Shen J (2017a) A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Comput Electr Eng 63:168–181CrossRefGoogle Scholar
  46. Wu F, Xu L, Kumari S, Li X (2015) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimed Syst 23(2):195–205CrossRefGoogle Scholar
  47. Wu F, Xu L, Kumari S, Li X, Shen J, Choo K-KR, Wazid M, Das AK (2017b) An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IOT deployment. J Netw Comput Appl 89:72–85CrossRefGoogle Scholar
  48. Zhang L (2015) Certificateless one-pass and two-party authenticated key agreement protocol and its extensions. Inf Sci 293:182–195CrossRefGoogle Scholar
  49. Zhang J, Zhao X, Ji C (2015) A novel authenticated encryption scheme and its extension. Inf Sci 317:196–201CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  • Rifaqat Ali
    • 1
  • Arup Kumar Pal
    • 1
  • Saru Kumari
    • 2
  • Arun Kumar Sangaiah
    • 3
  • Xiong Li
    • 4
  • Fan Wu
    • 5
  1. 1.Department of Computer Science and EngineeringIndian Institute of Technology (ISM)DhanbadIndia
  2. 2.Department of MathematicsCh. Charan Singh UniversityMeerutIndia
  3. 3.School of Computing Science and EngineeringVIT UniversityTamil NaduIndia
  4. 4.School of Computer Science and EngineeringHunan University of Science and TechnologyXiangtanChina
  5. 5.Department of Computer Science and EngineeringXiamen Institute of TechnologyXiamenChina

Personalised recommendations