Re-AuTh: Lightweight Re-Authentication with Practical Key Management for Wireless Body Area Networks

Abstract

The development in wireless body area networks (WBANs) has facilitated a growth in electronic health in terms of quality and efficiency. Telemonitoring systems observe human vital signs without the need for a patient to be present using WBANs. The data sensitivity of WBAN, mobile users and public channels poses a critical challenge to security and privacy in order to prevent unauthorized access to vital health data. Several solutions have been suggested to ensure secure and effective communications in WBANs; nonetheless, these methods tend to have drawbacks, such as efficiency overhead and protection vulnerabilities. This paper proposes a lightweight authentication and also provides a protocol for re-authentication (Re-AuTh). The proposed “Re-AuTh” utilizes identification and authorization tokens to assist the application provider in authenticating and further to authorize medical users. Such tokens also provide a way to achieve effective key management. The Scyther simulation shows that the proposed Re-AuTh has no security vulnerabilities and the informal security analysis further ensures protection of all related possible threats. The performance comparisons with related solutions showed that the proposed Re-AuTh effectively provides security services for WBAN in the medical environment and greatly reduces computation costs at the user side.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

References

  1. 1.

    Salman, O.; Rasid, M.F.A.; Saripan, M.I.; Subramaniam, S.K.: Multi-sources data fusion framework for remote triage prioritization in telehealth. J. Med. Syst. 38(9), 103 (2014)

    Article  Google Scholar 

  2. 2.

    Albahri, O.; Zaidan, A.; Zaidan, B.; Hashim, M.; Albahri, A.; Alsalem, M.: Real-time remote health-monitoring Systems in a medical centre: a review of the provision of healthcare services-based body sensor information, open challenges and methodological aspects. J. Med. Syst. 42(9), 164 (2018)

    Article  Google Scholar 

  3. 3.

    Dias, D., Paulo Silva Cunha, J.: Wearable health devices—vital sign monitoring, systems and technologies. Sensors 18(8), 2414 (2018).

  4. 4.

    Latré, B.; Braem, B.; Moerman, I.; Blondia, C.; Demeester, P.: A survey on wireless body area networks. Wireless Netw. 17(1), 1–18 (2011)

    Article  Google Scholar 

  5. 5.

    Tobón, D.P.; Falk, T.H.; Maier, M.: Context awareness in WBANs: a survey on medical and non-medical applications. IEEE Wireless Commun. 20(4), 30–37 (2013)

    Article  Google Scholar 

  6. 6.

    Movassaghi, S.; Abolhasan, M.; Lipman, J.; Smith, D.; Jamalipour, A.: Wireless body area networks: a survey. IEEE Commun. Surv. Tutor. 16(3), 1658–1686 (2014)

    Article  Google Scholar 

  7. 7.

    Mohammed, K.; Zaidan, A.; Zaidan, B.; Albahri, O.; Alsalem, M.; Albahri, A.; Hadi, A.; Hashim, M.: Real-time remote-health monitoring systems: a review on patients prioritisation for multiple-chronic diseases, taxonomy analysis, concerns and solution procedure. J. Med. Syst. 43(7), 223 (2019)

    Article  Google Scholar 

  8. 8.

    Talal, M.; Zaidan, A.; Zaidan, B.; Albahri, A.; Alamoodi, A.; Albahri, O.; Alsalem, M.; Lim, C.; Tan, K.L.; Shir, W.: Smart home-based IoT for real-time and secure remote health monitoring of triage and priority system using body sensors: multi-driven systematic review. J. Med. Syst. 43(3), 42 (2019)

    Article  Google Scholar 

  9. 9.

    Shuai, M.; Liu, B.; Yu, N.; Xiong, L.; Wang, C.: Efficient and privacy-preserving authentication scheme for wireless body area networks. J. Inf. Sec. Appl. 52, 102499 (2020)

    Google Scholar 

  10. 10.

    He, D.; Zeadally, S.; Kumar, N.; Lee, J.-H.: Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J 11(4), 2590–2601 (2016)

    Article  Google Scholar 

  11. 11.

    Shen, J.; Gui, Z.; Ji, S.; Shen, J.; Tan, H.; Tang, Y.: Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J. Netw. Comput. Appl. 106, 117–123 (2018)

    Article  Google Scholar 

  12. 12.

    Li, X.; Ibrahim, M.H.; Kumari, S.; Kumar, R.: Secure and efficient anonymous authentication scheme for three-tier mobile healthcare systems with wearable sensors. Telecommun. Syst. 67(2), 323–348 (2018)

    Article  Google Scholar 

  13. 13.

    Alzaid, H., Park, D., Nieto, J.G., Boyd, C., Foo, E.: A forward & backward secure key management in wireless sensor networks for PCS/SCADA. In: Emerging technologies in wireless ad-hoc networks: applications and future development. pp. 41–60. IGI Global, (2011)

  14. 14.

    Li, X.; Ibrahim, M.H.; Kumari, S.; Sangaiah, A.K.; Gupta, V.; Choo, K.-K.R.: Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput. Netw. 129, 429–443 (2017)

    Article  Google Scholar 

  15. 15.

    Liu, X.; Jin, C.; Li, F.: An improved two-layer authentication scheme for wireless body area networks. J. Med. Syst. 42(8), 143 (2018)

    Article  Google Scholar 

  16. 16.

    Narwal, B., Mohapatra, A.K.: A survey on security and authentication in wireless body area networks. J. Syst. Arch. 101883 (2020).

  17. 17.

    Diffie, W.; Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)

    MathSciNet  MATH  Article  Google Scholar 

  18. 18.

    Pardo, J.L.G.: Identity-based cryptography. In: Introduction to Cryptography with Maple, pp. 587–610. Springer, New York (2013)

  19. 19.

    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: International conference on the theory and application of cryptology and information security, pp. 452–473. Springer, New York (2003)

  20. 20.

    He, D.; Wang, H.; Zhang, J.; Wang, L.: Insecurity of an identity-based public auditing protocol for the outsourced data in cloud storage. Inf. Sci. 375, 48–53 (2017)

    Article  Google Scholar 

  21. 21.

    Tan, C.C.; Wang, H.; Zhong, S.; Li, Q.: IBE-Lite: a lightweight identity-based cryptography for body sensor networks. IEEE Trans. Inf. Technol. Biomed. 13(6), 926–932 (2009)

    Article  Google Scholar 

  22. 22.

    Kasyoka, P.; Kimwele, M.; Angolo, S.M.: Towards an efficient certificateless access control scheme for wireless body area networks. Wireless Pers. Commun. 115(2), 1257–1275 (2020)

    Article  Google Scholar 

  23. 23.

    Dent, A.W.: A brief introduction to certificateless encryption schemes and their infrastructures. In: European Public Key Infrastructure Workshop, pp. 1–16. Springer, New York (2009)

  24. 24.

    Dent, A.W.: A survey of certificateless encryption schemes and security models. Int. J. Inf. Sec. 7(5), 349–377 (2008)

    Article  Google Scholar 

  25. 25.

    Li, F.; Hong, J.: Efficient certificateless access control for wireless body area networks. IEEE Sens. J. 16(13), 5389–5396 (2016)

    Article  Google Scholar 

  26. 26.

    Li, F.; Han, Y.; Jin, C.: Cost-effective and anonymous access control for wireless body area networks. IEEE Syst. J. 12(1), 747–758 (2016)

    Article  Google Scholar 

  27. 27.

    Zhang, J.; Mao, J.: An efficient RSA-based certificateless signature scheme. J. Syst. Softw. 85(3), 638–642 (2012)

    Article  Google Scholar 

  28. 28.

    Liu, J.; Zhang, Z.; Chen, X.; Kwak, K.S.: Certificateless remote anonymous authentication schemes for wirelessbody area networks. IEEE Trans. Parall. Distrib. Syst. 25(2), 332–342 (2013)

    Article  Google Scholar 

  29. 29.

    He, D.; Zeadally, S.; Wu, L.: Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. 12(1), 64–73 (2015)

    Article  Google Scholar 

  30. 30.

    Xiong, H.; Qin, Z.: Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks. IEEE Trans. Inf. Forens. Sec. 10(7), 1442–1455 (2015)

    Article  Google Scholar 

  31. 31.

    Mwitende, G., Ye, Y., Ali, I., Li, F.: Certificateless authenticated key agreement for blockchain-based WBANs. J. Syst. Archit. 101777 (2020).

  32. 32.

    Xiong, H.: Cost-effective scalable and anonymous certificateless remote authentication protocol. IEEE Trans. Inf. Foren. Sec. 9(12), 2327–2339 (2014)

    Article  Google Scholar 

  33. 33.

    Zhao, Z.: An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. J. Med. Syst. 38(2), 13 (2014)

    Article  Google Scholar 

  34. 34.

    Wang, C.; Zhang, Y.: New authentication scheme for wireless body area networks using the bilinear pairing. J. Med. Syst. 39(11), 136 (2015)

    Article  Google Scholar 

  35. 35.

    Jiang, Q.; Lian, X.; Yang, C.; Ma, J.; Tian, Y.; Yang, Y.: A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth. J. Med. Syst. 40(11), 231 (2016)

    Article  Google Scholar 

  36. 36.

    Li, X.; Peng, J.; Kumari, S.; Wu, F.; Karuppiah, M.; Choo, K.-K.R.: An enhanced 1-round authentication protocol for wireless body area networks with user anonymity. Comput. Elect. Eng. 61, 238–249 (2017)

    Article  Google Scholar 

  37. 37.

    Liu, J.; Zhang, L.; Sun, R.: 1-RAAP: An efficient 1-round anonymous authentication protocol for wireless body area networks. Sensors 16(5), 728 (2016)

    Article  Google Scholar 

  38. 38.

    Ostad-Sharif, A.; Nikooghadam, M.; Abbasinezhad-Mood, D.: Design of a lightweight and anonymous authenticated key agreement protocol for wireless body area networks. Int. J. Commun. Syst. 32(12), e3974 (2019)

    Article  Google Scholar 

  39. 39.

    Shim, K.-A.: Comments on “Revocable and scalable certificateless remote authentication protocol wth anonymity for wireless body area networks.” IEEE Trans. Inf. Foren. Sec. 15, 81–82 (2018)

    Article  Google Scholar 

  40. 40.

    Xie, Y.; Zhang, S.; Li, X.; Li, Y.; Chai, Y.: Cascp: efficient and secure certificateless authentication scheme for wireless body area networks with conditional privacy-preserving. Sec. Commun, Netw (2019)

    Google Scholar 

  41. 41.

    Ji, S.; Gui, Z.; Zhou, T.; Yan, H.; Shen, J.: An efficient and certificateless conditional privacy-preserving authentication scheme for wireless body area networks big data services. IEEE Access 6, 69603–69611 (2018)

    Article  Google Scholar 

  42. 42.

    Yang, G.; Huang, Q.; Wong, D.S.; Deng, X.: Universal authentication protocols for anonymous wireless communications. IEEE Trans. Wireless Commun. 9(1), 168–174 (2010)

    Article  Google Scholar 

  43. 43.

    Almuhaideb, A.M.; Alqudaihi, K.S.: A lightweight and secure anonymity preserving protocol for WBAN. IEEE Access 8, 178183–178194 (2020)

    Article  Google Scholar 

  44. 44.

    Almuhaideb, A.M.; Alqudaihi, K.: A lightweight three-factor authentication scheme for WHSN architecture. Sensors 20(23), 6860 (2020)

    Article  Google Scholar 

  45. 45.

    Burrows, M.; Abadi, M.; Needham, R.M.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)

    MATH  Article  Google Scholar 

  46. 46.

    Sirbu, M.A., Chuang, J.-I.: Distributed authentication in Kerberos using public key cryptography. In: Proceedings of SNDSS'97: Internet Society Symposium on Network and Distributed System Security, San Diego, CA, USA, pp. 134–141. IEEE (1997)

  47. 47.

    Chen, R.; Peng, D.: Analysis and improvement of a mutual authentication scheme for wireless body area networks. J. Med. Syst. 43(2), 19 (2019)

    Article  Google Scholar 

  48. 48.

    Saeed, M.E.S.; Liu, Q.-Y.; Tian, G.; Gao, B.; Li, F.: AKAIoTs: authenticated key agreement for internet of things. Wireless Netw. 25(6), 3081–3101 (2019)

    Article  Google Scholar 

  49. 49.

    Shen, J.; Chang, S.; Shen, J.; Liu, Q.; Sun, X.: A lightweight multi-layer authentication protocol for wireless body area networks. Future Gen. Comput. Syst. 78, 956–963 (2018)

    Article  Google Scholar 

  50. 50.

    Jia, X.; He, D.; Kumar, N.; Choo, K.-K.R.: Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Netw. 25(8), 4737–4750 (2019)

    Article  Google Scholar 

  51. 51.

    Kilinc, H.H.; Yanik, T.: A survey of SIP authentication and key agreement schemes. IEEE Commun. Surv. Tutor. 16(2), 1005–1023 (2013)

    Article  Google Scholar 

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Abdullah M. Almuhaideb.

Ethics declarations

Conflict of interest

The authors declare that he has no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Almuhaideb, A.M. Re-AuTh: Lightweight Re-Authentication with Practical Key Management for Wireless Body Area Networks. Arab J Sci Eng (2021). https://doi.org/10.1007/s13369-021-05442-9

Download citation

Keywords

  • Wireless body area network
  • Authentication protocol
  • Privacy
  • Anonymity
  • Session key
  • Attack