The development in wireless body area networks (WBANs) has facilitated a growth in electronic health in terms of quality and efficiency. Telemonitoring systems observe human vital signs without the need for a patient to be present using WBANs. The data sensitivity of WBAN, mobile users and public channels poses a critical challenge to security and privacy in order to prevent unauthorized access to vital health data. Several solutions have been suggested to ensure secure and effective communications in WBANs; nonetheless, these methods tend to have drawbacks, such as efficiency overhead and protection vulnerabilities. This paper proposes a lightweight authentication and also provides a protocol for re-authentication (Re-AuTh). The proposed “Re-AuTh” utilizes identification and authorization tokens to assist the application provider in authenticating and further to authorize medical users. Such tokens also provide a way to achieve effective key management. The Scyther simulation shows that the proposed Re-AuTh has no security vulnerabilities and the informal security analysis further ensures protection of all related possible threats. The performance comparisons with related solutions showed that the proposed Re-AuTh effectively provides security services for WBAN in the medical environment and greatly reduces computation costs at the user side.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
Salman, O.; Rasid, M.F.A.; Saripan, M.I.; Subramaniam, S.K.: Multi-sources data fusion framework for remote triage prioritization in telehealth. J. Med. Syst. 38(9), 103 (2014)
Albahri, O.; Zaidan, A.; Zaidan, B.; Hashim, M.; Albahri, A.; Alsalem, M.: Real-time remote health-monitoring Systems in a medical centre: a review of the provision of healthcare services-based body sensor information, open challenges and methodological aspects. J. Med. Syst. 42(9), 164 (2018)
Dias, D., Paulo Silva Cunha, J.: Wearable health devices—vital sign monitoring, systems and technologies. Sensors 18(8), 2414 (2018).
Latré, B.; Braem, B.; Moerman, I.; Blondia, C.; Demeester, P.: A survey on wireless body area networks. Wireless Netw. 17(1), 1–18 (2011)
Tobón, D.P.; Falk, T.H.; Maier, M.: Context awareness in WBANs: a survey on medical and non-medical applications. IEEE Wireless Commun. 20(4), 30–37 (2013)
Movassaghi, S.; Abolhasan, M.; Lipman, J.; Smith, D.; Jamalipour, A.: Wireless body area networks: a survey. IEEE Commun. Surv. Tutor. 16(3), 1658–1686 (2014)
Mohammed, K.; Zaidan, A.; Zaidan, B.; Albahri, O.; Alsalem, M.; Albahri, A.; Hadi, A.; Hashim, M.: Real-time remote-health monitoring systems: a review on patients prioritisation for multiple-chronic diseases, taxonomy analysis, concerns and solution procedure. J. Med. Syst. 43(7), 223 (2019)
Talal, M.; Zaidan, A.; Zaidan, B.; Albahri, A.; Alamoodi, A.; Albahri, O.; Alsalem, M.; Lim, C.; Tan, K.L.; Shir, W.: Smart home-based IoT for real-time and secure remote health monitoring of triage and priority system using body sensors: multi-driven systematic review. J. Med. Syst. 43(3), 42 (2019)
Shuai, M.; Liu, B.; Yu, N.; Xiong, L.; Wang, C.: Efficient and privacy-preserving authentication scheme for wireless body area networks. J. Inf. Sec. Appl. 52, 102499 (2020)
He, D.; Zeadally, S.; Kumar, N.; Lee, J.-H.: Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J 11(4), 2590–2601 (2016)
Shen, J.; Gui, Z.; Ji, S.; Shen, J.; Tan, H.; Tang, Y.: Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J. Netw. Comput. Appl. 106, 117–123 (2018)
Li, X.; Ibrahim, M.H.; Kumari, S.; Kumar, R.: Secure and efficient anonymous authentication scheme for three-tier mobile healthcare systems with wearable sensors. Telecommun. Syst. 67(2), 323–348 (2018)
Alzaid, H., Park, D., Nieto, J.G., Boyd, C., Foo, E.: A forward & backward secure key management in wireless sensor networks for PCS/SCADA. In: Emerging technologies in wireless ad-hoc networks: applications and future development. pp. 41–60. IGI Global, (2011)
Li, X.; Ibrahim, M.H.; Kumari, S.; Sangaiah, A.K.; Gupta, V.; Choo, K.-K.R.: Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput. Netw. 129, 429–443 (2017)
Liu, X.; Jin, C.; Li, F.: An improved two-layer authentication scheme for wireless body area networks. J. Med. Syst. 42(8), 143 (2018)
Narwal, B., Mohapatra, A.K.: A survey on security and authentication in wireless body area networks. J. Syst. Arch. 101883 (2020).
Diffie, W.; Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Pardo, J.L.G.: Identity-based cryptography. In: Introduction to Cryptography with Maple, pp. 587–610. Springer, New York (2013)
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: International conference on the theory and application of cryptology and information security, pp. 452–473. Springer, New York (2003)
He, D.; Wang, H.; Zhang, J.; Wang, L.: Insecurity of an identity-based public auditing protocol for the outsourced data in cloud storage. Inf. Sci. 375, 48–53 (2017)
Tan, C.C.; Wang, H.; Zhong, S.; Li, Q.: IBE-Lite: a lightweight identity-based cryptography for body sensor networks. IEEE Trans. Inf. Technol. Biomed. 13(6), 926–932 (2009)
Kasyoka, P.; Kimwele, M.; Angolo, S.M.: Towards an efficient certificateless access control scheme for wireless body area networks. Wireless Pers. Commun. 115(2), 1257–1275 (2020)
Dent, A.W.: A brief introduction to certificateless encryption schemes and their infrastructures. In: European Public Key Infrastructure Workshop, pp. 1–16. Springer, New York (2009)
Dent, A.W.: A survey of certificateless encryption schemes and security models. Int. J. Inf. Sec. 7(5), 349–377 (2008)
Li, F.; Hong, J.: Efficient certificateless access control for wireless body area networks. IEEE Sens. J. 16(13), 5389–5396 (2016)
Li, F.; Han, Y.; Jin, C.: Cost-effective and anonymous access control for wireless body area networks. IEEE Syst. J. 12(1), 747–758 (2016)
Zhang, J.; Mao, J.: An efficient RSA-based certificateless signature scheme. J. Syst. Softw. 85(3), 638–642 (2012)
Liu, J.; Zhang, Z.; Chen, X.; Kwak, K.S.: Certificateless remote anonymous authentication schemes for wirelessbody area networks. IEEE Trans. Parall. Distrib. Syst. 25(2), 332–342 (2013)
He, D.; Zeadally, S.; Wu, L.: Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. 12(1), 64–73 (2015)
Xiong, H.; Qin, Z.: Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks. IEEE Trans. Inf. Forens. Sec. 10(7), 1442–1455 (2015)
Mwitende, G., Ye, Y., Ali, I., Li, F.: Certificateless authenticated key agreement for blockchain-based WBANs. J. Syst. Archit. 101777 (2020).
Xiong, H.: Cost-effective scalable and anonymous certificateless remote authentication protocol. IEEE Trans. Inf. Foren. Sec. 9(12), 2327–2339 (2014)
Zhao, Z.: An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. J. Med. Syst. 38(2), 13 (2014)
Wang, C.; Zhang, Y.: New authentication scheme for wireless body area networks using the bilinear pairing. J. Med. Syst. 39(11), 136 (2015)
Jiang, Q.; Lian, X.; Yang, C.; Ma, J.; Tian, Y.; Yang, Y.: A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth. J. Med. Syst. 40(11), 231 (2016)
Li, X.; Peng, J.; Kumari, S.; Wu, F.; Karuppiah, M.; Choo, K.-K.R.: An enhanced 1-round authentication protocol for wireless body area networks with user anonymity. Comput. Elect. Eng. 61, 238–249 (2017)
Liu, J.; Zhang, L.; Sun, R.: 1-RAAP: An efficient 1-round anonymous authentication protocol for wireless body area networks. Sensors 16(5), 728 (2016)
Ostad-Sharif, A.; Nikooghadam, M.; Abbasinezhad-Mood, D.: Design of a lightweight and anonymous authenticated key agreement protocol for wireless body area networks. Int. J. Commun. Syst. 32(12), e3974 (2019)
Shim, K.-A.: Comments on “Revocable and scalable certificateless remote authentication protocol wth anonymity for wireless body area networks.” IEEE Trans. Inf. Foren. Sec. 15, 81–82 (2018)
Xie, Y.; Zhang, S.; Li, X.; Li, Y.; Chai, Y.: Cascp: efficient and secure certificateless authentication scheme for wireless body area networks with conditional privacy-preserving. Sec. Commun, Netw (2019)
Ji, S.; Gui, Z.; Zhou, T.; Yan, H.; Shen, J.: An efficient and certificateless conditional privacy-preserving authentication scheme for wireless body area networks big data services. IEEE Access 6, 69603–69611 (2018)
Yang, G.; Huang, Q.; Wong, D.S.; Deng, X.: Universal authentication protocols for anonymous wireless communications. IEEE Trans. Wireless Commun. 9(1), 168–174 (2010)
Almuhaideb, A.M.; Alqudaihi, K.S.: A lightweight and secure anonymity preserving protocol for WBAN. IEEE Access 8, 178183–178194 (2020)
Almuhaideb, A.M.; Alqudaihi, K.: A lightweight three-factor authentication scheme for WHSN architecture. Sensors 20(23), 6860 (2020)
Burrows, M.; Abadi, M.; Needham, R.M.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)
Sirbu, M.A., Chuang, J.-I.: Distributed authentication in Kerberos using public key cryptography. In: Proceedings of SNDSS'97: Internet Society Symposium on Network and Distributed System Security, San Diego, CA, USA, pp. 134–141. IEEE (1997)
Chen, R.; Peng, D.: Analysis and improvement of a mutual authentication scheme for wireless body area networks. J. Med. Syst. 43(2), 19 (2019)
Saeed, M.E.S.; Liu, Q.-Y.; Tian, G.; Gao, B.; Li, F.: AKAIoTs: authenticated key agreement for internet of things. Wireless Netw. 25(6), 3081–3101 (2019)
Shen, J.; Chang, S.; Shen, J.; Liu, Q.; Sun, X.: A lightweight multi-layer authentication protocol for wireless body area networks. Future Gen. Comput. Syst. 78, 956–963 (2018)
Jia, X.; He, D.; Kumar, N.; Choo, K.-K.R.: Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Netw. 25(8), 4737–4750 (2019)
Kilinc, H.H.; Yanik, T.: A survey of SIP authentication and key agreement schemes. IEEE Commun. Surv. Tutor. 16(2), 1005–1023 (2013)
Conflict of interest
The authors declare that he has no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
About this article
Cite this article
Almuhaideb, A.M. Re-AuTh: Lightweight Re-Authentication with Practical Key Management for Wireless Body Area Networks. Arab J Sci Eng (2021). https://doi.org/10.1007/s13369-021-05442-9
- Wireless body area network
- Authentication protocol
- Session key