|
|
Provable secure authentication key agreement for wireless body area networks |
Yuqian MA1, Wenbo SHI2, Xinghua LI3, Qingfeng CHENG1() |
1. Fourth Department, Information Engineering University, Zhengzhou 450001, China 2. School of Computer and Communication Engineering, Northeastern University at Qinhuangdao, Qinhuangdao 066004, China 3. School of Cyber Engineering, Xidian University, Xi’an 710071, China |
|
|
Abstract Wireless body area networks (WBANs) guarantee timely data processing and secure information preservation within the range of the wireless access network, which is in urgent need of a new type of security technology. However, with the speedy development of hardware, the existing security schemes can no longer meet the new requirements of anonymity and lightweight. New solutions that do not require complex calculations, such as certificateless cryptography, attract great attention from researchers. To resolve these difficulties, Wang et al. designed a new authentication architecture for the WBANs environment, which was claimed to be secure and efficient. However, in this paper, we will show that this scheme is prone to ephemeral key leakage attacks. Further, based on this authentication scheme, an anonymous certificateless scheme is proposed for lightweight devices. Meanwhile, user anonymity is fully protected. The proposed scheme is proved to be secure under a specific security model. In addition, we assess the security attributes our scheme meets through BAN logic and Scyther tool. The comparisons of time consumption and communication cost are given at the end of the paper, to demonstrate that our scheme performs prior to several previous schemes.
|
Keywords
wireless body area networks
certificateless cryptography
BAN logic
Scyther
|
Corresponding Author(s):
Qingfeng CHENG
|
Just Accepted Date: 05 June 2023
Issue Date: 04 August 2023
|
|
1 |
T G Zimmerman . Personal area networks: near-field intrabody communication. IBM Systems Journal, 1996, 35( 3−4): 609–617
|
2 |
M A M, El-Bendary H, Kasban A, Haggag M A R El-Tokhy . Investigating of nodes and personal authentications utilizing multimodal biometrics for medical application of WBANs security. Multimedia Tools and Applications, 2020, 79( 33−34): 24507–24535
|
3 |
X, Li M H, Ibrahim S, Kumari A K, Sangaiah V, Gupta K K R Choo . Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Computer Networks, 2017, 129: 429–443
|
4 |
A M, Koya P P Deepthi . Anonymous hybrid mutual authentication and key agreement scheme for wireless body area network. Computer Networks, 2018, 140: 138–151
|
5 |
C-M, Chen B, Xiang T-Y, Wu K-H Wang . An anonymous mutual authenticated key agreement scheme for wearable sensors in wireless body area networks. Applied Sciences, 2018, 8( 7): 1074
|
6 |
Q, Jiang X, Lian C, Yang J, Ma Y, Tian Y Yang . A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth. Journal of Medical Systems, 2016, 40( 11): 231
|
7 |
C, Wang Y Zhang . New authentication scheme for wireless body area networks using the bilinear pairing. Journal of Medical Systems, 2015, 39( 11): 136
|
8 |
M H, Ibrahim S, Kumari A K, Das M, Wazid V Odelu . Secure anonymous mutual authentication for star two-tier wireless body area networks. Computer Methods and Programs in Biomedicine, 2016, 135: 37–50
|
9 |
Shen J, Chang S. Certificateless authentication protocol for wireless body area network. In: Proceedings of the 10th International Conference on Genetic and Evolutionary Computing. 2016, 29−35
|
10 |
C, Hu H, Li Y, Huo T, Xiang X Liao . Secure and efficient data communication protocol for wireless body area networks. IEEE Transactions on Multi-Scale Computing Systems, 2016, 2( 2): 94–107
|
11 |
M, Shuai B, Liu N, Yu X Li . Lightweight and secure three-factor authentication scheme for remote patient monitoring using on-body wireless networks. Security and Communication Networks, 2019, 2019: 8145087
|
12 |
J, Mo Z, Hu Y Lin . Cryptanalysis and security improvement of two authentication schemes for healthcare systems using wireless medical sensor networks. Security and Communication Networks, 2020, 2020: 5047379
|
13 |
J, Subramani A, Maria A S, Rajasekaran F Al-Turjman . Lightweight privacy and confidentiality preserving anonymous authentication scheme for WBANs. IEEE Transactions on Industrial Informatics, 2022, 18( 5): 3484–3491
|
14 |
M, Kumar S Chand . A lightweight cloud-assisted identity-based anonymous authentication and key agreement protocol for secure wireless body area network. IEEE Systems Journal, 2021, 15( 2): 2779–2786
|
15 |
A, Irshad S A, Chaudhry O A, Alomari K, Yahya N Kumar . A novel pairing-free lightweight authentication protocol for mobile cloud computing framework. IEEE Systems Journal, 2021, 15( 3): 3664–3672
|
16 |
D, He S, Zeadally N, Kumar J-H Lee . Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal, 2017, 11( 4): 2590–2601
|
17 |
J, Liu Z, Zhang X, Chen K S Kwak . Certificateless remote anonymous authentication schemes for wirelessbody area networks. IEEE Transactions on Parallel and Distributed Systems, 2014, 25( 2): 332–342
|
18 |
Y, Chen J Chen . An efficient and privacy-preserving mutual authentication with key agreement scheme for telecare medicine information system. Peer-to-Peer Networking and Applications, 2022, 15( 1): 516–528
|
19 |
T-Y, Wu T, Wang Y-Q, Lee W, Zheng S, Kumari S Kumar . Improved authenticated key agreement scheme for fog-driven IoT healthcare system. Security and Communication Networks, 2021, 2021: 6658041
|
20 |
X, Jia D, He N, Kumar K K R Choo . Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Networks, 2019, 25( 8): 4737–4750
|
21 |
M, Alanazi S Nashwan . Secure and anonymous three-factor authentication scheme for remote healthcare systems. Computer Systems Science and Engineering, 2022, 42( 2): 703–725
|
22 |
Y M, Wang Y Liu . RC2PAS: revocable certificateless conditional privacy-preserving authentication scheme in WBANs. IEEE Systems Journal, 2022, 16( 4): 5675–5685
|
23 |
Swanson C, Jao D. A study of two-party certificateless authenticated key-agreement protocols. In: Proceedings of the 10th International Conference on Cryptology in India. 2009, 57−71
|
24 |
M, Burrows M, Abadi R Needham . A logic of authentication. ACM Transactions on Computer Systems, 1990, 8( 1): 18–36
|
25 |
C, Shan K, Hu J, Xue C, Hu R Ma . A secure pairing-free certificate-less authenticated key agreement protocol. In: Proceedings of the 1st International Conference on Real Time Intelligent Systems. 2016, 205−216
|
26 |
W, Wang H, Huang F, Xiao Q, Li L, Xue J Jiang . Computation-transferable authenticated key agreement protocol for smart healthcare. Journal of Systems Architecture, 2021, 118: 102215
|
27 |
S, Rana M S, Obaidat D, Mishra A, Mishra Y S Rao . Efficient design of an authenticated key agreement protocol for dew-assisted IoT systems. The Journal of Supercomputing, 2022, 78( 3): 3696–3714
|
28 |
Y, Xu Y, Zhou B, Yang Z, Qiao Z, Wang Z, Xia M Zhang . An efficient identity authentication scheme with provable security and anonymity for mobile edge computing. IEEE Systems Journal, 2023, 17( 1): 1012–1023
|
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|