Abstract
The mobility and openness of wireless communication technologies make Mobile Healthcare Systems (mHealth) potentially exposed to a number of potential attacks, which significantly undermines their utility and impedes their widespread deployment. Attackers and criminals, even without knowing the context of the transmitted data, with simple eavesdropping on the wireless links, may benefit a lot from linking activities to the identities of patient’s sensors and medical staff members. These vulnerabilities apply to all tiers of the mHealth system. A new anonymous mutual authentication scheme for three-tier mobile healthcare systems with wearable sensors is proposed in this paper. Our scheme consists of three protocols: Protocol-1 allows the anonymous authentication nodes (mobile users and controller nodes) and the HSP medical server in the third tier, while Protocol-2 realizes the anonymous authentication between mobile users and controller nodes in the second tier, and Protocol-3 achieves the anonymous authentication between controller nodes and the wearable body sensors in the first tier. In the design of our protocols, the variation in the resource constraints of the different nodes in the mHealth system are taken into consideration so that our protocols make a better trade-off among security, efficiency and practicality. The security of our protocols are analyzed through rigorous formal proofs using BAN logic tool and informal discussions of security features, possible attacks and countermeasures. Besides, the efficiency of our protocols are concretely evaluated and compared with related schemes. The comparisons show that our scheme outperforms the previous schemes and provides more complete and integrated anonymous authentication services. Finally, the security of our protocols are evaluated by using the Automated Validation of Internet Security Protocols and Applications and the SPAN animator software. The simulation results show that our scheme is secure and satisfy all the specified privacy and authentication goals.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Akkaya, K., Younis, M., & Youssef, M. (2005). Efficient aggregation of delay-constrained data in wireless sensor networks. In Proceedings of the ACS/IEEE 2005 international conference on computer systems and applications, pp. 904–909. IEEE Computer Society
Akkaya, K., & Younis, M. (2005). A survey on routing protocols for wireless sensor networks. Ad Hoc Networks, 3(3), 325–349.
Al-Karaki, J. N., & Kamal, A. E. (2004). Routing techniques in wireless sensor networks: a survey. IEEE Wireless Communications, 11(6), 6–28.
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., Drielsma, P.H., Héam, P.-C., Kouchnarenko, O., & Mantovani, J. et al. (2005) The avispa tool for the automated validation of internet security protocols and applications. In International conference on computer aided verification, pp. 281–285. Springer.
Bao, S.-D., & Zhang, Y.-T. (2006). A design proposal of security architecture for medical body sensor networks. In International workshop on wearable and implantable body sensor networks (BSN’06), pp. 4–pp. IEEE
Cohen, H., Frey, G., Avanzi, R., Doche, C., Lange, T., Nguyen, K., et al. (2005). Handbook of elliptic and hyperelliptic curve cryptography. London: CRC Press.
Daemen, J., & Rijmen, V. (2013). The design of Rijndael: AES-the advanced encryption standard. New York: Springer Science & Business Media.
FIPS, P. (1995). 180-1. secure hash standard. National Institute of Standards and Technology, 17:45.
Fu, Z., Sun, X., Ji, S., & Xie, G. (2016). Towards efficient content-aware search over encrypted outsourced data in cloud. In: Computer communications, IEEE INFOCOM 2016-the 35th annual IEEE international conference on, pp 1–9. IEEE
Fu, Z., Sun, X., Liu, Q., ZHOU, L., & SHU, J. (2015). Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Transactions on Communications, 98(1), 190–200.
Gallant, R. P., Lambert, R. J., & Vanstone, S. A. (2001). Faster point multiplication on elliptic curves with efficient endomorphisms. In Annual International Cryptology Conference, pp. 190–200. Springer
Glouche, Y., Genet, T., Heen, O., & Courtay, O. (2006) A security protocol animator tool for avispa. In: ARTIST2 workshop on security specification and verification of embedded systems, Pisa, p. 12. http://www.irisa.fr/celtique/genet/span/.
Großschädl, J., Page, D., Tillich, S. (2012). Efficient java implementation of elliptic curve cryptography for j2me-enabled mobile devices. In :IFIP international workshop on information security theory and practice, pp. 189–207. Springer
Hayajneh, T., Mohd, B. J., Imran, M., Almashaqbeh, G., & Vasilakos, A. V. (2016). Secure authentication for remote patient monitoring with wireless medical sensor networks. Sensors, 16(4), 424.
He, D., Zeadally, S., Kumar, N., & Lee, J.-H. (2016). Anonymous authentication for wireless body area networks with provable security.
He, D., & Zeadally, S. (2015). Authentication protocol for an ambient assisted living system. IEEE Communications Magazine, 53(1), 71–77.
Ho, J.-M. (2012). A versatile suite of strong authenticated key agreement protocols for body area networks. In 8th international wireless communications and mobile computing conference (IWCMC), pp. 683–688. IEEE.
Huang, J.-J., Juang, W.-S., Fan, C.-I., Liaw, H.-T., et al. (2013). Robust and privacy protection authentication in cloud computing. International Journal of Innovative Computing, Information and Control, 9(11), 4247–4261.
Huang, X., Chen, X., Li, J., Xiang, Y., & Xu, L. (2014). Further observations on smart-card-based password-authenticated key agreement in distributed systems. IEEE Transactions on Parallel and Distributed Systems, 25(7), 1767–1775.
Implementing e-health in developing countries: Guidance and principles. https://www.itu.int/ITU-D/cyb/app/docs/e-Health_prefinal_15092008.PDF.
Islam, S. H., & Khan, M. K. (2014). Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems. Journal of Medical Systems, 38(10), 1–16.
Jiang, Q., Khan, M. K., Lu, X., Ma, J., & He, D. (2016). A privacy preserving three-factor authentication protocol for e-health clouds. The Journal of Supercomputing, 72(10), 3826–3849
Jiang, Q., Ma, J., Wei, F., Tian, Y., Shen, J., & Yang, Y. (2016). An untraceable temporal-credential-based two-factor authentication scheme using ecc for wireless sensor networks. Journal of Network and Computer Applications, 76, 37–48.
Khan, M. K., & Kumari, S. (2013). An authentication scheme for secure access to healthcare services. Journal of Medical Systems, 37(4), 1–12.
Lenstra, A. K., & Verheul, E. R. (2001). Selecting cryptographic key sizes. Journal of Cryptology, 14(4), 255–293.
Li, X., Ibrahim, M. H., Kumari, S., Sangaiah, A. K., Gupta, V., & Choo, K.-K. R. (2017). Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Computer Networks. doi:10.1016/j.comnet.2017.03.013.
Li, X., Niu, J.-W., Ma, J., Wang, W.-D., & Liu, C.-L. (2011). Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 34(1), 73–79.
Li, X., Xiong, Y., Ma, J., & Wang, W. (2012). An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. Journal of Network and Computer Applications, 35(2), 763–769.
Li, X., Ma, J., Wang, W., Xiong, Y., & Zhang, J. (2013). A novel smart card and dynamic id based remote user authentication scheme for multi-server environments. Mathematical and Computer Modelling, 58(1), 85–95.
Li, X., Niu, J., Khan, M. K., & Liao, J. (2013). An enhanced smart card based remote user password authentication scheme. Journal of Network and Computer Applications, 36(5), 1365–1371.
Liu, Z., Groszschaedl, J., Hu, Z., Jarvinen, K., Wang, H., Verbauwhede, I. (2016). Elliptic curve cryptography with efficiently computable endomorphisms and its hardware implementations for the internet of things. IEEE Transactions on Computers
Liu, J., Zhang, Z., Chen, X., & Kwak, K. S. (2014). Certificateless remote anonymous authentication schemes for wirelessbody area networks. IEEE Transactions on Parallel and Distributed Systems, 25(2), 332–342.
Liu, J., Li, Q., Yan, R., & Sun, R. (2015). Efficient authenticated key exchange protocols for wireless body area networks. EURASIP Journal on Wireless Communications and Networking, 2015(1), 1.
Liu, J., Zhang, L., & Sun, R. (2016). 1-RAAP: An efficient 1-round anonymous authentication protocol for wireless body area networks. Sensors, 16(5), 728. doi:10.3390/s16050728.
Liu, Z., Seo, H., Großschädl, J., & Kim, H. (2016). Efficient implementation of nist-compliant elliptic curve cryptography for 8-bit avr-based sensor nodes. IEEE Transactions on Information Forensics and Security, 11(7), 1385–1397.
Rashidi, P., & Mihailidis, A. (2013). A survey on ambient-assisted living tools for older adults. IEEE Journal of Biomedical and Health Informatics, 17(3), 579–590.
Sahoo, P. K. (2012). Efficient security mechanisms for mhealth applications using wireless body sensor networks. Sensors, 12(9), 12606–12633.
Sawand, A., Djahel, S., Zhang, Z., Naït-Abdesselam, F. (2014) Multidisciplinary approaches to achieving efficient and trustworthy ehealth monitoring systems. In 2014 IEEE/CIC international conference on communications in China (ICCC), pp. 187–192. IEEE
Shen, J., Tan, H., Moh, S., Chung, I., Liu, Q., & Sun, X. (2015). Enhanced secure sensor association and key management in wireless body area networks. Journal of Communications and Networks, 17(5), 453–462.
Siddiqui, Z., Abdullah, A. H., Khan, M. K., & Alghamdi, A. S. (2014). Smart environment as a service: Three factor cloud based user authentication for telecare medical information system. Journal of Medical Systems, 38(1), 1–14.
Varshney, U. (2005). Pervasive healthcare: Applications, challenges and wireless solutions. Communications of the Association for Information Systems, 16(1), 3.
Vijendra, S. (2011). Efficient clustering for high dimensional data: Subspace based clustering and density based clustering. Information Technology Journal, 10(6), 1092–1105.
Wang, D., & Wang, P. (2014). Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks. Ad Hoc Networks, 20, 1–15.
Wiener, M. J., & Zuccherato, R. J. (1998) Faster attacks on elliptic curve cryptosystems. In International workshop on selected areas in cryptography, pp. 190–200. Springer
Xia, Z., Wang, X., Zhang, L., Qin, Z., Sun, X., & Ren, K. (2016). A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Transactions on Information Forensics and Security, 11(11), 2594–2608.
Xiong, H., & Qin, Z. (2015). Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks. IEEE Transactions on Information Forensics and Security, 10(7), 1442–1455.
Zhao, Z. (2014). An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. Journal of medical systems, 38(2), 1–7.
Acknowledgements
This work was supported by the National Natural Science Foundation of China under Grant Nos. 61300220 & 61572013 & 61572188, the Scientific Research Fund of Hunan Provincial Education Department under Grant No. 16B089. Saru Kumari is sponsered by the University Grants Commission, India through UGC-BSR Start-up grant under Grant no. 3(A)(60)31.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Li, X., Ibrahim, M.H., Kumari, S. et al. Secure and efficient anonymous authentication scheme for three-tier mobile healthcare systems with wearable sensors. Telecommun Syst 67, 323–348 (2018). https://doi.org/10.1007/s11235-017-0340-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-017-0340-1