Loading…
SHAPARAK: Scalable healthcare authentication protocol with attack-resilience and anonymous key-agreement
Security in wearable sensor networks and telecare medical information systems (TMIS) has turned to an issue of scholarly interest in recent years. Adequate security to agree on a temporary session key is essential for establishing a secure connection on various layers of the protocol stack in the In...
Saved in:
Published in: | Computer networks (Amsterdam, Netherlands : 1999) Netherlands : 1999), 2020-12, Vol.183, p.107567, Article 107567 |
---|---|
Main Authors: | , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Security in wearable sensor networks and telecare medical information systems (TMIS) has turned to an issue of scholarly interest in recent years. Adequate security to agree on a temporary session key is essential for establishing a secure connection on various layers of the protocol stack in the Internet of Things (IoT) environments. Recently, Gupta et al. proposed a lightweight authentication and key agreement scheme for wearable sensing devices. Our analysis of Gupta et al.’s scheme revealed that it is insecure against privileged-insider attack, compromise sensing device, and desynchronization attacks in wearable sensor registration and login and authentication phases. In this paper, a Scalable Healthcare Authentication Protocol with Attack-Resilience and Anonymous Key-agreement, SHAPARAK, is proposed to overcome security flaws of existing schemes. The proposed protocol offers more scalability as it uses a public channel in the process of registration of each wearable sensing device. It also contains the password and biometrics changing phase without involvement of the trusted server. The security analysis of the proposed scheme is evaluated using the GNY logic, AVISPA tool, random oracle model, and informal security analysis. It is also shown that the proposed protocol is cost-efficient in terms of computation and communication overheads, compared to the existing schemes. |
---|---|
ISSN: | 1389-1286 1872-7069 |
DOI: | 10.1016/j.comnet.2020.107567 |