Abstract
The use of wireless medical sensor networks (WMSN) in healthcare has led to a significant progress in this area. WMSN can sense patients’ vital signs and transmit sensed signals to health monitoring devices. Health professionals can monitor the status of patients. Confidentiality and patient privacy are the main concern for the WMSN in health care. Recently, He et al. proposed an authentication protocol for the healthcare applications using WMSN. In this paper, we show that He et al.’s scheme is insecure against various attacks. We also present an improved scheme. In the security analysis, we demonstrate that our scheme is secured against various attacks. We use the BAN logic to prove the correctness of the proposed scheme. As a result, the proposed protocol is practical for healthcare applications.
Similar content being viewed by others
References
Halteren AV, Bults R, Wac K, Konstantas D, Widya I, Dokovsky N, Koprinkon G, Jones V, Jerzog R (2004) Mobile patient monitoring: the mobihealth system. J Inform Tech Healthc 2:365–373
Chen BR, Peterson G, Mainland G, Welsh M (2008) Using passive monitoring to reconstruct sensor network dynamics. In Proceedings of the 4th IEEE International Conference on Distributed Computing in Sensor System (DCOSS’08), Santorini Island, Greece, 11–14 June. 10.1007/978-3-540-69170-9_6
Dimitriou T, Loannis K (2008) Security issues in biomedical wireless sensor networks. In Proceedings of the 1st International Symposium on Applied Sciences on Biomedical and Communication Technologies (ISABEL’08), Aalborg, Denmark, 978-1-4244-2647-8. 10.1109/ISABEL.2008.4712577
Kumar P, Lee HJ (2012) Security issues in healthcare applications using wireless medical sensor networks: a survey. Sensors 12:55–91
Malasri K, Wang L (2009) Design and implementation of a secure wireless mote-based medical sensor network. Sensors 9:6273–6297
Benenson Z, Gedicke N, Raivio O, Realizing robust user authentication in sensor networks. In Proceedings of the Workshop on Real-World Wireless Sensor Network (REALWSN’05), (2005) Stockholm, Sweden
Arshad H, Nikooghadam M (2015) Security analysis and improvement of two authentication and key agreement schemes for session initiation protocol. J Supercomput. doi:10.1007/s11227-015-1434-8
Le XH, Khalid M, Sankar R, Lee S (2011) An efficient mutual authentication and access control scheme for wireless sensor networks in healthcare. J Netw 6:355–364
Das ML (2009) Two-factor user authentication in wireless sensor networks. IEEE Trans Wirel Commun 8:1086–1090
Nyang D, Lee M (2009) Improvement of Das’s two-factor authentication protocol in wireless sensor networks. Cryptol ePrint Arch 2009:631
Huang H, Chang Y, Liu C (2010) Enhancement of two-factor user authentication in wireless sensor networks. In Proceedings of the 6th international conference on intelligent information hiding and multimedia signal processing (IIHMSP’10). 27–30, 10.1109/IIHMSP.2010.14.
Chen H, Shih W (2010) A robust mutual authentication protocol for wireless sensor networks. ETRI J 32:704–712
Khan MK, Alghathbar K (2010) Cryptanalysis and security improvement of ‘two-factor user authentication in wireless sensor networks’. Sensors 10:2450–2459
He D, Zhang Y, Chen J (2014) Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wirel Pers Commun 74(2):229–243
Arshad H, Nikooghadam M (2014) Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems. J Med Syst 38(12):1–12. doi:10.1007/s10916-014-0136-8
Arshad H, Teymoori V, Nikooghadam M, Abbassi H (2015) On the security of a two-factor authentication and key agreement scheme for telecare medicine information systems. J Med Syst. doi:10.1007/s10916-015-0259-6
Kumar P, Lee SG, Lee HJ (2012) E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors 12:1625–1647. doi:10.3390/s120201625
He D, Kumar N, Chen J, Lee CC, Chilamkurti N, Yeo SS (2013) Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Systems. doi:10.1007/s00530-013-0346-9
Ping ZL, Yi W (2010) An ID-based authenticated key agreement protocol for wireless sensor networks. J Commun 5:620–626
Chen C, He D, Chan S, Bu J, Gao Y, Fan R (2010) Lightweight and provably secure user authentication with anonymity for the global mobility network. Int J Commun Syst. doi:10.1002/dac.1158
Witteman M (2002) Advances in smartcard security. Inf Secur Bull 11–22:2002
Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
Wang B, Li ZQ (2006) A forward-secure user authentication scheme with smart cards. Int J Netw Secur 3(2):116–119
Mir O, Van der Weide T, Lee CC (2015) A secure user anonymity and authentication scheme using AVISPA for telecare medical information systems. J Med Syst. doi:10.1007/s10916-015-0265-8
Mir O, Nikooghadam M (2015) A secure biometrics based authentication with key agreement scheme in telemedicine networks for e-health services. Wirel Pers Commun. doi:10.1007/s11277-015-2538-4
Das AK (2015) A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Netw Appl. doi:10.1007/s12083-014-0324-9
Arshad H, Nikooghadam M (2014) An efficient and secure authentication and key agreement scheme for session initiation protocol using ECC. Multimedia Tools Appl. doi:10.1007/s11042-014-2282-x
Sarkar P (2010) A simple and generic construction of authenticated encryption with associated data. ACM Trans Inf Syst Secur 13(4):33
Wu S, Chen K (2012) An efficient key-management scheme for hierarchical access control in e-medicine system. J Med Syst 36(4):2325–2337
Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8:18–36
Kumar P, Lee HJ (2011) Cryptanalysis on two user authentication protocols using smart card or wireless sensor networks. In Proceedings of the IEEE Wireless Advanced (WiAd), London, UK, 20–22 June pp. 241–245
Li CT, Weng CY, Lee CC (2013) An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks. Sensors 13(8):9589–9603
Li CT, Lee CC, Weng CY, Fan CI (2013) An extended multi-server-based user authentication and key agreement scheme with user anonymity. KSII Trans Internet Inf Syst 7:119–131
Li CT (2013) A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card. IET Inf Secur 7:3–10
Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323
He D, Gao Y, Chan S, Chen C, Bu J (2010) An enhanced two-factor user authentication scheme in wireless sensor networks. Ad Hoc Sens Wirel Netw 10:1–11
Li C, Hwang M, Chung Y (2008) A secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks. Comput Commun 31
He D, Kumar N, Chilamkurti N (2015) A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf Sci. doi:10.1016/j.ins.2015.02.010
Schwartz M (1988) Telecommunication networks: protocols, modeling and analysis, Reading, Massachusetts. Addison-Wesley, Wokingham
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Mir, O., Munilla, J. & Kumari, S. Efficient anonymous authentication with key agreement protocol for wireless medical sensor networks. Peer-to-Peer Netw. Appl. 10, 79–91 (2017). https://doi.org/10.1007/s12083-015-0408-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-015-0408-1