Hajian, R. ; ZakeriKia, S. ; Erfani, S. H. ; Mirabi, M. (2020)
SHAPARAK: Scalable healthcare authentication protocol with attack-resilience and anonymous key-agreement.
In: Computer Networks, 183
doi: 10.1016/j.comnet.2020.107567
Artikel, Bibliographie
Kurzbeschreibung (Abstract)
Security in wearable sensor networks and telecare medical information systems (TMIS) has turned to an issue of scholarly interest in recent years. Adequate security to agree on a temporary session key is essential for establishing a secure connection on various layers of the protocol stack in the Internet of Things (IoT) environments. Recently, Gupta et al. proposed a lightweight authentication and key agreement scheme for wearable sensing devices. Our analysis of Gupta et al.’s scheme revealed that it is insecure against privileged-insider attack, compromise sensing device, and desynchronization attacks in wearable sensor registration and login and authentication phases. In this paper, a Scalable Healthcare Authentication Protocol with Attack-Resilience and Anonymous Key-agreement, SHAPARAK, is proposed to overcome security flaws of existing schemes. The proposed protocol offers more scalability as it uses a public channel in the process of registration of each wearable sensing device. It also contains the password and biometrics changing phase without involvement of the trusted server. The security analysis of the proposed scheme is evaluated using the GNY logic, AVISPA tool, random oracle model, and informal security analysis. It is also shown that the proposed protocol is cost-efficient in terms of computation and communication overheads, compared to the existing schemes.
Typ des Eintrags: | Artikel |
---|---|
Erschienen: | 2020 |
Autor(en): | Hajian, R. ; ZakeriKia, S. ; Erfani, S. H. ; Mirabi, M. |
Art des Eintrags: | Bibliographie |
Titel: | SHAPARAK: Scalable healthcare authentication protocol with attack-resilience and anonymous key-agreement |
Sprache: | Englisch |
Publikationsjahr: | 24 Dezember 2020 |
Verlag: | Elsevier |
Titel der Zeitschrift, Zeitung oder Schriftenreihe: | Computer Networks |
Jahrgang/Volume einer Zeitschrift: | 183 |
DOI: | 10.1016/j.comnet.2020.107567 |
URL / URN: | https://www.sciencedirect.com/science/article/pii/S138912862... |
Kurzbeschreibung (Abstract): | Security in wearable sensor networks and telecare medical information systems (TMIS) has turned to an issue of scholarly interest in recent years. Adequate security to agree on a temporary session key is essential for establishing a secure connection on various layers of the protocol stack in the Internet of Things (IoT) environments. Recently, Gupta et al. proposed a lightweight authentication and key agreement scheme for wearable sensing devices. Our analysis of Gupta et al.’s scheme revealed that it is insecure against privileged-insider attack, compromise sensing device, and desynchronization attacks in wearable sensor registration and login and authentication phases. In this paper, a Scalable Healthcare Authentication Protocol with Attack-Resilience and Anonymous Key-agreement, SHAPARAK, is proposed to overcome security flaws of existing schemes. The proposed protocol offers more scalability as it uses a public channel in the process of registration of each wearable sensing device. It also contains the password and biometrics changing phase without involvement of the trusted server. The security analysis of the proposed scheme is evaluated using the GNY logic, AVISPA tool, random oracle model, and informal security analysis. It is also shown that the proposed protocol is cost-efficient in terms of computation and communication overheads, compared to the existing schemes. |
Freie Schlagworte: | Internet of things, Key agreement, Wearable sensing device, TMIS, Mutual Authentication, GNY logic |
Zusätzliche Informationen: | Art.No.: 107567 |
Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Data and AI Systems |
Hinterlegungsdatum: | 15 Feb 2023 12:57 |
Letzte Änderung: | 14 Jun 2023 09:23 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |