TU Darmstadt / ULB / TUbiblio

SHAPARAK: Scalable healthcare authentication protocol with attack-resilience and anonymous key-agreement

Hajian, R. ; ZakeriKia, S. ; Erfani, S. H. ; Mirabi, M. (2020)
SHAPARAK: Scalable healthcare authentication protocol with attack-resilience and anonymous key-agreement.
In: Computer Networks, 183
doi: 10.1016/j.comnet.2020.107567
Artikel, Bibliographie

Kurzbeschreibung (Abstract)

Security in wearable sensor networks and telecare medical information systems (TMIS) has turned to an issue of scholarly interest in recent years. Adequate security to agree on a temporary session key is essential for establishing a secure connection on various layers of the protocol stack in the Internet of Things (IoT) environments. Recently, Gupta et al. proposed a lightweight authentication and key agreement scheme for wearable sensing devices. Our analysis of Gupta et al.’s scheme revealed that it is insecure against privileged-insider attack, compromise sensing device, and desynchronization attacks in wearable sensor registration and login and authentication phases. In this paper, a Scalable Healthcare Authentication Protocol with Attack-Resilience and Anonymous Key-agreement, SHAPARAK, is proposed to overcome security flaws of existing schemes. The proposed protocol offers more scalability as it uses a public channel in the process of registration of each wearable sensing device. It also contains the password and biometrics changing phase without involvement of the trusted server. The security analysis of the proposed scheme is evaluated using the GNY logic, AVISPA tool, random oracle model, and informal security analysis. It is also shown that the proposed protocol is cost-efficient in terms of computation and communication overheads, compared to the existing schemes.

Typ des Eintrags: Artikel
Erschienen: 2020
Autor(en): Hajian, R. ; ZakeriKia, S. ; Erfani, S. H. ; Mirabi, M.
Art des Eintrags: Bibliographie
Titel: SHAPARAK: Scalable healthcare authentication protocol with attack-resilience and anonymous key-agreement
Sprache: Englisch
Publikationsjahr: 24 Dezember 2020
Verlag: Elsevier
Titel der Zeitschrift, Zeitung oder Schriftenreihe: Computer Networks
Jahrgang/Volume einer Zeitschrift: 183
DOI: 10.1016/j.comnet.2020.107567
URL / URN: https://www.sciencedirect.com/science/article/pii/S138912862...
Kurzbeschreibung (Abstract):

Security in wearable sensor networks and telecare medical information systems (TMIS) has turned to an issue of scholarly interest in recent years. Adequate security to agree on a temporary session key is essential for establishing a secure connection on various layers of the protocol stack in the Internet of Things (IoT) environments. Recently, Gupta et al. proposed a lightweight authentication and key agreement scheme for wearable sensing devices. Our analysis of Gupta et al.’s scheme revealed that it is insecure against privileged-insider attack, compromise sensing device, and desynchronization attacks in wearable sensor registration and login and authentication phases. In this paper, a Scalable Healthcare Authentication Protocol with Attack-Resilience and Anonymous Key-agreement, SHAPARAK, is proposed to overcome security flaws of existing schemes. The proposed protocol offers more scalability as it uses a public channel in the process of registration of each wearable sensing device. It also contains the password and biometrics changing phase without involvement of the trusted server. The security analysis of the proposed scheme is evaluated using the GNY logic, AVISPA tool, random oracle model, and informal security analysis. It is also shown that the proposed protocol is cost-efficient in terms of computation and communication overheads, compared to the existing schemes.

Freie Schlagworte: Internet of things, Key agreement, Wearable sensing device, TMIS, Mutual Authentication, GNY logic
Zusätzliche Informationen:

Art.No.: 107567

Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Data and AI Systems
Hinterlegungsdatum: 15 Feb 2023 12:57
Letzte Änderung: 14 Jun 2023 09:23
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen