A Secure and Anonymous Authentication Protocol Based on Three-Factor Wireless Medical Sensor Networks

Abstract

Wireless medical sensor networks (WMSNs), a type of wireless sensor network (WSN), have enabled medical professionals to identify patients’ health information in real time to identify and diagnose their conditions. However, since wireless communication is performed through an open channel, an attacker can steal or manipulate the transmitted and received information. Because these attacks are directly related to the patients’ lives, it is necessary to prevent these attacks upfront by providing the security of WMSN communication. Although authentication protocols are continuously developed to establish the security of WMSN communication, they are still vulnerable to attacks. Recently, Yuanbing et al. proposed a secure authentication scheme for WMSN. They emphasized that their protocol is able to resist various attacks and can ensure mutual authentication. Unfortunately, this paper demonstrates that Yuanbing et al.’s protocol is vulnerable to smart card stolen attacks, ID/password guessing attacks, and sensor node capture attacks. In order to overcome the weaknesses and effectiveness of existing studies and to ensure secure communication and user anonymity of WMSN, we propose a secure and anonymous authentication protocol. The proposed protocol can prevent sensor capture, guessing, and man-in-the-middle attacks. To demonstrate the security of the proposed protocol, we perform various formal and informal analyses using AVISPA tools, ROR models, and BAN logic. Additionally, we compare the security aspects with related protocols to prove that the proposed protocol has excellent security. We also prove the effectiveness of our proposed protocol compared with related protocols in computation and communication costs. Our protocol has low or comparable computation and communication costs compared to related protocols. Thus, our protocol can provide services in the WMSN environment.