Abstract
Internet of Things (IoT) is a ubiquitous network that devices are interconnected and users can access those devices through the Internet. Recently, medical healthcare systems are combined with these IoT networks and provide efficient and ef-fective medical services to medical staff and patients. However, the security threats are increased simultaneously as the requirements of medical services in IoT medical environments are increased. It is essential to provide security of the networks from malicious attacks. In 2018, Roy et al. proposed a remote user authentication and key agreement scheme with biometrics in IoT medical environments. Unfortunately, we analyze Roy et al.’s scheme and demonstrate that their scheme does not withstand various attacks, such as replay attacks and password guessing attacks. Then we propose a user authentication scheme to overcome these security drawbacks. The proposed scheme withstands various attacks from adversaries in IoT medical environments and provide better security functionalities of those of Roy et al. We then prove the authentication and session key of the proposed scheme using BAN logic and analyze that our proposed scheme is secure against various attacks.
Highlights
With the rapid development of mobile devices and wireless networks, users can access various services conveniently at any time and anywhere [1], [2]
The proposed scheme withstands various attacks from adversaries in Internet of Things (IoT) medical environments and provide better security functionalities of those of Roy et al We prove the authentication and session key of the proposed scheme using BAN logic and analyze that our proposed scheme is secure against various attacks
The Dolev-Yao threat (DY) model [14] is widely used in evaluating the security of a protocol [15]
Summary
With the rapid development of mobile devices and wireless networks, users can access various services conveniently at any time and anywhere [1], [2] These changes affect the healthcare environment, enabling medical devices to communicate with each other and communicate that information to the users. There are many authentication schemes to provide security of users medical information. To provide user security against inside attackers, Chen et al proposed a dynamic ID-based authentication scheme for TMIS [12]. Roy et al [13] proposed a three factor remote user authentication scheme in IoT medical environments. They insisted that their scheme is resist to various attacks. We propose a secure three factor remote user authentication scheme to solve these security vulnerabilities
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have