Abstract

Internet of Things (IoT) is a ubiquitous network that devices are interconnected and users can access those devices through the Internet. Recently, medical healthcare systems are combined with these IoT networks and provide efficient and ef-fective medical services to medical staff and patients. However, the security threats are increased simultaneously as the requirements of medical services in IoT medical environments are increased. It is essential to provide security of the networks from malicious attacks. In 2018, Roy et al. proposed a remote user authentication and key agreement scheme with biometrics in IoT medical environments. Unfortunately, we analyze Roy et al.’s scheme and demonstrate that their scheme does not withstand various attacks, such as replay attacks and password guessing attacks. Then we propose a user authentication scheme to overcome these security drawbacks. The proposed scheme withstands various attacks from adversaries in IoT medical environments and provide better security functionalities of those of Roy et al. We then prove the authentication and session key of the proposed scheme using BAN logic and analyze that our proposed scheme is secure against various attacks.

Highlights

  • With the rapid development of mobile devices and wireless networks, users can access various services conveniently at any time and anywhere [1], [2]

  • The proposed scheme withstands various attacks from adversaries in Internet of Things (IoT) medical environments and provide better security functionalities of those of Roy et al We prove the authentication and session key of the proposed scheme using BAN logic and analyze that our proposed scheme is secure against various attacks

  • The Dolev-Yao threat (DY) model [14] is widely used in evaluating the security of a protocol [15]

Read more

Summary

INTRODUCTION

With the rapid development of mobile devices and wireless networks, users can access various services conveniently at any time and anywhere [1], [2] These changes affect the healthcare environment, enabling medical devices to communicate with each other and communicate that information to the users. There are many authentication schemes to provide security of users medical information. To provide user security against inside attackers, Chen et al proposed a dynamic ID-based authentication scheme for TMIS [12]. Roy et al [13] proposed a three factor remote user authentication scheme in IoT medical environments. They insisted that their scheme is resist to various attacks. We propose a secure three factor remote user authentication scheme to solve these security vulnerabilities

Threat model
Contributions
Paper Structure
Login phase
Registration phase
Authentication and key establishment phase
Reply attack
Offline password guessing attack
PROPOSED SCHEME
ANALYSIS
Security analysis against various attacks
Performance
CONCLUSIONS
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call