Abstract
The advancement of Wireless Body Area Networks (WBAN) have led to significant progress in medical and health care systems. However, such networks still suffer from major security and privacy threats, especially for the data collected in medical or health care applications. Lack of security and existence of anonymous communication in WBAN brings about the operation failure of these networks. Recently, Li et al. proposed a lightweight protocol for wearable sensors in wireless body area networks. In their paper, the authors claimed that the protocol may provide anonymous mutual authentication and resist against various types of attacks. This study shows that such a protocol is still vulnerable to three types of attacks, i.e., the offline identity guessing attack, the sensor node impersonation attack and the hub node spoofing attack. We then present a secure scheme that addresses these problems, and retains similar efficiency in wireless sensors nodes and mobile phones.
Highlights
The advancement of electromedical technology has led to new research topics associated with wireless body area networks (WBANs)
An adversary may intrude a first level node first level nodes (FN) and read all data stored in it. Assuming that both the bottom level second level nodes (SN) and the top level hub node (HN) can be compromised by the adversary, the FN may not remain unintruded for all the time, especially an FN may be viewed as a smart phone or a smart watch which may be stolen
We demonstrated that Li’s protocol is broken and should not be used in any application implementation related to the WBAN
Summary
The advancement of electromedical technology has led to new research topics associated with wireless body area networks (WBANs). To guarantee a secure WBAN, a secure authentication key agreement protocol should be executed in advance of the communication We argue that this protocol still requires the user anonymity. Wu et al [12] presented their protocols to overcome some weakness founded in previous works Those protocols require the use of public key cryptography (either elliptic curve cryptography or bilinear pairing) in the sensor node yielding a heavy computation and storage bundle [13]. This study demonstrates that Li’s protocol is not secure while the first level node is being compromised Their approach fails to provide the node anonymity so that an attacker is able to track a second level node. We provide some security analysis on the improved scheme, and conclude the paper
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.