An efficient authentication and key agreement scheme for e-health applications in the context of internet of things

Abstract

E-health applications are one of the most promising applications in the context of internet of things (IoT). Nevertheless, resource constraints and security issues in IoT are the main barriers for their deployment. Among security issues, authentication and data confidentiality are required to secure e-health applications. In this paper, we propose a new authentication and key agreement scheme for e-health applications in the context of IoT. This scheme allows a sensor node, a gateway node, and a remote user to authenticate each other and secure the collection of health-related data. The proposed scheme is based on lightweight symmetric cryptography since it uses nonces, exclusive-or operations, and simple hash functions. Besides, it takes into consideration the sensors location to provide an efficient authentication. To assess the proposed scheme, we conduct a theoretical and an automated security analysis using AVISPA tool. The results show that our scheme preserves the security properties, and ensures resilience against different types of attacks. In addition, we evaluate and compare both communication and computational costs with some existing authentication schemes. The obtained results prove that it provides authentication with low energy cost.