An elliptic curve cryptography based enhanced anonymous authentication protocol for wearable health monitoring systems

Abstract

The innovations in the field of wearable medical devices, wireless communication and low cost cloud computing aid the wireless body area network (WBAN) to become a prominent component of future healthcare systems. WBAN consists of medical sensors, which continuously monitor the patients’ vital signs and transfers this data to the remote medical server via the cloud. The continuous monitoring of the patients’ health data improves the quality of the medical service and also provides the source for future medical diagnosis. The medical information collected from WBAN is generally transmitted through wireless channel and therefore vulnerable to various information attacks. In this context, medical data security and privacy are key issues; hence there is a requirement of lightweight end-to-end authentication protocol to ensure secure communication. Recently, Li et al. presented a lightweight end-to-end authentication protocol for WBAN based on elliptic curve cryptography (ECC). However, through cryptanalysis, some security loopholes are found in this protocol. In this paper, an enhanced lightweight ECC based end-to-end authentication protocol is proposed to overcome the security vulnerabilities of Li et al.’s scheme. Further, the formal security analysis of the proposed scheme is done using BAN logic and AVISPA tool. The comparative analysis shows that the proposed scheme not only removes the security loopholes of Li et al.’s scheme but also reduces the overall complexity.