Abstract
Wearable health monitoring system (WHMS), which helps medical professionals to collect patients’ healthcare data and provides diagnosis via mobile devices, has become increasingly popular thanks to the significant advances in the wireless sensor network. Because health data are privacy-related, they should be protected from illegal access when transmitted over a public wireless channel. Recently, Jiang et al. presented a two-factor authentication protocol on quadratic residues with fuzzy verifier for WHMS. However, we observe that their scheme is vulnerable to known session special temporary information (KSSTI) attack, privileged insider attack, and denial-of-service (DoS) attack. To defeat these weaknesses, we propose an improved two-factor authentication and key agreement scheme for WHMS. Through rigorous formal proofs under the random oracle model and comprehensive informal security analysis, we demonstrate that the improved scheme overcomes the disadvantages of Jiang et al.’s protocol and withstands possible known attacks. In addition, comparisons with several relevant protocols show that the proposed scheme achieves more security features and has suitable efficiency. Thus, our scheme is a reasonable authentication solution for WHMS.
Highlights
At present, electronic-health (e-health) services are greatly promoted with the significant advances in computer science, wireless communication technologies, low-power sensors, and various security solutions [1,2,3,4,5,6,7,8] have been developed to build secure e-health systems
Kumar et al [24] suggested a user authentication protocol named E-SAP to monitor patient’s physiological data in wireless medical sensor network in 2012, claiming that their protocol was secure against known attacks
Challa et al [32] proposed an improved three-factor authenticated protocol for wireless healthcare sensor network to improve the security of Liu and Chung’s scheme [23]
Summary
Electronic-health (e-health) services are greatly promoted with the significant advances in computer science, wireless communication technologies, low-power sensors, and various security solutions [1,2,3,4,5,6,7,8] have been developed to build secure e-health systems. Kumar et al [24] suggested a user authentication protocol named E-SAP to monitor patient’s physiological data in wireless medical sensor network in 2012, claiming that their protocol was secure against known attacks Both He et al [25] and Khan and Kumari [26] scrutinized Kumar et al.’s scheme and found some security defects like password guessing attack and lack of user anonymity and put forward their improved versions, respectively. Challa et al [32] proposed an improved three-factor (password, smartcard, and biometrics) authenticated protocol for wireless healthcare sensor network to improve the security of Liu and Chung’s scheme [23] In their scheme the user communicates with the remote sensor directly which means power consumption of the sensor increases greatly, and the sensor’s lifetime will reduce rapidly.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
