Abstract

As an extension of the 4G system, 5G is a new generation of broadband mobile communication with high speed, low latency, and large connection characteristics. It solves the problem of human-to-thing and thing-to-thing communication to meet the needs of intelligent medical devices, automotive networking, smart homes, industrial control, environmental monitoring, and other IoT application needs. This has resulted in new research topics related to wireless body area networks. However, such networks are still subject to significant security and privacy threats. Recently, Fotouhi et al. proposed a lightweight and secure two-factor authentication protocol for wireless body area networks in medical IoT. However, in this study, we demonstrate that their proposed protocol is still vulnerable to sensor-capture attacks and the lack of authentication between users and mobile devices. In addition, we propose a new protocol to overcome the limitations mentioned above. A detailed comparison shows that our proposed protocol is better than the previous protocols in terms of security and performance.

Highlights

  • Since the beginning of human civilization, the efficient and fast transmission of information has always been an unswerving pursuit for mankind

  • From cell towers to radio, from telephones to mobile Internet, the speed of modern technology development has always depended on the speed of information dissemination, and new ways of information dissemination often bring about radical changes in society. 5G is the current stage of progress in the latest wave of mobile communication [1]. 5G is a new generation of broadband mobile communication with high speed, low latency, and large connection characteristics

  • We first demonstrate that Fotouhi et al.’s proposed protocol [22] is still vulnerable to sensor-capture attacks. Their proposed protocol fails to provide authentication between users and mobile devices. To overcome these security pitfalls, we propose a secure and efficient AKA protocol for wireless body area network (WBAN). e security analysis shows that our proposed protocol is secure

Read more

Summary

Introduction

Since the beginning of human civilization, the efficient and fast transmission of information has always been an unswerving pursuit for mankind. We first demonstrate that Fotouhi et al.’s proposed protocol [22] is still vulnerable to sensor-capture attacks Their proposed protocol fails to provide authentication between users and mobile devices. If the vResr ificBa1t1i⊕ohn(SGk iRsg)⊕Ry′paanssdedo,btainsitthe calculates session key SKg h(Ru⊕HPWi Rg Rs) It further verifies the correctness of B12, generates a new CID′i for Ui, stores QIDk′ and Rz′, and replaces Ry′ and h(Rx) with Ry and. 3. Cryptanalysis of Fotouhi et al.’s Protocol is section shows that Fotouhi et al.’s protocol [22] is vulnerable to sensor-capture attacks and a lack of authentication between users and mobile devices. A does not need to capture a mobile device because the attacker can eavesdrop the M1 between any user and GWj and send M1 to GWj. e scenario mentioned above illustrates two weaknesses in Fotouhi et al.’s proposed protocol. Owing to the limited computing power of a gateway, if an attacker has been sending a large number of error messages to a gateway through multiple mobile devices, the gateway may be paralyzed and unable to respond to the requests of other users, which will result in immeasurable losses in medical Internet environments

The Improved Protocol
Security Analysis
Security and Performance Comparisons
Findings
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.