Context-aware anonymous authentication protocols in the internet of things dedicated to e-health applications

Abstract

Due to the emergence of the Internet of Things (IoT) era and the rapid technological advancements of wireless communications, Wireless body area network (WBAN) has been introduced as a pioneering key technology for the next generation ubiquitous healthcare systems. However, the open and dynamic nature of wireless sensor technologies makes both inter-sensor and sensor-controller communications vulnerable to several potential attacks, which significantly undermine the WBAN's efficiency and impede its further flourish. Specifically, the patient's sensitive data may be eavesdropped and linked to the identities of the sensors in transmission and thus revealing the patient's medical conditions. Therefore, in such resource-impoverished environment, anonymous authentication for sensor nodes while considering their stringent resource constraints is a paramount security concern. In this paper, we propose a context-aware and lightweight anonymous authentication and key agreement scheme for WBAN applications in emergency and normal situations. The proposed scheme provides selective anonymous authentication between nodes in WBAN while taking into account the dynamic context changes. Formal security analysis using the widely accepted Real-Or-Random (ROR) model, the Burrows-Abadi-Needham (BAN) logic, and the automated security protocol verification (Scyther) tool shows that the proposed scheme is secure against known attacks. From a performance perspective, we prove that the proposed key agreement protocols outperform benchmark schemes in terms of communication and computation overhead.