Secure and Efficient Cloud-based IoT Authenticated Key Agreement scheme for e-Health Wireless Sensor Networks

Abstract

With the advancement and innovations in mobile and wireless communication technologies including cloud computing and Internet of Things, the paradigms of dispensing heath-based services have massively transformed. The telecare medical information system (TMIS) or wireless body area networks technology frameworks facilitate patients to remotely receive medical treatment from physicians through the Internet without paying a visit to the hospital. In order to ensure the medical privacy of the patients and the verification of authenticity of all entities in TMIS-based system before exchange of sensitive credentials and diagnosis reports, many TMIS-based authentication protocols have been presented so far; however, there is a still need of more efficient and secure key agreements. Recently, Karthegaveni et al. demonstrated a remote health care monitoring protocol with the use of elliptic curve cryptography crypto-primitives. However, we discover many drawbacks in their protocol including replay attack, denial of service attack, lacking mutual authenticity between the client and server. Moreover, the scheme has several technical limitations. We propose an efficient and secure TMIS-based protocol employing lightweight symmetric key operations. The contributed model is proven by rigorous formal security analysis, while its security features are also validated under automated ProVerif tool. The proposed scheme supports 38% more security features on average than compared schemes. The performance evaluation also depicts that the demonstrated and comparative findings are in the favour of the proposed model.