Secure-Anonymous User Authentication Scheme for e-Healthcare Application Using Wireless Medical Sensor Networks

Abstract

Wireless medical sensor networks are becoming very popular in improving the quality of the healthcare systems. Since the data to be handled are very sensitive, the exchange of information over insecure wireless channels can cause serious exposures. The authentication schemes to be employed with sensor networks should be handled with care because of the limited resources and energy available with the sensor nodes. Therefore, this study aims at improving existing authentication schemes by providing protection for healthcare infrastructures against potential, well-known attacks while minimizing the overhead. An anonymous-based user authentication scheme is presented to improve the security features, computation, and communication overhead of the wireless sensor networks. The proposed scheme uses improved elliptic curve cryptography and is secure against password guessing attacks and smart card lost/stolen verifier attacks, and also preserves user anonymity. Through the formal and informal security analyses, it is shown that the proposed scheme is secure against possible known attacks, including the password guessing attacks and smart card lost/stolen verifier attacks, and that it also preserves the user anonymity property. In addition, for the formal security verification, the proposed scheme is simulated using the widely accepted automated validation of internet security protocols and applications (AVISPA) tool. The proposed scheme provides high security along with incurring low computational and communication costs.