Securing Cloud-based Healthcare Applications with a Quantum-resistant Authentication and Key Agreement Framework

Abstract

A biosensor is a method for transmitting various physical phenomena, such as body temperature, electrocardiogram (ECG), pulse, blood pressure, electroencephalogram (EEG), and respiratory rate. This transmission occurs through the utilization of a Wireless Body Area Network (WBAN) when remotely diagnosing patients via Internet-of-Medical-Things (IoMT). However, the transmission of sensitive data from IoMT through WBAN via an insecure channel exposes it to various threats, necessitating the implementation of robust measures to guarantee security against potential adversaries. To address the security concerns associated with patient monitoring in healthcare systems and achieve the necessary security and privacy requirements during communication, a robust authentication framework is indispensable. Hence, it introduces an agile and robust post-quantum authentication framework for cloud-based healthcare applications, effectively mitigating the vulnerabilities identified in the recent literature. This framework is designed to protect against quantum attacks using the Kyber. A formal security verification of the proposed protocol is presented using AVISPA, as well as informally. Additionally, a comparison with the previous works is made regarding both performance and security. The comparison results conclusively show that our proposed framework is better regarding both measures.