Authentication is a security practice that seeks to validate a user identity to various entities, yet doing so across a wireless network poses inherent risks. Wireless Body Area Networks (WBANs) are a unique form of network that contains e-healthcare patient data, thus WBANs require a high level of privacy and security. There are several anonymous WBAN authentication systems in the literature, but this is the first paper to conduct a complete review of all the various schemes, then tabulate and compare the results. Doing so reveals a number of research avenues that need either greater depth, or systems development. This article presents a thorough taxonomy and survey of the anonymous authentication methods, illustrating the security services and vulnerabilities, and then the properties of an ideal anonymous authentication scheme. The various schemes reviewed are also classified by their main encryption algorithm, such as bilinear parings-based schemes, elliptic curve cryptography-based solutions, lattice-based methods, and XOR-based approaches. The main authentication capabilities, cryptographic features, security advantages, evaluation metrics, and shortcomings are all specified and discussed. A thorough comparison of anonymous authentication methods is presented to demonstrate each scheme's resistance to a variety of security threats. The study concludes that very few schemes have addressed the group authentication problem, which is very important in healthcare systems. Also, in the multi-factor authentication context, which provides a higher level of security, only 11% of the schemes used three factors, and 1% of them utilized four factors. Besides, DDoS attacks, as a growing concern in all computing environments, are handled by a narrow number of schemes. At last, a set of recommendations for further research based on identified literature gaps.
Read full abstract