Abstract
Wireless body area networks (WBANs) guarantee timely data processing and secure information preservation within the range of the wireless access network, which is in urgent need of a new type of security technology. However, with the speedy development of hardware, the existing security schemes can no longer meet the new requirements of anonymity and lightweight. New solutions that do not require complex calculations, such as certificateless cryptography, attract great attention from researchers. To resolve these difficulties, Wang et al. designed a new authentication architecture for the WBANs environment, which was claimed to be secure and efficient. However, in this paper, we will show that this scheme is prone to ephemeral key leakage attacks. Further, based on this authentication scheme, an anonymous certificateless scheme is proposed for lightweight devices. Meanwhile, user anonymity is fully protected. The proposed scheme is proved to be secure under a specific security model. In addition, we assess the security attributes our scheme meets through BAN logic and Scyther tool. The comparisons of time consumption and communication cost are given at the end of the paper, to demonstrate that our scheme performs prior to several previous schemes.
Similar content being viewed by others
References
Zimmerman T G. Personal area networks: near-field intrabody communication. IBM Systems Journal, 1996, 35(3–4): 609–617
El-Bendary M A M, Kasban H, Haggag A, El-Tokhy M A R. Investigating of nodes and personal authentications utilizing multimodal biometrics for medical application of WBANs security. Multimedia Tools and Applications, 2020, 79(33–34): 24507–24535
Li X, Ibrahim M H, Kumari S, Sangaiah A K, Gupta V, Choo K K R. Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Computer Networks, 2017, 129: 429–443
Koya A M, Deepthi P P. Anonymous hybrid mutual authentication and key agreement scheme for wireless body area network. Computer Networks, 2018, 140: 138–151
Chen C-M, Xiang B, Wu T-Y, Wang K-H. An anonymous mutual authenticated key agreement scheme for wearable sensors in wireless body area networks. Applied Sciences, 2018, 8(7): 1074
Jiang Q, Lian X, Yang C, Ma J, Tian Y, Yang Y. A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth. Journal of Medical Systems, 2016, 40(11): 231
Wang C, Zhang Y. New authentication scheme for wireless body area networks using the bilinear pairing. Journal of Medical Systems, 2015, 39(11): 136
Ibrahim M H, Kumari S, Das A K, Wazid M, Odelu V. Secure anonymous mutual authentication for star two-tier wireless body area networks. Computer Methods and Programs in Biomedicine, 2016, 135: 37–50
Shen J, Chang S. Certificateless authentication protocol for wireless body area network. In: Proceedings of the 10th International Conference on Genetic and Evolutionary Computing. 2016, 29–35
Hu C, Li H, Huo Y, Xiang T, Liao X. Secure and efficient data communication protocol for wireless body area networks. IEEE Transactions on Multi-Scale Computing Systems, 2016, 2(2): 94–107
Shuai M, Liu B, Yu N, Li X. Lightweight and secure three-factor authentication scheme for remote patient monitoring using on-body wireless networks. Security and Communication Networks, 2019, 2019: 8145087
Mo J, Hu Z, Lin Y. Cryptanalysis and security improvement of two authentication schemes for healthcare systems using wireless medical sensor networks. Security and Communication Networks, 2020, 2020: 5047379
Subramani J, Maria A, Rajasekaran A S, Al-Turjman F. Lightweight privacy and confidentiality preserving anonymous authentication scheme for WBANs. IEEE Transactions on Industrial Informatics, 2022, 18(5): 3484–3491
Kumar M, Chand S. A lightweight cloud-assisted identity-based anonymous authentication and key agreement protocol for secure wireless body area network. IEEE Systems Journal, 2021, 15(2): 2779–2786
Irshad A, Chaudhry S A, Alomari O A, Yahya K, Kumar N. A novel pairing-free lightweight authentication protocol for mobile cloud computing framework. IEEE Systems Journal, 2021, 15(3): 3664–3672
He D, Zeadally S, Kumar N, Lee J-H. Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal, 2017, 11(4): 2590–2601
Liu J, Zhang Z, Chen X, Kwak K S. Certificateless remote anonymous authentication schemes for wirelessbody area networks. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(2): 332–342
Chen Y, Chen J. An efficient and privacy-preserving mutual authentication with key agreement scheme for telecare medicine information system. Peer-to-Peer Networking and Applications, 2022, 15(1): 516–528
Wu T-Y, Wang T, Lee Y-Q, Zheng W, Kumari S, Kumar S. Improved authenticated key agreement scheme for fog-driven IoT healthcare system. Security and Communication Networks, 2021, 2021: 6658041
Jia X, He D, Kumar N, Choo K K R. Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Networks, 2019, 25(8): 4737–4750
Alanazi M, Nashwan S. Secure and anonymous three-factor authentication scheme for remote healthcare systems. Computer Systems Science and Engineering, 2022, 42(2): 703–725
Wang Y M, Liu Y. RC2PAS: revocable certificateless conditional privacy-preserving authentication scheme in WBANs. IEEE Systems Journal, 2022, 16(4): 5675–5685
Swanson C, Jao D. A study of two-party certificateless authenticated key-agreement protocols. In: Proceedings of the 10th International Conference on Cryptology in India. 2009, 57–71
Burrows M, Abadi M, Needham R. A logic of authentication. ACM Transactions on Computer Systems, 1990, 8(1): 18–36
Shan C, Hu K, Xue J, Hu C, Ma R. A secure pairing-free certificate-less authenticated key agreement protocol. In: Proceedings of the 1st International Conference on Real Time Intelligent Systems. 2016, 205–216
Wang W, Huang H, Xiao F, Li Q, Xue L, Jiang J. Computation-transferable authenticated key agreement protocol for smart healthcare. Journal of Systems Architecture, 2021, 118: 102215
Rana S, Obaidat M S, Mishra D, Mishra A, Rao Y S. Efficient design of an authenticated key agreement protocol for dew-assisted IoT systems. The Journal of Supercomputing, 2022, 78(3): 3696–3714
Xu Y, Zhou Y, Yang B, Qiao Z, Wang Z, Xia Z, Zhang M. An efficient identity authentication scheme with provable security and anonymity for mobile edge computing. IEEE Systems Journal, 2023, 17(1): 1012–1023
Acknowledgements
This work was supported by the National Natural Science Foundation of China (Grant Nos. 61872449, 62172433, 62072093, 62125205) and the Science Foundation for the Excellent Youth Scholars of Henan Province (No. 222300420099).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Competing interests The authors declare that they have no competing interests or financial conflicts to disclose.
Additional information
Yuqian Ma received her BS degree from Information Engineering University, China in 2021. She is currently working toward the MS degree in Information Engineering University, China. Her research interests include authentication and security protocol.
Wenbo Shi received the MS and PhD degrees from Inha University, Republic of Korea in 2007 and 2010, respectively. Currently, he is a professor with Northeastern University, China. His research interests include cryptographic protocol, cloud computing security, artificial intelligence security, data security and privacy protection, and denial of service attack defense.
Xinghua Li received the ME and PhD degrees in computer science from Xidian University, China in 2004 and 2007, respectively. He is currently a professor in the School of Cyber Engineering, Xidian University, China. His research interests include wireless networks security, privacy protection, cloud computing, and security protocol formal methodology. He is a member of the IEEE.
Qingfeng Cheng received the MS degree from National University of Defense Technology, China in 2004 and PhD degree from Information Engineering University, China in 2011. He is now a professor in Information Engineering University, China. His research interests include cryptography and information security.
Electronic supplementary material
Rights and permissions
About this article
Cite this article
Ma, Y., Shi, W., Li, X. et al. Provable secure authentication key agreement for wireless body area networks. Front. Comput. Sci. 18, 185811 (2024). https://doi.org/10.1007/s11704-023-2548-4
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11704-023-2548-4