Computationally efficient mutual authentication protocol for remote infant incubator monitoring system

Internet of Things (IoT), cloud computing and wireless medical sensor networks have significantly improved remote healthcare monitoring. In a healthcare monitoring system, many resource-limited sensors are deployed to sense, process and communicate the information. However, continuous and accurate operations of these devices are very important, especially in the infant incubator monitoring system. Because important decisions are made on the received information. Therefore, it is necessary to ensure the authenticity between the incubator monitoring system and doctors. In this work, a public key encryption based computationally efficient mutual authentication protocol is proposed for secure data transmission between incubator monitoring systems and doctors or administrators. The proposed protocol improves performance and reduces the computational cost without compromising the security. The security analysis part shows the strength of the proposed protocol against various attacks, performance analysis part shows that the proposed protocol performs better than other existing protocol based on Rivest–Shamir–Adleman and elliptic-curve cryptography schemes.

Nomenclature Symbol d security parameters P sys system parameters (PRI, PUB) private and public keys (msg) original message (CT) ciphertext msg max maximum length of the message A and B users in the system e PUB A , e PUB B encryption process using users public key d PRI A , d PRI B decryption process using users private key msg A , msg B received messages after decryption 1. Introduction: In the European countries, women, those who are working up to 40 h and above in a week and those who are travelling long distances to work, they are giving birth to premature babies [1]. Also, babies are having more feeding and breathing problems. A baby born before 37 weeks is called a premature baby. In the US, about one in ten babies is born before 37 weeks in each year [2,3]. Early born babies may easily get affected by a lot of health issues [4]. Therefore, they need to stay longer days in the hospital than normal babies. However, some premature babies need to take care of using the incubator system in the hospital to avoid health issues. In recent days, due to the development of advanced technologies, more several premature babies are surviving than the early days.
In the hospitals, the doctors and nurses are required to monitor the premature babies in the incubator all the time manually [1,2], i.e. the presence of a doctor or a nurse is always required and they need to continuously monitor the health status of an infant in the incubator [5][6][7]. However, doctors and nurses need to do other works in the hospital at the same time. So, there is a need for efficient infant incubator monitoring system to overcome the above problems by using a wireless medical sensor network [8][9][10]. It is capable of collecting and transmitting medical information to the doctors and relatives, who are in a remote location. However, data transmission through wireless medical sensor networks has affected by many security problems [11][12][13], such as data security (data integrity, data usability, data auditing) and privacy (patient information). Therefore, it is necessary to provide secure data transmission and user authentication in a resourcelimited environment.
The main objective of the proposed infant incubator monitoring system is † To propose a new encryption scheme and use it to construct a computationally efficient mutual authentication protocol. † To provide secure data transmission between the incubator system and doctors or administrators in the hospital to avoid replay attack, impersonation attack and man in the middle attack. † Implementation of a remote infant incubator monitoring system that primarily addresses continuous physical monitoring can significantly reduce doctors and nurses' participation and enable doctors and families to access baby health information anytime and anywhere securely.
The rest of this Letter is organised as follows: Section 2 describes the related works. The preliminaries are described in Section 3. The proposed remote incubator monitoring system presented in Section 4. Section 5 analyses the computational cost. Section 6 describes the security analysis. Section 7 describes the public-key and ciphertext size optimisation. Section 8 presents the performance analysis and results of our proposed scheme with existing schemes. Section 9 gives the conclusion of our work.
2. Related works: Many of the infant incubator systems only show the temperature and other important parameter in the display, which is fixed in the incubator system [4]. The collected information from the sensor cannot transfer to the remote places and the incubator system cannot control from the remote places by using the existing system.
In the United States, New Orleans hospital introduced a new mobile application to monitor the premature babies in the incubator system by the parent and their relatives through the web cameras fixed in the incubator [14]. Through this system, parents can see their babies and also they can monitor important parameters that affect the early born babies. The early born babies need to spend one week to one month in an incubator system for normal growth and to avoid other health problems. Some of the existing incubator systems that measure the temperature, humidity and pulse rate and it is transferred to the doctors and parent through the mobile application [15]. Also, it will give the emergency alarm to the doctors and parent in case of an abnormal condition.
At the hospital, doctors can check the health status of the infant by using wireless medical sensor networks. Body temperatures, blood pressure, heartbeat, pulse rate and sugar level are the important parameters used to check the health status of the infant [16]. In recent days, researchers working towards to develop the wireless sensor network based health monitoring system. There are lots of challenges when transferring medical data through wireless medical sensor networks. The challenges are reliable data transmission, time of data delivery, secure data transmission, power management and so on, one of the important challenges in the wireless medical sensor network is data security, and it will affect the infant privacy [17]. If health details of the infant are leaked or eavesdropped by intruders, then it will create problems for the infant and doctors. Thus the use of infant health details by intruders can cause life-threatening risks to the infant and make the infant private matters publicly available [18].

Preliminaries
3.1. Internet of Things (IoT) in medical applications: IoT-based medical applications depend on different types of medical sensor devices and modern technologies, as shown in Fig. 1. For example, the medical information of the baby in the incubator is measured and it is communicated to remote users. IoT-based wireless medical sensor networks consist of sensor devices, cloud server and users.
Medical sensor devices: Resource-limited devices which collect the information from the infant incubator system and it is communicated to the cloud server. But, to create a secure channel between sensor devices and cloud server, the medical sensor devices need to authenticate. Otherwise, the transferred information from the sensor is not trusted. Cloud server: Receives data from the medical sensor devices and it gives the services to the authorised user after the data processing. To avoid the monitoring of medical information by the unauthorised users, the server needs to authenticate. Users: Persons who get the services form the cloud server for monitoring the infant incubator system and also to control the incubator system. 4. Proposed system: The proposed remote infant incubator monitoring system mainly consists of various sensors to measure values of important parameters of premature babies. The incubator system used to monitor and control the temperature, humidity level and pulse rate of babies in the incubator. The system is designed to send all the sensed information from the incubator to doctors, parents and their relatives. Similarly, doctors can send control information to incubators in a secure manner using IoT.
In an IoT environment, the energy limited wireless medical sensors are interacting with central servers. However, the energy limited sensors need to transmit a large amount of data and it should produce high efficiency with a reasonable computational cost. Therefore the proposed computationally efficient mutual authentication protocol is used to provide better data security as well as performance.
In this proposed scheme, a new encryption scheme and mutual authentication protocol was developed for the energy limited wireless medical sensor networks and low power networks that are implemented in remote infant incubator monitoring system. The proposed encryption scheme permits medical sensors to do a large number of computations efficiently with less time. The new encryption scheme based mutual authentication protocol performs well in terms of usability, ciphertext size and efficiency when compared to other conventional authentication schemes.
The proposed encryption scheme converts the original message into a ciphertext size of 274 bits, but the conventional encryption scheme gives the ciphertext with the size of 1172 bits. The ciphertext size is 898 bits lesser than the conventional encryption scheme. Also, the developed encryption scheme does not require the support of the trusted third party during the system initialisation. The four main modules of the proposed system can be described below:  The algorithm takes the security parameters 'd' as an input; it selects the database as m, n, o, x, y, z and msg max where m, n are the co-primes, msg max is the maximum length of the message, y is the number of dimensions and z is the public key vector.
The system setup algorithm generates system parameters P sys as output m, n, o, x, y, z and msg max . † Key generation algorithm: This algorithm used to generate private and public keys (PRI, PUB) by using system parameter P sys as an input.
The algorithm randomly chooses the integer l and the value of the integer is 2 ≤ l ≤ z.
Again, it chooses the random integer l and computes the ciphertext as CT = CT + PUB l,g = g + PUB l−1,n The algorithm repeats the procedure for the x − 1 times and computes the ciphertext as CT = CT + (msg − g)PUB 1 mod (m) (8) † Decryption algorithm: It takes the ciphertext CT = (ct 1 , ct 2 , . . . , ct n ), which is generated by using the receiver's public key PUB = (PUB 1 , PUB 2 , . . . , PUB z ) (9) Once, the cipher text received by the receiver then it is decrypted by using a receiver private key The original message can be computed from the ciphertext as msg = k 1 ct 1 + k 2 ct 2 + · · · + k n ct n mod (m) 4.3. Proposed computationally efficient mutual authentication protocol: The proposed mutual authentication protocol constructed based on new encryption scheme. It provides mutual authentication between an infant incubator monitoring system and users. It uses ANSI/IEEE 1073: Medical Information Bus (MIB) for communication between the incubator and users. Normally, the encryption scheme is used to send the credentials to the users for checking the legitimacy. The proposed authentication protocol is an n-round protocol. The number of rounds depends on the security level and system parameters of the encryption method.
The new encryption scheme can be used for a different set of parameters. But, large parameter value needs more computational cost and more storage space. In medical applications, resourcelimited wireless medical sensors are used to transmit the sensed information. Therefore, it is necessary to use computationally efficient protocol for transmitting the medical data without compromising the security level. Small parameters can be used instead of large parameters to reduce the computational cost and storage space.
To overcome the above problem, large size messages are separated into small pieces and every small massage is encrypted by using a new encryption scheme with the help of the receiver's public key. The proposed mutual authentication scheme consists of four essential algorithms such as a system setup algorithm, key generation algorithm, initialisation algorithm and authentication algorithm. † System setup algorithm: The algorithm considers the security parameters 'δ' as an input and it gives system parameters as the output. The output parameters are m, n, o, x, y, z, N and msg max , where n, N denotes the number of rounds and nonce used in the encryption scheme. † Key generation algorithm: The algorithm considers the system output parameters as an input and it generates the pair of private and public keys as an output (PRI, PUB). The private and public keys are (PRI, PUB) = ((k 1 , k 2 , . . . , k n ), (PUB 1 , PUB 2 , . . . , PUB z )) (12) † Initialisation algorithm: To create a session between the infant incubator monitoring system and users, the algorithm considers the credential of the users (e.g. users 'A' and 'B') and the public keys (PUB A , PUB B ) of the users as an input. It exchanges the credentials, the public keys of the users in a secure manner by using a secure socket layer.
After that, the user 'A' sends this ciphertext to the user 'B'. Once the ciphertext received by the user B, it tries to decrypt it by using its own private key (PRI B ).
If msg A = msg A , then it accepts the message, otherwise it rejects and terminates the connection. User B randomly chooses the nonce N B1 and generate the ciphertext as Then the user B sends this ciphertext to the user A. Once the ciphertext received by the user A, it decrypts the CT 2 by using its own private PRI A key, i.e.
If msg B = msg B × N A , then the user 'A' accepts the message, otherwise it terminates the connection. For transmitting the second message user 'A' chooses the nonce N A2 , it encrypts the message and generates ciphertext as and user 'A' sends this ciphertext to the user 'B'. This process continues up to n − 1 message transmission; the functions of the proposed protocol are explained in Fig. 2.

Computational cost analysis:
The proposed computationally efficient mutual authentication protocol is an n-round protocol. The value of n depends on the level of security and parameters of the new encryption scheme. If the mutual authentication protocol wants to give 32-bit security during mutual authentication, then the users need to choose the random nonce N A , N B , i.e. log N A = log N B = 32. The proposed protocol runs three-round for mutual authentication. Consider the length of the user credential is L bits. For the three-round mutual authentication process, the length of text (original message, credentials) to be transferred is at least 32 + L bits. To increase computational efficiency, the message is separated into N pieces. For a 32-bit message, a user needs to choose four nonces N 1 , N 2 , N 3 and N 4 , i.e. the length of the nonce is 8-bit. The users A and B need a nine-round message transmission for mutual authentication. The relationship between the number of rounds and nonce is n = 2N + 1.
In the three-round mutual authentication protocol, the user tries to decrypt the entire information. Also, the proposed mutual authentication protocol identifies the invalid information and it rejects, terminates the connection, and due to this, it saves energy.
6. Security analysis: Key security: The public key should be announced to the public for receiving information from the other users. But, the private key should be stored securely by the user. Once, the intruders break the encrypted information; it is easy to find the private key of the user. The opponent may try to recover the private key of a specific user from the key generation algorithm. But, due to the LWE problem, it is very hard to recover the private key.
The public key PUB consists of zn-dimensional vectors (PUB 1 , PUB 2 , . . . , PUB n ). A public key vector PUB i , where i = 2, . . . , n, consists of little bit noises q. Due to the hardness of the LWE problem, the private key is hidden by using small noises. The private key PRI = (k 1 , k 2 , . . . , k n ). Let the rift values R such that R | | = n of a PUB. It should contain minimum 2n − 1 unknown values.
In the n private key values, there are n − 1 small noise values from the rift R. That is, each private key is related to the value of rift values R. Recovering private key value is not an easy process, because equations in a system cannot be solved individually. Therefore, the private key used in the new encryption scheme is very secure and the level of security is log R n−1 bits.
Computationally efficient mutual authentication protocol security: The mutual authentication protocol is functioning based on the new encryption scheme. Therefore, the security level of the mutual authentication protocol depends on the new encryption scheme. From the key security analysis, the proposed new encryption scheme is very secure. Therefore, the proposed n-round mutual authentication protocol is also secure. Also, the proposed mutual authentication protocol defends against a man-in-the-middle attack and impersonation attack.

7.
Public key size and ciphertext size optimisation: Let the public key vector Public key vector elements are sampled randomly. It permits the other public key vectors to reuse the values in this public key vector. If the values of the public key (PUB i,1 , PUB i,2 , . . . , PUB i,n ) are derived from the other public key vectors, then it is enough to store the last value PUB i,n in the public key vector PUB i . Consider  are the two public key vectors. The elements of PUB i sampled randomly from 1 to m − 1. To generate another public key vector PUB j , the first n − 1 elements of PUB i vector are shifted by one position. That is a public key vector PUB j is derived as Here, the element of PUB j,n can be calculated from the given PUB j = (PUB j,1 , PUB j,2 , . . . , PUB j,n−1 ). Elements in the vectors can be reused maximum n − 1 times to avoid the situation such that two public key vectors should not have similar first n − 1 elements. The public key vector PUB i and PUB j are defined as (PUB i,1 , PUB i,2 , . . . , PUB i,n−1 , PUB i,1 , PUB j,n ). By using this scheme, the size of the public key can be reduced. During the implementation of this optimised public key vector, the size of the key is 68% less than the original public key vector.
In the proposed new encryption scheme, the reduced size public key is used. Therefore, the size of the output of the encryption scheme (ciphertext) is also reduced. When compared to the original ciphertext, the output of the proposed encryption scheme ciphertext size is reduced by 22 bytes. The level of security for the proposed encryption scheme is also improved because the first public key vector is secret for any equation, n-equation derived from the public key vectors of 2n unknown variables. But, there are 2n − 1 variables in the original public key vectors.
8. Performance analysis of proposed computationally efficient mutual authentication protocol: To analyse the performance of the proposed mutual authentication protocol, a Cooja simulator tool (network simulator tool, specially designed for wireless sensor networks) is used, and it is implemented by using the Contiki operating system (used for low power sensor devices) [19], it is particularly used for resource limited devices. The proposed mutual authentication protocol is implemented by the C programming language. During the implantation, to increase computational efficiency, information is separated into small pieces. The settings of system parameter achieve 64-bit information security with minimum 143-bit key security and protocol security of 64 bits. As per the proposed encryption scheme, it selects an 8-bit length nonce. Therefore, it requires 17 rounds to achieve the security level of 64 bits.
During the analysis of the proposed mutual authentication protocol, the security level is 64 bits. In the original protocol, the new encryption scheme consumes 33 ms, but the optimised encryption method consumes only 27 ms. The decryption time of both the original scheme and optimised scheme are the same. The size of the ciphertext in the optimisation scheme is reduced to 176 bits when compared to the original scheme. Mutual authentication between the users is also reduced to 132 ms when comparing the optimised scheme with the original scheme. The performance comparison is shown in Table 1. During the mutual authentication between the users, the encryption scheme needs to run n-rounds. The number of rounds depends upon the particular message size and the size of the nonce. If the length of the nonce is 8 bits and the message size is 64 bits, then the protocol needs to run 17 rounds to complete mutual authentication, as shown in Table 2. Table 3 shows the comparison of the Rivest-Shamir-Adleman (RSA) scheme (the oldest, secured methods of cryptographic and already in use in most of the application globally) elliptic-curve cryptography (ECC) scheme (more secured technique to enhance its security for every user) [20] and proposed scheme performance. Mutual authentication delay is reduced by 88 times when compared to the RSA scheme, and delay is reduced by 7 times when compared to the ECC scheme.

Conclusion:
Mutual authentication is essential for wireless medical data transmission between the users in the infant incubator monitoring system. Also, the system needs to provide user authentication and data integrity by using limited resources. But, the conventional mutual authentication protocols are not suitable for resource limited devices. Therefore, in this Letter, a computationally efficient, new encryption scheme based mutual authentication protocol is presented to improve the computational efficiency with balanced information security by using limited resources in the system. The security analysis and performance analysis of the proposed computationally efficient mutual authentication protocol ensure that the proposed system outperforms when compared to other conventional mutual authentication schemes.

Acknowledgments:
The authors sincerely thank the Doctors of Amaravathi Maruthuvamanai, Karur, India, for having granted permission to collect the data required for this research study from Amaravathi Maruthuvamanai.