Lightweight Multi-party Authentication and Key Agreement Protocol in IoT-based E-Healthcare Service

Amiya Kumar Sahu, Suraj Sharma, Deepak Puthal

Research output: Contribution to journalArticlepeer-review

27 Scopus citations

Abstract

Internet of Things (IoT) is playing a promising role in e-healthcare applications in the recent decades; nevertheless, security is one of the crucial challenges in the current field of study. Many healthcare devices (for instance, a sensor-augmented insulin pump and heart-rate sensor) collect a user's real-time data (such as glucose level and heart rate) and send them to the cloud for proper analysis and diagnosis of the user. However, the real-time user's data are vulnerable to various authentication attacks while sending through an insecure channel. Besides that, the attacks may further open scope for many other subsequent attacks. Existing security mechanisms concentrate on two-party mutual authentication. However, an IoT-enabled healthcare application involves multiple parties such as a patient, e-healthcare test-equipment, doctors, and cloud servers that requires multi-party authentication for secure communication. Moreover, the design and implementation of a lightweight security mechanism that fits into the resource constraint IoT-enabled healthcare devices are challenging. Therefore, this article proposes a lightweight, multi-party authentication and key-establishment protocol in IoT-based e-healthcare service access network to counter the attacks in resource constraint devices. The proposed multi-party protocol has used a lattice-based cryptographic construct such as Identity-Based Encryption (IBE) to acquire security, privacy, and efficiency. The study provided all-round analysis of the scheme, such as security, power consumption, and practical usage, in the following ways. The proposed scheme is tested by a formal security tool, Scyther, to testify the security properties of the protocol. In addition, security analysis for various attacks and comparison with other existing works are provided to show the robust security characteristics. Further, an experimental evaluation of the proposed scheme using IBE cryptographic construct is provided to validate the practical usage. The power consumption of the scheme is also computed and compared with existing works to evaluate its efficiency.

Original languageBritish English
Article number64
JournalACM Transactions on Multimedia Computing, Communications and Applications
Volume17
Issue number2s
DOIs
StatePublished - Jun 2021

Keywords

  • Authentication
  • Healthcare
  • Identity-based encryption
  • Internet of Things
  • Key establishment
  • Lattice-based cryptography
  • Lightweight
  • Security protocol

Fingerprint

Dive into the research topics of 'Lightweight Multi-party Authentication and Key Agreement Protocol in IoT-based E-Healthcare Service'. Together they form a unique fingerprint.

Cite this