Research Article
Fatemeh Pirmoradian; Mohammad Dakhilalian; Masoumeh Safkhani
Abstract
Internet of things (IoT) is an innovation in the world of technology. Continuous technological advancements based on the IoT cloud and booming wireless technology have revolutionized the living of human and remote health monitoring of patients is no exclusion. The Telecare Medicine Information Systems ...
Read More
Internet of things (IoT) is an innovation in the world of technology. Continuous technological advancements based on the IoT cloud and booming wireless technology have revolutionized the living of human and remote health monitoring of patients is no exclusion. The Telecare Medicine Information Systems (TMIS) is a system between Home Health Care (HHC) Organizations and patients at home that collects, saves, manage and transmits the Electronic Medical Record (EMR) of patients. Therefore, security in remote medicine has always been a very big and serious challenge. Therefore, biometrics-based schemes play a crucial role in IoT, Wireless Sensor Networks (WSN), etc. Recently, Xiong \textit{et al.} and Mehmood \textit{et al.} presented key exchange methods for healthcare applications that they claimed these schemes provide greater privacy. But unfortunately, we show that these schemes suffer from privacy issues and key compromise impersonation attack. To remove such restrictions, in this paper, a novel scheme (ECKCI) using Elliptic Curve Cryptography (ECC) with KCI resistance property was proposed. Furthermore, we demonstrate that the ECKCI not only overcomes problems such as key compromise impersonation attack in previous protocols, but also resists all specific attacks. Finally, a suitable equilibrium between the performance and security of ECKCI in comparisons with these recently proposed protocols was obtained. Also, the simulation results with the Scyther and ProVerif tools show that the ECKCI is safe in terms of security.
Research Article
Maryam Rajabzadeh Asaar; Mustafa Isam Ahmed Al-Baghdadi
Abstract
Designing authentication techniques suitable for wireless sensor networks (WSNs) with their dedicated consideration is critical due to the nature of public channel. In 2022, Liu et al. presented an authentication protocol which employs dynamic authentication credentials (DACs) and Intel software guard ...
Read More
Designing authentication techniques suitable for wireless sensor networks (WSNs) with their dedicated consideration is critical due to the nature of public channel. In 2022, Liu et al. presented an authentication protocol which employs dynamic authentication credentials (DACs) and Intel software guard extensions (SGX) to guarantee security in WSNs, and it was shown that it is secure by formal and informal security analysis. In this paper, we show that it is not secure against desynchronization attack and offline guessing attack for long-term random numbers of users. In addition, it suffers from the known session-specific temporary information attack. Then, to address these vulnerabilities an improved authentication scheme using DAC and Intel SGX will be presented. It is shown that not only it is secure against aforementioned attacks with employing formal and informal analysis, but also it has a reasonable communication and computation overhead. It should be highlighted that the communication and computation overheads of our proposal are increased negligibly, but it provides more security features compared to the baseline protocol.