Security Analysis of a User Authentication Scheme for IoT-Based Healthcare | IEEE Journals & Magazine | IEEE Xplore

Security Analysis of a User Authentication Scheme for IoT-Based Healthcare


Abstract:

Very recently, Masud et al. (2022) proposed a lightweight and anonymity-preserving user authentication scheme to establish secure communication between the doctor, the ga...Show More

Abstract:

Very recently, Masud et al. (2022) proposed a lightweight and anonymity-preserving user authentication scheme to establish secure communication between the doctor, the gateway, and sensor nodes in IoT-based healthcare, aiming to ensure the privacy of the patients’ physiological data. In this article, however, we carefully revisit their scheme and first point out that the scheme is not practically implementable in its current form, and second we show that it is vulnerable to session key disclosure attacks, off-line password guessing attacks, and traceability attacks, under the assumption that the attacker can gain access to the sensor nodes and the doctor’s device. We also propose fixes for each of these issues or vulnerabilities.
Published in: IEEE Internet of Things Journal ( Volume: 10, Issue: 7, 01 April 2023)
Page(s): 6527 - 6530
Date of Publication: 13 December 2022

ISSN Information:

Funding Agency:


References

References is not available for this document.