An Efficient Lightweight Provably Secure Authentication Protocol for Patient Monitoring Using Wireless Medical Sensor Networks

The refurbishing of conventional medical network with the wireless medical sensor network has not only amplified the efficiency of the network but concurrently posed different security threats. Previously, Servati and Safkhani had suggested an Internet of Things (IoT) based authentication scheme for the healthcare environment promulgating a secure protocol in resistance to several attacks. However, the analysis demonstrates that the protocol could not withstand user, server, and gateway node impersonation attacks. Further, the protocol fails to resist offline password guessing, ephemeral secret leakage, and gateway-by-passing attacks. To address the security weaknesses, we furnish a lightweight three-factor authentication framework employing the fuzzy extractor technique to safeguard the user's biometric information. The Burrows-Abadi-Needham (BAN) logic, Real-or-Random (ROR) model, and Scyther simulation tool have been imposed as formal approaches for establishing the validity of the proposed work. The heuristic analysis stipulates that the proposed work is impenetrable to possible threats and offers several security peculiarities like forward secrecy and three-factor security. A thorough analysis of the preexisting works with the proposed ones corroborates the intensified security and efficiency with the reduced computational, communication, and security overheads.