An Improved User Anonymous Secure Authentication Protocol for Healthcare System Using Wireless Medical Sensor Network

Abstract

Wireless Medical Sensor Network (WMSN) consists of bio-sensors connected with each other implanted within human body. It transmits data to remote medical center. Medical professional can access the sensors of human body for inquiring his health condition remotely. Transmitting patient data over insecure wireless channel is a big challenge because health data is very sensitive and must not be disclosed to unauthorized user, so ensuring secure authentication and preserving anonymity is very important. To address this issue, many researchers provided many protocols for WMSN. Amin et al. presented an anonymous patient monitoring system using WMSN. Amin et al. claimed that their protocol preserves mutual authentication, user anonymity and secure against stolen smart device attack etc. By studying thoroughly and in-depth analysis we have found that this protocol is vulnerable to privileged insider attack, stolen smart device attack. Besides, it does not protect user anonymity. Also, it fails to protect denial of service attack. Furthermore, it has flaw in password change phase. To overcome the weakness of the protocol, we have proposed an improved and mask identity based secure mutual authentication protocol using WMSN. An informal security analysis is done which shows our protocol is secure against different type of attacks. Furthermore, we have used BAN logic model to prove the correctness of mutual authentication feature of the proposed protocol. Moreover, it offers ease login, secure authentication and strong password change phases.