PIA-A secure and efficient identity authentication scheme in telemedicine via the PUF method

Xiong Wang; Wenbo Wang; Ang Liu; Wen Liu; Zehao Zhang; Weilin Li

doi:10.1038/s41598-025-89502-2

Scientific Reports (Feb 2025)

PIA-A secure and efficient identity authentication scheme in telemedicine via the PUF method

Xiong Wang,
Wenbo Wang,
Ang Liu,
Wen Liu,
Zehao Zhang,
Weilin Li

Affiliations

Xiong Wang: Department of Cyberspace Security, Beijing Electronic Science and Technology Institute
Wenbo Wang: Department of Cyberspace Security, Beijing Electronic Science and Technology Institute
Ang Liu: Network and Information Management Division, Beijing Electronic Science and Technology Institute
Wen Liu: Department of Cryptographic Science and Technology, Beijing Electronic Science and Technology Institute
Zehao Zhang: Department of Cyberspace Security, Beijing Electronic Science and Technology Institute
Weilin Li: Department of Cyberspace Security, Beijing Electronic Science and Technology Institute

DOI: https://doi.org/10.1038/s41598-025-89502-2
Journal volume & issue: Vol. 15, no. 1
pp. 1 – 18

Abstract

Read online

Abstract With the rise of IoT technology, remote medical services have gained increasing attention. These services became particularly popular during the COVID-19 pandemic due to their convenience, privacy, and ability to transcend geographical boundaries. In remote medical networks, identity authentication protocols are a crucial component, playing a vital role in ensuring that healthcare providers can operate in a secure and efficient environment. However, some existing identity authentication protocols in remote medical environments are vulnerable to various security threats, such as privileged insider attacks, session key security issues, unauthorized data access, and failure to meet both three-factor security and anonymity. These threats can compromise patient privacy and the integrity of healthcare systems.Therefore, the development of a secure and efficient identity authentication protocol for remote medical services is of utmost importance. To address this need, we propose a Physically Unclonable Function-based identity authentication scheme for telemedicine. In our scheme, we use symmetric encryption and Elliptic Curve Cryptography to encrypt critical information, ensuring a high level of security. We leverage PUF technology to associate devices with users, creating a “device fingerprint” for enhanced authentication. Furthermore, we have provided security proofs for our scheme using the Random Oracle model and the ProVerif protocol analysis tool. Through comprehensive security analysis, we demonstrate that the proposed scheme can resist most known attacks and meets anonymity, forward/backward security, and three-factor security. Lastly, we compared our scheme with existing protocols in terms of computational overhead, storage overhead, and communication overhead using a unified performance benchmark. The results indicate that, while there is no advantage in communication overhead, our scheme reduces computational overhead by approximately 50.71% and storage overhead by 16.32%.

Published in Scientific Reports

ISSN: 2045-2322 (Online)
Publisher: Nature Portfolio
Country of publisher: United Kingdom
LCC subjects: Medicine; Science
Website: https://www.nature.com/srep/

About the journal