Lightweight authentication protocol for connected medical IoT through privacy-preserving access

Muhammad Tanveer; Samia Allaoua Chelloug; Maali Alabdulhafith; Ahmed A. Abd El-Latif

Egyptian Informatics Journal (Jun 2024)

Lightweight authentication protocol for connected medical IoT through privacy-preserving access

Muhammad Tanveer,
Samia Allaoua Chelloug,
Maali Alabdulhafith,
Ahmed A. Abd El-Latif

Affiliations

Muhammad Tanveer: Department of Computer Science, University of Management and Technology, Lahore, 54770, Pakistan
Samia Allaoua Chelloug: Department of Information Technology, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, P.O. Box 84428, Riyadh 11671, Saudi Arabia
Maali Alabdulhafith: Department of Information Technology, College of Computer and Information Sciences, Princess Nourah bint Abdulrahman University, P.O. Box 84428, Riyadh 11671, Saudi Arabia
Ahmed A. Abd El-Latif: EIAS Data Science Lab, College of Computer and Information Sciences, and Center of Excellence in Quantum and Intelligent Computing, Prince Sultan University, Riyadh 11586, Saudi Arabia; Department of Mathematics and Computer Science, Faculty of Science, Menoufia University, 32511, Egypt; Corresponding author at: EIAS Data Science Lab, College of Computer and Information Sciences, and Center of Excellence in Quantum and Intelligent Computing, Prince Sultan University, Riyadh 11586, Saudi Arabia.

Journal volume & issue: Vol. 26
p. 100474

Abstract

Read online

With the rapid progress of communication technology, the Internet of Things (IoT) has emerged as an essential element in our daily lives. Given that the IoT encompasses diverse devices that often have limited resources in terms of communication, computation, and storage. Consequently, the National Institute of Standards and Technology (NIST) has standardized several lightweight cryptographic algorithms for encryption and decryption, specifically designed to meet the needs of resource-constrained IoT devices. These cryptographic algorithms, known as authenticated encryption with associated data (AEAD), offer more than just confidentiality—they also guarantee information integrity and authentication. Unlike conventional encryption algorithms like AES, which solely provide confidentiality, AEAD algorithms encompass additional functionality to achieve authenticity. This eliminates the need for separate algorithms like message authentication codes to ensure authenticity. Therefore, by leveraging the characteristics of an AEAD protocol, it is possible to develop a lightweight authentication framework to mitigate the security risks inherent in public communication channels. Therefore, in this work, we designed the lightweight authentication protocol for the smart healthcare system (BLAP-SHS) using an AEAD mechanism. In order to do this, a session key must first be created for encrypted communication. This is done via a method called mutual authentication, which verifies the legitimacy of both the user and the server. The random-or-real methodology ensures the security of the derived session key, and the Scyther tool is used to assess BLAP-SHS’ resistance to man-in-the-middle and replay attacks. Through using the technique of informal security analysis, the resilience of BLAP-SHS against denial of service, and password-guessing threats are evaluated. By juxtaposing BLAP-SHS with other prominent authentication techniques, the usefulness of BLAP-SHS is also assessed in terms of computing and communication costs. We illustrate that the BLAP-SHS requires a reduction in computation cost ranging from [70.11% to 95.21%] and a reduction in communication resources ranging from [3.85% to 9.09%], as evidenced by our comparative study.

Published in Egyptian Informatics Journal

ISSN: 1110-8665 (Print)
Publisher: Elsevier
Country of publisher: Netherlands
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://www.journals.elsevier.com/egyptian-informatics-journal/

About the journal

Abstract

Keywords