A security-enhanced ultra-lightweight and anonymous user authentication protocol for Telehealthcare Information Systems
Zeng, Dake, Badshah, Akhtar, Tu, Shanshan, Waqas, Muhammad ORCID: https://orcid.org/0000-0003-0814-7544 and Han, Zhu (2025) A security-enhanced ultra-lightweight and anonymous user authentication protocol for Telehealthcare Information Systems. IEEE Transactions on Mobile Computing (TMC). ISSN 1536-1233 (Print), 1558-0660 (Online) (doi:10.1109/TMC.2025.3526519)
Preview |
PDF (Accepted Conference Paper)
49195 WAQAS_ A_Security-Enhanced_Ultra-Lightweight_And_Anonymous_User_Authentication_Protocol_For_Telehealthcare_Information_Systems_(AAM)_2025.pdf - Accepted Version Download (5MB) | Preview |
Abstract
The surge in smartphone and wearable device usage has propelled the advancement of the Internet of Things (IoT) applications. Among these, e-healthcare stands out as a fundamental service, enabling the remote access and storage of {patient-related data on a centralized medical server (MS)}, and facilitating connections between authorized individuals such as doctors, patients, and nurses over the public Internet. However, the inherent vulnerability of the public Internet to diverse security threats underscores the critical need for a robust and secure user authentication protocol to safeguard these essential services. This research presents a novel, resource-efficient user authentication protocol specifically designed for healthcare systems. Our proposed protocol leverages the lightweight authenticated encryption with associated data (AEAD) primitive \textsc{Ascon} combined with hash functions and XoR, specifically tailored for encrypted communication in resource-constrained IoT devices, emphasizing resource efficiency. Additionally, the proposed protocol establishes secure session keys between users and MS, facilitating future encrypted communications and preventing unauthorized attackers from illegally obtaining users' private data. Furthermore, comprehensive security validation, including informal security analyses, demonstrates the protocol's resilience against a spectrum of security threats. Extensive analysis reveals that our proposed protocol significantly reduces computational and communication resource requirements during the authentication phase in comparison to similar authentication protocols, underscoring its efficiency and suitability for deployment in healthcare systems.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | protocols, security, authentication, medical services, passwords, servers, Telemedicine, Internet of Things, hash functions, threat modeling, security, authenticated encryption, Ascon, secure communication |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science T Technology > T Technology (General) T Technology > TK Electrical engineering. Electronics Nuclear engineering |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS) |
Last Modified: | 08 Jan 2025 10:46 |
URI: | http://gala.gre.ac.uk/id/eprint/49195 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year