Skip navigation

A security-enhanced ultra-lightweight and anonymous user authentication protocol for Telehealthcare Information Systems

A security-enhanced ultra-lightweight and anonymous user authentication protocol for Telehealthcare Information Systems

Zeng, Dake, Badshah, Akhtar, Tu, Shanshan, Waqas, Muhammad ORCID logoORCID: https://orcid.org/0000-0003-0814-7544 and Han, Zhu (2025) A security-enhanced ultra-lightweight and anonymous user authentication protocol for Telehealthcare Information Systems. IEEE Transactions on Mobile Computing (TMC). ISSN 1536-1233 (Print), 1558-0660 (Online) (doi:10.1109/TMC.2025.3526519)

[thumbnail of Accepted Conference Paper]
Preview
PDF (Accepted Conference Paper)
49195 WAQAS_ A_Security-Enhanced_Ultra-Lightweight_And_Anonymous_User_Authentication_Protocol_For_Telehealthcare_Information_Systems_(AAM)_2025.pdf - Accepted Version

Download (5MB) | Preview

Abstract

The surge in smartphone and wearable device usage has propelled the advancement of the Internet of Things (IoT) applications. Among these, e-healthcare stands out as a fundamental service, enabling the remote access and storage of {patient-related data on a centralized medical server (MS)}, and facilitating connections between authorized individuals such as doctors, patients, and nurses over the public Internet. However, the inherent vulnerability of the public Internet to diverse security threats underscores the critical need for a robust and secure user authentication protocol to safeguard these essential services. This research presents a novel, resource-efficient user authentication protocol specifically designed for healthcare systems. Our proposed protocol leverages the lightweight authenticated encryption with associated data (AEAD) primitive \textsc{Ascon} combined with hash functions and XoR, specifically tailored for encrypted communication in resource-constrained IoT devices, emphasizing resource efficiency. Additionally, the proposed protocol establishes secure session keys between users and MS, facilitating future encrypted communications and preventing unauthorized attackers from illegally obtaining users' private data. Furthermore, comprehensive security validation, including informal security analyses, demonstrates the protocol's resilience against a spectrum of security threats. Extensive analysis reveals that our proposed protocol significantly reduces computational and communication resource requirements during the authentication phase in comparison to similar authentication protocols, underscoring its efficiency and suitability for deployment in healthcare systems.

Item Type: Article
Uncontrolled Keywords: protocols, security, authentication, medical services, passwords, servers, Telemedicine, Internet of Things, hash functions, threat modeling, security, authenticated encryption, Ascon, secure communication
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
T Technology > T Technology (General)
T Technology > TK Electrical engineering. Electronics Nuclear engineering
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified: 08 Jan 2025 10:46
URI: http://gala.gre.ac.uk/id/eprint/49195

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics