Article: An efficient authentication and key agreement scheme for e-health applications in the context of internet of things Journal: International Journal of Information and Computer Security (IJICS) 2019 Vol.11 No.4/5 pp.355 - 390 Abstract: E-health applications are one of the most promising applications in the context of internet of things (IoT). Nevertheless, resource constraints and security issues in IoT are the main barriers for their deployment. Among security issues, authentication and data confidentiality are required to secure e-health applications. In this paper, we propose a new authentication and key agreement scheme for e-health applications in the context of IoT. This scheme allows a sensor node, a gateway node, and a remote user to authenticate each other and secure the collection of health-related data. The proposed scheme is based on lightweight symmetric cryptography since it uses nonces, exclusive-or operations, and simple hash functions. Besides, it takes into consideration the sensors location to provide an efficient authentication. To assess the proposed scheme, we conduct a theoretical and an automated security analysis using AVISPA tool. The results show that our scheme preserves the security properties, and ensures resilience against different types of attacks. In addition, we evaluate and compare both communication and computational costs with some existing authentication schemes. The obtained results prove that it provides authentication with low energy cost. Inderscience Publishers - linking academia, business and industry through research

Title: An efficient authentication and key agreement scheme for e-health applications in the context of internet of things

Authors: Hamza Khemissa; Djamel Tandjaoui; Samia Bouzefrane

Addresses: LSI Laboratory, USTHB: University of Sciences and Technology Houari Boumediene, Algiers, Algeria; Computer Security Division, CERIST: Research Center on Scientific and Technical Information, Algiers, Algeria ' Computer Security Division, CERIST: Research Center on Scientific and Technical Information, Algiers, Algeria ' CEDRIC Laboratory, CNAM: National Conservatory of Arts and Crafts, Paris, France

Abstract: E-health applications are one of the most promising applications in the context of internet of things (IoT). Nevertheless, resource constraints and security issues in IoT are the main barriers for their deployment. Among security issues, authentication and data confidentiality are required to secure e-health applications. In this paper, we propose a new authentication and key agreement scheme for e-health applications in the context of IoT. This scheme allows a sensor node, a gateway node, and a remote user to authenticate each other and secure the collection of health-related data. The proposed scheme is based on lightweight symmetric cryptography since it uses nonces, exclusive-or operations, and simple hash functions. Besides, it takes into consideration the sensors location to provide an efficient authentication. To assess the proposed scheme, we conduct a theoretical and an automated security analysis using AVISPA tool. The results show that our scheme preserves the security properties, and ensures resilience against different types of attacks. In addition, we evaluate and compare both communication and computational costs with some existing authentication schemes. The obtained results prove that it provides authentication with low energy cost.

Keywords: internet of things; IoT; e-health; identity; location; authentication; session key agreement.

DOI: 10.1504/IJICS.2019.101926

International Journal of Information and Computer Security, 2019 Vol.11 No.4/5, pp.355 - 390

Received: 09 Oct 2017
Accepted: 31 Jul 2018
Published online: 30 Aug 2019 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: An efficient authentication and key agreement scheme for e-health applications in the context of internet of things

Keep up-to-date