Title: Cryptanalysis and improvement of a secure communication protocol for smart healthcare system

Authors: Devender Kumar; Deepak Kumar Sharma; Parth Jain; Sumit Bhati; Amit Kumar

Addresses: Department of Information Technology, NSUT, New Delhi, India ' Department of Information Technology, IGDTUW, New Delhi, India ' Department of Information Technology, NSUT, New Delhi, India ' Department of Information Technology, NSUT, New Delhi, India ' Department of Information Technology, NSUT, New Delhi, India

Abstract: There are many applications based on wireless technology and cloud computing in various fields. One such field that uses this technology is telemedicine or mobile healthcare. But with an increase in usage, these systems should be protected efficiently. Security is the greatest concern in this field. Recently, Sureshkumar et al. have proposed a protocol for a smart healthcare system, which uses three-factor authentication. Here we cryptanalyse their scheme and find that it cannot withstand against the user impersonation attack, denial of service attack, privileged insider attack and gateway impersonation. To overcome these weaknesses, we propose an authentication protocol for smart healthcare system. To validate our claim, we use the ProVerif tool for formal security verification and compare our protocol with some related schemes. We also show that the proposed protocol is more secure and efficient than the related schemes.

Keywords: user authentication; healthcare systems; denial of service attack; user impersonation attack; session key agreement; insider attack; sensor node.

DOI: 10.1504/IJICS.2024.143919

International Journal of Information and Computer Security, 2024 Vol.25 No.3/4, pp.265 - 291

Received: 19 Feb 2023
Accepted: 04 Jan 2024
Published online: 14 Jan 2025 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article