<p>The Internet of Medical Things (IoMT) leverages medical IoT sensors—such as pulse, temperature, blood pressure, and heart rate sensors—to improve patient care. Ensuring the security of these sensors and the data they generate is critical to maintaining a stable IoMT environment. Security threats, including unauthorized control and the transmission of erroneous data, necessitate robust countermeasures. To address these challenges, many existing protocols employ three-party authenticated key exchange mechanisms based on traditional cryptographic assumptions, such as the discrete logarithm problem and the integer factorization problem. However, these approaches are vulnerable to quantum attacks, particularly from Shor’s algorithm, thereby underscoring the need for quantum-resistant solutions. Lattice-based cryptography (LBC) offers a promising alternative for secure authentication and key exchange, but its application in resource-constrained devices presents significant challenges. Prior research introduced user authentication systems for IoT-based healthcare that emphasize lightweight design and anonymity preservation. However, these schemes remain susceptible to various attacks, including offline password guessing, impersonation, privileged-insider threats, and quantum attacks. This study proposes a lightweight user authentication protocol for IoMT that mitigates these vulnerabilities. The proposed scheme integrates the Ring Learning with Errors (RLWE) technique with a fuzzy extractor to resist quantum attacks, and employs XOR operations and hash functions to ensure compatibility with resource-constrained devices. The security of the proposed protocol is rigorously validated using the Random-Oracle-Model and AVISPA tool. Additionally, a comprehensive performance analysis demonstrates the proposed scheme’s superior efficiency and enhanced security compared to state-of-the-art protocols.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Quantum-secure lightweight fuzzy extractor based user authentication scheme for internet of medical things

  • Arman Ahmad,
  • S. Jagatheswari,
  • R. Praveen

摘要

The Internet of Medical Things (IoMT) leverages medical IoT sensors—such as pulse, temperature, blood pressure, and heart rate sensors—to improve patient care. Ensuring the security of these sensors and the data they generate is critical to maintaining a stable IoMT environment. Security threats, including unauthorized control and the transmission of erroneous data, necessitate robust countermeasures. To address these challenges, many existing protocols employ three-party authenticated key exchange mechanisms based on traditional cryptographic assumptions, such as the discrete logarithm problem and the integer factorization problem. However, these approaches are vulnerable to quantum attacks, particularly from Shor’s algorithm, thereby underscoring the need for quantum-resistant solutions. Lattice-based cryptography (LBC) offers a promising alternative for secure authentication and key exchange, but its application in resource-constrained devices presents significant challenges. Prior research introduced user authentication systems for IoT-based healthcare that emphasize lightweight design and anonymity preservation. However, these schemes remain susceptible to various attacks, including offline password guessing, impersonation, privileged-insider threats, and quantum attacks. This study proposes a lightweight user authentication protocol for IoMT that mitigates these vulnerabilities. The proposed scheme integrates the Ring Learning with Errors (RLWE) technique with a fuzzy extractor to resist quantum attacks, and employs XOR operations and hash functions to ensure compatibility with resource-constrained devices. The security of the proposed protocol is rigorously validated using the Random-Oracle-Model and AVISPA tool. Additionally, a comprehensive performance analysis demonstrates the proposed scheme’s superior efficiency and enhanced security compared to state-of-the-art protocols.