School of Computer Science, Hubei University of Technology, Wuhan, China.
J Med Syst. 2015 Nov;39(11):136. doi: 10.1007/s10916-015-0331-2. Epub 2015 Sep 1.
Due to the development of information technologies and network technologies, healthcare systems have been employed in many countries. As an important part of healthcare systems, the wireless body area network (WBAN) could bring convenience to both patients and physicians because it could help physicians to monitor patients' physiological values remotely. It is essential to ensure secure communication in WBANs because patients' physiological values are very sensitive. Recently, Liu et al. proposed an efficient authentication scheme for WBANs. Unfortunately, Zhao pointed out that their scheme suffered from the stolen verifier-table attack. To improve security and efficiency, Zhao proposed an anonymous authentication scheme for WBANs. However, Zhao's scheme cannot provide real anonymity because the users' pseudo identities are constant value and the attack could tract the users. In this paper, we propose a new anonymous authentication scheme for WBANs. Security analysis shows that the proposed scheme could overcome weaknesses in previous scheme. We also use the BAN logic to demonstrate the security of the proposed scheme.
由于信息技术和网络技术的发展,医疗保健系统已经在许多国家得到应用。作为医疗保健系统的重要组成部分,无线体域网 (WBAN) 可以为患者和医生带来便利,因为它可以帮助医生远程监测患者的生理值。确保 WBAN 中的安全通信至关重要,因为患者的生理值非常敏感。最近,Liu 等人提出了一种用于 WBAN 的高效认证方案。不幸的是,Zhao 指出他们的方案存在被盗验证器表攻击的问题。为了提高安全性和效率,Zhao 提出了一种用于 WBAN 的匿名认证方案。然而,Zhao 的方案不能提供真正的匿名性,因为用户的伪身份是固定值,并且攻击者可以追踪到用户。在本文中,我们提出了一种用于 WBAN 的新的匿名认证方案。安全性分析表明,所提出的方案可以克服以前方案的弱点。我们还使用 BAN 逻辑来证明所提出方案的安全性。
