Study On Mutual Anonymous Authentication Protocol For Wireless Body Area Network

WBAN(Wireless body area network) is a wireless network which is composed of several sensor nodes and portable mobile devices, to continuously monitor the important physiological data of specific parts of human body. And it can also provide a variety of wireless applications. However, open wireless environment makes it vulnerable to various attacks and security threats. Besides, the sensor nodes in WBAN have the disadvantages of weak computational capabilities and limited resources. Therefore, this thesis aims at studying and designing a secure authentication protocol for WBAN, which can realize the mutual authentication between the user and the server to prevent the disclosure of user information, thereby protecting user's privacy.Through research and analysis of an existing remote anonymous authentication protocol which has poor security and low efficiency, we propose a new mutual anonymous authentication protocol for WBAN. Firstly, this thesis presents a new certificateless signature algorithm using bilinear pairing, in which the costly pairing operations are replaced with elliptic curve scalar multiplication. And we show that it is secure against existential forgeable on adaptively chosen message attacks under the random oracle model and the assumption of Elliptic Compute Diffie-Hellman Problem(ECDHP). Then, on the basis of the new certificateless signature algorithm, we design a mutual anonymous authentication protocol which has the following advantages:A method of combining public key cryptography and hash function is adopted in the proposed protocol, and by just single wheel communication the mutual authentication can be completed between the two parties. This protocol not only establishes a secure session key, but also greatly improves the communication efficiency, reduces the energy loss and computation overhead.The proposed protocol can achieve the security property of anonymity. By binding the user's identity to its public key, KGC(key generation center) makes a system account for user and distribute it. The whole authentication of the proposed protocol uses the system account instead of user's true identity, to guarantee that the user can enjoy services anonymously.The proposed protocol can complete the session key agreement securely in the process of authentication. The establishment of the session key depends not only on a random number that user chooses but also on server's own secret key. Therefore, in addition to the two parties, no one can obtain them and calculate the established session key.The proposed protocol can meet the security property of non-repudiation, which means, the user cannot deny that he has logged into the system and has enjoyed services at some time, for the certificateless signature algorithm is generated with user's own private key, and only the user knows it.Finally, we do performance analysis of the proposed mutual anonymous authentication protocol. Compared with some existing schemes, it shows that the proposed mutual anonymous authentication scheme achieves better results in terms of security and performance.