| The wireless body area network(WBAN)can realize the wireless connection of medical equipment.It can also integrate medical information into a system to provide doctors and patients with more convenient and efficient medical services.However,with the development and popularization of WBANs,network security issues have gradually become prominent,such as the disclosure of data such as patient medical records and professional doctor information,medical data tampering,identity forgery to defraud access rights,and control of medical equipment.In WBANs,the authentication protocol is important to ensure network security.This thesis analyzes the security defects of three existing WBAN authentication protocols and proposes some new security protocols.Firstly,it pointed out that the patient monitoring protocol in the WBAN proposed by Alzahrani et al.cannot resist offline identity guessing attacks,desynchronization attacks,stealing authentication table attacks,and known session key attacks,and does not satisfy perfect forward security.A secure and lightweight patient monitoring protocol in the wireless body area network is proposed,which realizes mutual authentication and session key negotiation between sensor nodes and remote servers without using passwords,smart cards,and verification tables.The security of the proposed protocol is proved under the Random Oracle Model(ROM)and BAN Logic.The performance comparison analysis with related protocols shows that the proposed protocol has better performance.Secondly,to meet the urgent needs in medical communication,many multi-server authentication schemes based on single sign-on have been proposed.However,these solutions usually cannot effectively restrict unauthorized users’ network access,and lack a continuous authentication function,which means that users need to log in again every time they use the system,which is not convenient enough.This thesis points out that the protocol of Soni et al.cannot resist user impersonation attacks,server impersonation attacks,and man-in-the-middle attacks,and cannot provide session key security.An improved protocol is proposed to overcome the security defects of Soni et al.’s protocol,and the security of the proposed protocol is proved secure under the ROM and BAN Logic.The analysis results show that the proposed protocol can resist various known attacks and is efficient.Thirdly,it pointed out that the blockchain-based anonymous authentication protocol of Mirsaraei et al.is linkable,cannot provide user anonymity,session key secrecy,and cannot resist impersonation attacks and known session key attacks.Therefore,a secure protocol is proposed to overcome the security flaws of Mirsaraei et al.’s protocol.Security analysis and performance comparison show that the proposed protocol is resistant to many known attacks and has low computational overhead. |
PDF Full Text Request