Cryptanalysis of an Anonymous Mutual Authentication Protocol for Wireless Body Area Network

Abstract

Wireless body area networks (WBANs) represent an important entity in E-health system, these networks offer enhanced efficiency, flexibility, and cost savings to patients, healthcare providers, and medical professionals in homeas well as hospital-based scenarios. The authentication of sensors is an essential security task. To the best of our knowledge, (Li et al, 2017) proposed the lightest authentication and key agreement scheme for WBAN. However, (M. Koya and Deepthi P. P, 2018) show that the Li et al. scheme is vulnerable to impersonation attack and they proposed to use the biokeys extracted from the inter pulse interval (IPI) to defend this attack. In this paper, we demonstrate that the M. Koya and Deepthi P. P scheme is vulnerable from sensor node spoofing attack hence, it does not provide anonymity. Subsequently we propose a security solution tackled with such vulnerability.