A Robust Authentication Protocol for Wireless Medical Sensor Networks Using Blockchain and Physically Unclonable Functions

Wireless medical sensor networks (WMSNs)-based medical systems are an emerging paradigm of the Internet of Medical Things (IoMT) in which the patients and doctors can access various healthcare services via wireless communication technology without visiting the hospital in person. However, an adversary attempts a variety of security attacks because the sensitive information in various fields is exchanged via an insecure channel. Thus, robust and lightweight authentication protocols are essential for providing dependable healthcare services in WMSN-based medical systems. Recently, Wang et al. (IEEE Internet of Things Journal, doi: 10.1109/JIOT.2021.3117762) proposed blockchain and physically unclonable functions (PUFs)-based lightweight authentication protocol for WMSN. They claimed that their protocol is resistant to cyber and physical security threats and also does provide necessary security requirements. However, we prove that their protocol is vulnerable to various security attacks, such as man-in-the-middle and session key disclosure attacks and also lacks mutual authentication. As a result, we propose a robust authentication protocol for WMSN using blockchain and PUF to address the security problems raised by Wang et al.'s scheme. we assess the security of the proposed scheme by using informal and formal security analyses, such as AVISPA simulation and the ROR oracle model. Furthermore, we present the testbed experiments using Raspberry PI 4 based on MIRACL Crypto SDK. Then, we show the performance of the enhanced scheme compared with related schemes based on testbed experiments. Consequently, our scheme is better suited for practical WMSN-based medical systems because it provides greater security and efficiency than competing schemes.