Lightweight Multi-party Authentication and Key Agreement Protocol in IoT-based E-Healthcare Service

Internet of Things (IoT) is playing a promising role in e-healthcare applications in the recent decades; nevertheless, security is one of the crucial challenges in the current field of study. Many healthcare devices (for instance, a sensor-augmented insulin pump and heart-rate sensor) collect a user's real-time data (such as glucose level and heart rate) and send them to the cloud for proper analysis and diagnosis of the user. However, the real-time user's data are vulnerable to various authentication attacks while sending through an insecure channel. Besides that, the attacks may further open scope for many other subsequent attacks. Existing security mechanisms concentrate on two-party mutual authentication. However, an IoT-enabled healthcare application involves multiple parties such as a patient, e-healthcare test-equipment, doctors, and cloud servers that requires multi-party authentication for secure communication. Moreover, the design and implementation of a lightweight security mechanism that fits into the resource constraint IoT-enabled healthcare devices are challenging. Therefore, this article proposes a lightweight, multi-party authentication and key-establishment protocol in IoT-based e-healthcare service access network to counter the attacks in resource constraint devices. The proposed multi-party protocol has used a lattice-based cryptographic construct such as Identity-Based Encryption (IBE) to acquire security, privacy, and efficiency. The study provided all-round analysis of the scheme, such as security, power consumption, and practical usage, in the following ways. The proposed scheme is tested by a formal security tool, Scyther, to testify the security properties of the protocol. In addition, security analysis for various attacks and comparison with other existing works are provided to show the robust security characteristics. Further, an experimental evaluation of the proposed scheme using IBE cryptographic construct is provided to validate the practical usage. The power consumption of the scheme is also computed and compared with existing works to evaluate its efficiency.