An enhanced scalable and secure RFID authentication protocol for WBAN within an IoT environment

Abstract

Abstract Nowadays, Internet of Things (IoT)-based E-healthcare represents an emergent research field due to the fast development of wireless technologies and cloud computing. Radio Frequency Identification (RFID) is an integral technology in IoT thanks to its low cost and autonomous data collection and transfer. These features made it useful in Wireless Body Area Network (WBAN) for healthcare applications. However, data security and patient privacy remain major challenges in WBANs. In this context, many authentication protocols have been designed trying to satisfy both security and implementation requirements. Most recently, Naeem et al. have proposed an RFID authentication scheme for IoT which is claimed to be secure and provides scalability. Unfortunately, we have found that their protocol does not provide authentication and anonymity and it is vulnerable to numerous attacks. To overcome these security issues, we propose, in this paper, an efficient extended and improved IoT-based RFID authentication scheme for WBANs. Our proposed protocol could resist to various attacks and ensure mutual authentication from the tag to the medical server, in addition to patients data security. For this, elliptic curve cryptography (ECC) encryption mechanism and elliptic curve digital signature with message recovery (ECDSMR) have been adopted. Formal and informal analysis have proved that our proposed protocol succeeded to provide many security features and offer reliable data security with a considerably small computational and storage cost compared to existing schemes.