Wireless medical sensor networks (WMSNs) play a major role in remote medical monitoring systems. Generally, in a WMSN, professionals need to obtain real-time physiological data of patients, and these data often encounter various security and privacy issues during the transmission process. Thus, the secure transmission of data is particularly critical. To ensure data security and patient privacy, many authentication schemes have been proposed. However, most of the existing schemes either cannot withstand known attacks (such as privileged-insider attack, desynchronization attack, etc.) or require more communication and computation costs, and are not suitable for resource-constrained WMSNs. Therefore, this paper proposes a new anonymous physically unclonable function (PUF)-based authentication protocol for WMSNs by using PUFs, fuzzy extractor, cryptographic one-way hash functions, and bitwise XOR operations. Formal security analysis under the real-or-random model shows that this scheme is provably secure. And informal security analysis shows that our scheme is secure against various known attacks. At the same time, compared with other existing related schemes, the proposed scheme not only provides more security and functionality features, but also requires less communication (5360 bits) and computation costs (57.047 ms).

无线医疗传感器网络 (WMSN) 在远程医疗监控系统中发挥着重要作用。通常，在WMSN中，专业人员需要获取患者的实时生理数据，而这些数据在传输过程中往往会遇到各种安全和隐私问题。因此，数据的安全传输尤为关键。为了确保数据安全和患者隐私，已经提出了许多认证方案。然而，现有的大多数方案要么无法抵御已知的攻击（如特权内部攻击、去同步攻击等），要么需要更多的通信和计算成本，不适合资源受限的 WMSN。因此，本文提出了一种新的基于匿名物理不可克隆函数（PUF）的WMSN认证协议，该协议使用PUF、模糊提取器、加密单向哈希函数和按位异或运算。实数或随机模型下的正式安全分析表明该方案是可证明安全的。非正式的安全分析表明，我们的方案对各种已知攻击是安全的。同时，与现有的其他相关方案相比，该方案不仅提供了更多的安全性和功能特性，而且需要更少的通信（5360比特）和计算成本（57.047 ms）。