Abstract
Certificateless authenticated key agreement (CLAKA) is important to prevent the escrow problem. It also mitigates the certificate management burden in storage and during the message exchange. However, many previously designed CLAKA protocols were designed in the centralized system architectures that may cause the single point of failure. A new CLAKA is designed in a decentralized (blockchain) architecture that is very suitable for wireless body area networks (WBANs). The proposed protocol is secure as long as it computes a common session key between WBAN user and blockchain nodes. An ID-based blind signature with message recovery is used between blockchain nodes. The blind signature with message recovery is used to achieve authentication and anonymity by acquiring a signature without disclosing the message. It also has advantage in minimizing the size of signature and it is efficient in a situation of limited bandwidth. The protocol analysis shows that it is secure and can resist many WBAN security attacks compared to the existing authenticated key agreement protocols.
Similar content being viewed by others
References
Zimmerman, T. G. (1996). Personal area networks: Near-field intrabody communication. IBM Systems Journal, 35(3.4), 609–617.
Shuwandy, M. L., Zaidan, B., Zaidan, A., & Albahri, A. (2019). Sensor-based mhealth authentication for real-time remote healthcare monitoring system: A multilayer systematic review. Journal of Medical Systems, 43(2), 33.
Javadi, S. S., & Razzaque, M. (2013). Security and privacy in wireless body area networks for health care applications. In S. Khan & A. K. Pathan (Eds.), Wireless networks and security (pp. 165–187). Berlin: Springer.
Aljarullah, A., & El-Masri, S. (2013). A novel system architecture for the national integration of electronic health records: A semi-centralized approach. Journal of Medical Systems, 37(4), 9953.
Zhao, H., Zhang, Y., Peng, Y., & Xu, R. (2017). Lightweight backup and efficient recovery scheme for health blockchain keys. In IEEE 13th international symposium on autonomous decentralized system (ISADS) (pp. 229–234). IEEE.
Viriyasitavat, W., & Hoonsopon, D. (2019). Blockchain characteristics and consensus in modern business processes. Journal of Industrial Information Integration, 13, 32–39.
Omala, A. A., Kibiwott, K. P., & Li, F. (2017). An efficient remote authentication scheme for wireless body area network. Journal of Medical Systems, 41(2), 25.
Mtonga, K., Yoon, E. J., & Kim, H. S. (2016). Authenticated privacy preserving pairing-based scheme for remote health monitoring systems. Journal of Information Security, 8(1), 75–90.
Drira, W., Renault, E., & Zeghlache, D. (2012). A hybrid authentication and key establishment scheme for wban. In IEEE 11th international conference on trust, security and privacy in computing and communications (pp. 78–83). IEEE.
Hassan, A., Omala, A. A., Ali, M., Jin, C., & Li, F. (2019). Identity-based user authenticated key agreement protocol for multi-server environment with anonymity. Mobile Networks and Applications, 24(3), 890–902.
Jiang, Q., Lian, X., Yang, C., Ma, J., Tian, Y., & Yang, Y. (2016). A bilinear pairing based anonymous authentication scheme in wireless body area networks for mhealth. Journal of Medical Systems, 40(11), 231.
Liu, J., Zhang, L., & Sun, R. (2016). 1-RAAP: An efficient 1-round anonymous authentication protocol for wireless body area networks. Sensors, 16(5), 728.
He, D., & Zeadally, S. (2015). Authentication protocol for an ambient assisted living system. IEEE Communications Magazine, 53(1), 71–77.
Wazid, M., Das, A. K., Kumar, N., Conti, M., & Vasilakos, A. V. (2018). A novel authentication and key agreement scheme for implantable medical devices deployment. IEEE Journal of Biomedical and Health Informatics, 22(4), 1299–1309.
Li, X., Peng, J., Kumari, S., Wu, F., Karuppiah, M., & Choo, K. K. R. (2017). An enhanced 1-round authentication protocol for wireless body area networks with user anonymity. Computers & Electrical Engineering, 61, 238–249.
Khan, H., Dowling, B., & Martin, K. M. (2018). Highly efficient privacy-preserving key agreement for wireless body area networks. In 17th IEEE international conference on trust, security and privacy in computing and communications/12th IEEE international conference on big data science and engineering (TrustCom/BigDataSE) (pp. 1064–1069). IEEE.
Farouk, A., Miri, A., Fouad, M. M., Abdelhafez, A. A. (2014). Efficient pairing-free, certificateless two-party authenticated key agreement protocol for grid computing. In Fourth international conference on digital information and communication technology and it’s applications (DICTAP) (pp. 279–284). IEEE.
Haiyan, S. (2016). A strongly secure pairing-free certificateless authenticated key agreement protocol under the CDH assumption. Science China Information Sciences, 003, 103–118.
Shen, J., Gui, Z., Ji, S., Shen, J., Tan, H., & Tang, Y. (2018). Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. Journal of Network and Computer Applications, 106, 117–123.
Puthal, D., Malik, N., Mohanty, S. P., Kougianos, E., & Yang, C. (2018). The blockchain as a decentralized security framework. IEEE Consumer Electronics Magazine, 7(2), 18–21.
Wu, H. T., & Tsai, C. W. (2018). Toward blockchains for health-care systems: Applying the bilinear pairing technology to ensure privacy protection and accuracy in data sharing. IEEE Consumer Electronics Magazine, 7(4), 65–71.
Zhang, J., Xue, N., & Huang, X. (2016). A secure system for pervasive social network-based healthcare. IEEE Access, 4, 9239–9250.
Griggs, K. N., Ossipova, O., Kohlios, C. P., Baccarini, A. N., Howson, E. A., & Hayajneh, T. (2018). Healthcare blockchain system using smart contracts for secure automated remote patient monitoring. Journal of Medical Systems, 42(7), 130.
Kasyoka, P., Kimwele, M., & Mbandu Angolo, S. (2020). Certificateless pairing-free authentication scheme for wireless body area network in healthcare management system. Journal of Medical Engineering & Technology, 44, 12–19.
Mandal, S., Bera, B., Sutrala, A. K., Das, A. K., Choo, K. K. R., & Park, Y. (2020). Certificateless signcryption-based three-factor user access control scheme for IoT environment. IEEE Internet of Things Journal,. https://doi.org/10.1109/jiot.2020.2966242.
Cheng, X., Chen, F., Xie, D., Sun, H., & Huang, C. (2020). Design of a secure medical data sharing scheme based on blockchain. Journal of Medical Systems, 44(2), 52.
Mandal, S., Mohanty, S., & Majhi, B. (2020). CL-AGKA: Certificateless authenticated group key agreement protocol for mobile networks. Wireless Networks. https://doi.org/10.1007/s11276-020-02252-z.
Crosby, M., Pattanayak, P., Verma, S., Kalyanaraman, V., et al. (2016). Blockchain technology: Beyond bitcoin. Applied Innovation, 2(6–10), 71.
Hjalmarsson, F. P., Hreioarsson, G. K., Hamdaqa, M., & Hjalmtysson, G. (2018). Blockchain-based e-voting system. In IEEE 11th international conference on cloud computing (CLOUD) (pp. 983–986). Los Alamitos, CA: IEEE Computer Society.
Karame, G. O., Androulaki, E., & Capkun, S. (2012). Double-spending fast payments in bitcoin. In Proceedings of the 2012 ACM conference on Computer and communications security (pp. 906–917). ACM.
Laurie, B., & Clayton, R. (2004). Proof-of-work proves not to work; version 0.2. In Workshop on economics and information, security (pp. 1–9).
Li, Z. C., Huang, J. H., Gao, D. Q., Jiang, Y. H., & Fan, L. (2019). ISCP: An improved blockchain consensus protocol. IJ Network Security, 21(3), 359–367.
Lin, I. C., & Liao, T. C. (2017). A survey of blockchain security issues and challenges. IJ Network Security, 19(5), 653–659.
Hou, M., & Xu, Q. (2009). A two-party certificateless authenticated key agreement protocol without pairing. In 2nd IEEE international conference on computer science and information technology (pp. 412–416). IEEE.
Li, F., Shirase, M., & Takagi, T. (2008). Key management using certificateless public key cryptography in ad hoc networks. In IFIP international conference on network and parallel computing (pp. 116–126). Springer.
Al-Riyami, S. S., & Paterson, K. G. (2003). Certificateless public key cryptography. In International conference on the theory and application of cryptology and information security (pp. 452–473). Springer.
Chaum, D. (1983). Blind signatures for untraceable payments. In Advances in cryptology (pp. 199–203). Springer.
He, D., Chen, J., & Hu, J. (2012). A pairing-free certificateless authenticated key agreement protocol. International Journal of Communication Systems, 25(2), 221–230.
Zhang, L., Zhang, F., Wu, Q., & Domingo-Ferrer, J. (2010). Simulatable certificateless two-party authenticated key agreement protocol. Information Sciences, 180(6), 1020–1030.
Saleem, S., Ullah, S., & Yoo, H. S. (2009). On the security issues in wireless body area networks. JDCTA, 3(3), 178–184.
Hankerson, D., Menezes, A. J., & Vanstone, S. (2006). Guide to elliptic curve cryptography. Berlin: Springer. https://doi.org/10.1007/b97644.
James, S., Gayathri, N., & Reddy, P. (2018). Pairing free identity-based blind signature scheme with message recovery. Cryptography, 2(4), 29.
Bellare, M., & Rogaway, P. (1993). Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM conference on computer and communications security (pp. 62–73). ACM.
Acknowledgements
This work was supported by the National Natural Science Foundation of China under Grant 61872058, the Plan For Scientific Innovation Talent of Henan Province under Grant 184100510012, and the Program for Science and Technology Innovation Talents in the Universities of Henan Province under Grant 18HASTIT022.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare no conflict of interest.
Informed Consent
Informed consent was obtained from all individual participants included in the study.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Mwitende, G., Ali, I., Eltayieb, N. et al. Authenticated key agreement for blockchain-based WBAN. Telecommun Syst 74, 347–365 (2020). https://doi.org/10.1007/s11235-020-00662-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11235-020-00662-0