Wireless body area networks(WBANs)guarantee timely data processing and secure information preservation within the range of the wireless access network,which is in urgent need of a new type of security technology.Howev...Wireless body area networks(WBANs)guarantee timely data processing and secure information preservation within the range of the wireless access network,which is in urgent need of a new type of security technology.However,with the speedy development of hardware,the existing security schemes can no longer meet the new requirements of anonymity and lightweight.New solutions that do not require complex calculations,such as certificateless cryptography,attract great attention from researchers.To resolve these difficulties,Wang et al.designed a new authentication architecture for the WBANs environment,which was claimed to be secure and efficient.However,in this paper,we will show that this scheme is prone to ephemeral key leakage attacks.Further,based on this authentication scheme,an anonymous certificateless scheme is proposed for lightweight devices.Meanwhile,user anonymity is fully protected.The proposed scheme is proved to be secure under a specific security model.In addition,we assess the security attributes our scheme meets through BAN logic and Scyther tool.The comparisons of time consumption and communication cost are given at the end of the paper,to demonstrate that our scheme performs prior to several previous schemes.展开更多
基金This work was supported by the National Natural Science Foundation of China(Grant Nos.61872449,62172433,62072093,62125205)the Science Foundation for the Excellent Youth Scholars of Henan Province(No.222300420099).
文摘Wireless body area networks(WBANs)guarantee timely data processing and secure information preservation within the range of the wireless access network,which is in urgent need of a new type of security technology.However,with the speedy development of hardware,the existing security schemes can no longer meet the new requirements of anonymity and lightweight.New solutions that do not require complex calculations,such as certificateless cryptography,attract great attention from researchers.To resolve these difficulties,Wang et al.designed a new authentication architecture for the WBANs environment,which was claimed to be secure and efficient.However,in this paper,we will show that this scheme is prone to ephemeral key leakage attacks.Further,based on this authentication scheme,an anonymous certificateless scheme is proposed for lightweight devices.Meanwhile,user anonymity is fully protected.The proposed scheme is proved to be secure under a specific security model.In addition,we assess the security attributes our scheme meets through BAN logic and Scyther tool.The comparisons of time consumption and communication cost are given at the end of the paper,to demonstrate that our scheme performs prior to several previous schemes.
