End to end light weight mutual authentication scheme in IoT-based healthcare environment


In a modern healthcare environment, the adoption of mobile health care technology is promising to enhance the quality of patient monitoring of chronically ill as well as elderly and healthy individuals for quick intervention at any critical situation. The patient’s vital signs and physiological parameters can be monitored by the sensor nodes attached to the patient’s body sensor network which is then transmitted to the appropriate medical professional for further action through wireless communication media such as Bluetooth, WiFi, 3G/4G. At the same time, the security and privacy of the patient data are to be protected against the inherent threats and vulnerabilities in an unprotected environment. In this aspect, we have proposed an end to end mutual authentication scheme to ensure the security and privacy of the patient balancing security and performance. The proposed authentication scheme also makes use of PDA or a smartphone as a gateway node enabling continuous monitoring of the patient even in a nonclinical environment. In addition, the scheme includes the protocol steps for an emergency scenario, by which the quality of patient care is sustained in a critical situation. The security analysis shows that the proposed scheme is more efficient compared with other related schemes.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3


  1. 1.

    Jiang Q, Ma J, Wei F, Tian Y, Shen J, Yang Y (2016) An untraceable temporal-credential-based two-factor authentication scheme using ECC for wireless sensor networks. J Netw Comput Appl 76:37

    Article  Google Scholar 

  2. 2.

    Guajardo J, Asim M, Petković M (2010) Towards hardware-intrinsic security. Springer, Berlin, pp 387–407

    Google Scholar 

  3. 3.

    Kumar P, Lee SG, Lee HJ (2012) E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors 12(2):1625

    Article  Google Scholar 

  4. 4.

    Debiao H, Jianhua C, Rui Z (2012) A more secure authentication scheme for telecare medicine information systems. J Med Syst 36(3):1989. https://doi.org/10.1007/s10916-011-9658-5

    Article  Google Scholar 

  5. 5.

    Wu ZY, Lee YC, Lai F, Lee HC, Chung Y (2012) A secure authentication scheme for telecare medicine information systems. J Med Syst 36(3):1529. https://doi.org/10.1007/s10916-010-9614-9

    Article  Google Scholar 

  6. 6.

    Li X, Niu J, Karuppiah M, Kumari S, Wu F (2016) Secure and efficient two-factor user authentication scheme with user anonymity for network based E-health care applications. J Med Syst 40(12):268

    Article  Google Scholar 

  7. 7.

    Das AK, Sutrala AK, Kumari S, Odelu V, Wazid M, Li X (2016) An efficient multi-gateway-based three-factor user authentication and key agreement scheme in hierarchical wireless sensor networks. Secur Commun Netw 9(13):2070. https://doi.org/10.1002/sec.1464 Sec. 1464

    Article  Google Scholar 

  8. 8.

    Amin R, Islam SH, Biswas G, Khan MK, Obaidat MS (2015) Design and analysis of an enhanced patient-server mutual authentication protocol for telecare medical information system. J Med Syst 39(11):137

    Article  Google Scholar 

  9. 9.

    Amin R, Islam SH, Biswas G, Khan MK, Kumar N (2016) A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Gener Comput Syst. https://doi.org/10.1016/j.future.2016.05.032

  10. 10.

    Li X, Peng J, Kumari S, Wu F, Karuppiah M, Choo KKR (2017) An enhanced 1-round authentication protocol for wireless body area networks with user anonymity. Comput Electr Eng. https://doi.org/10.1016/j.compeleceng.2017.02.011

  11. 11.

    Zhang L, Zhu S, Tang S (2017) Privacy protection for telecare medicine information systems using a chaotic map-based three-factor authenticated key agreement scheme. IEEE J Biomed Health Inform 21(2):465

    Article  Google Scholar 

  12. 12.

    Gope P, Hwang T (2016) BSN-care: a secure IoT-based modern healthcare system using body sensor network. IEEE Sens J 16(5):1368

    Article  Google Scholar 

  13. 13.

    Chang CC, Lee J.S, Lo YY, Liu Y (2017) In: Advances in intelligent information hiding and multimedia signal processing: proceeding of the twelfth international conference on intelligent information hiding and multimedia signal processing, Nov., 21–23, 2016, Kaohsiung, Taiwan, vol 1. Springer, pp 303–312

  14. 14.

    Pappu R, Recht B, Taylor J, Gershenfeld N (2002) Physical one-way functions. Science 297(5589):2026. https://doi.org/10.1126/science.1074376. http://science.sciencemag.org/content/297/5589/2026

  15. 15.

    Suh GE, Devadas S (2007) Physical Unclonable Functions for Device Authentication and Secret Key Generation. In: 2007 44th ACM/IEEE design automation conference, pp 9–14

  16. 16.

    Quan Z, Chunming T, Xianghan Z, Chunming R (2015) A secure user authentication protocol for sensor network in data capturing. J Cloud Comput 4(1):6

    Article  Google Scholar 

  17. 17.

    Park Y, Park Y (2016) Three-factor user authentication and key agreement using elliptic curve cryptosystem in wireless sensor networks. Sensors 16(12):2123

    Article  Google Scholar 

Download references

Author information



Corresponding author

Correspondence to S D Suganthi.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Suganthi, S.D., Anitha, R., Sureshkumar, V. et al. End to end light weight mutual authentication scheme in IoT-based healthcare environment. J Reliable Intell Environ 6, 3–13 (2020). https://doi.org/10.1007/s40860-019-00079-w

Download citation


  • Medical sensor network
  • Mutual Authentication
  • Gateway
  • Patient
  • Emergency
  • PUF
  • Sensor node