Certificateless Authenticated Key Agreement for Decentralized WBANs

  • Mwitende Gervais
  • Liang Sun
  • Ke Wang
  • Fagen LiEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1105)


Security and privacy of sensitive data are crucial nowadays. Internet of things (IoTs) is emerging and has brought critical security issues. Wireless body networks (WBANs) as one branch of IoTs are vulnerable systems today because they carry sensitive information from implanted and wearable sensors. Authentication and key agreement for WBAN are important to protect its security and privacy. Several authentication and key agreement protocols have been proposed for WBANs. However, many of them are administered by a single server. Addition to that, a malicious key generation center can become a threat to other entities in WBANs, i.e impersonate the user by causing a key escrow problem. In this paper, we propose a certificateless authenticated key agreement (CLAKA) for a decentralized/blockchain WBAN in the first phase. CLAKA has advantage to be designed in a decentralized architecture that is suitable for low computation devices. A security mediated signature (SMC) for blockchain authentication is described in the second phase of our protocol. SMC has advantage in solving public key revocation while maintaining the characteristics of certificateless public key cryptography i.e. solving the key escrow problem. Our protocol can compute a session key between WBAN controller and blockchain node and verify the eligibility of node to collect WBAN data.


WBAN Key agreement Session key Blockchain SMC SEM 



This work is supported by the National Natural Science Foundation of China (grant no. 61872058).


  1. 1.
    Li, F., Hong, J.: Efficient certificateless access control for wireless body area networks. IEEE Sens. J. 16(13), 5389–5396 (2016)CrossRefGoogle Scholar
  2. 2.
    Jin, Y.: Low-cost and active control of radiation of wearable medical health device for wireless body area network. J. Med. Syst. 43(5), 137 (2019)CrossRefGoogle Scholar
  3. 3.
    Sun, W., Cai, Z., Li, Y., Liu, F., Fang, S., Wang, G.: Security and privacy in the medical internet of things: a review. Secur. Commun. Netw. 2018, (2018)Google Scholar
  4. 4.
    Chen, G., Xu, B., Lu, M., Chen, N.S.: Exploring blockchain technology and its potential applications for education. Smart Learn. Environ. 5(1), 1 (2018)CrossRefGoogle Scholar
  5. 5.
    Xu, J.J.: Are blockchains immune to all malicious attacks? Financ. Innov. 2(1), 25 (2016)CrossRefGoogle Scholar
  6. 6.
    Shen, J., Chang, S., Shen, J., Liu, Q., Sun, X.: A lightweight multi-layer authentication protocol for wireless body area networks. Futur. Gener. Comput. Syst. 78, 956–963 (2018)CrossRefGoogle Scholar
  7. 7.
    Shen, J., Gui, Z., Ji, S., Shen, J., Tan, H., Tang, Y.: Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J. Netw. Comput. Appl. 106, 117–123 (2018)CrossRefGoogle Scholar
  8. 8.
    Li, X., Peng, J., Kumari, S., Wu, F., Karuppiah, M., Choo, K.K.R.: An enhanced 1-round authentication protocol for wireless body area networks with user anonymity. Comput. Electr. Eng. 61, 238–249 (2017)CrossRefGoogle Scholar
  9. 9.
    Li, T., Zheng, Y., Zhou, T.: Efficient anonymous authenticated key agreement scheme for wireless body area networks. Secur. Commun. Netw. 2017, 1–8 (2017). Scholar
  10. 10.
    Wazid, M., Das, A.K., Vasilakos, A.V.: Authenticated key management protocol for cloud-assisted body area sensor networks. J. Netw. Comput. Appl. 123, 112–126 (2018)CrossRefGoogle Scholar
  11. 11.
    Wazid, M., Das, A.K., Kumar, N., Conti, M., Vasilakos, A.V.: A novel authentication and key agreement scheme for implantable medical devices deployment. IEEE J. Biomed. Health Inform. 22(4), 1299–1309 (2018)CrossRefGoogle Scholar
  12. 12.
    Hankerson, D., Menezes, A.J., Vanstone, S.: Guide to elliptic curve cryptography. Comput. Rev. 46(1), 13 (2005)zbMATHGoogle Scholar
  13. 13.
    Oh, J.H., Lee, K.K., Moon, S.J.: How to solve key escrow and identity revocation in identity-based encryption schemes. In: Jajodia, S., Mazumdar, C. (eds.) ICISS 2005. LNCS, vol. 3803, pp. 290–303. Springer, Heidelberg (2005). Scholar
  14. 14.
    Yap, W.-S., Chow, S.S.M., Heng, S.-H., Goi, B.-M.: Security mediated certificateless signatures. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 459–477. Springer, Heidelberg (2007). Scholar
  15. 15.
    Zhang, L., Zhang, F., Wu, Q., Domingo-Ferrer, J.: Simulatable certificateless two-party authenticated key agreement protocol. Inf. Sci. 180(6), 1020–1030 (2010)MathSciNetCrossRefGoogle Scholar
  16. 16.
    He, D., Chen, J., Hu, J.: A pairing-free certificateless authenticated key agreement protocol. Int. J. Commun. Syst. 25(2), 221–230 (2012)CrossRefGoogle Scholar
  17. 17.
    He, D., Chen, Y., Chen, J., Zhang, R., Han, W.: A new two-round certificateless authenticated key agreement protocol without bilinear pairings. Math. Comput. Model. 54(11–12), 3143–3152 (2011)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM (1993)Google Scholar
  19. 19.
    Xiong, X., Wong, D.S., Deng, X.: Tinypairing: a fast and lightweight pairing-based cryptographic library for wireless sensor networks. In: 2010 IEEE Wireless Communication and Networking Conference, pp. 1–6. IEEE (2010)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  • Mwitende Gervais
    • 1
  • Liang Sun
    • 2
  • Ke Wang
    • 2
  • Fagen Li
    • 1
    Email author
  1. 1.Center for Cyber Security, School of Computer Science and EngineeringUniversity of Electronic Science and Technology of ChinaChengduChina
  2. 2.SI-TECH Information Technology Co., Ltd.BeijingChina

Personalised recommendations