TY - JOUR
T1 - Lightweight Two-Factor-Based User Authentication Protocol for IoT-Enabled Healthcare Ecosystem in Quantum Computing
AU - Al-saggaf, Alawi A.
AU - Sheltami, Tarek
AU - Alkhzaimi, Hoda
AU - Ahmed, Gamil
N1 - Funding Information:
This work is a part of the project supported by the King Fahd University of Petroleum and Minerals under Grant SR191031.
Publisher Copyright:
© 2022, King Fahd University of Petroleum & Minerals.
PY - 2023/2
Y1 - 2023/2
N2 - The healthcare ecosystem is migrating from legacy systems to the Internet of Things (IoT), resulting in a digital environment. This transformation has increased importance on demanding both secure and usable user authentication methods. Recently, a post-quantum fuzzy commitment scheme (PQFC) has been constructed as a reliable and efficient method of biometric template protection. This paper presents a new two-factor-based user authentication protocol for the IoT-enabled healthcare ecosystem in post-quantum computing environments using the PQFC scheme. The proposed protocol is proved to be secure using random oracle model. Furthermore, the functionality and security of the proposed protocol are analyzed, showing that memoryless-effortless, user anonymity, mutual authentication, and resistance to biometric templates tampering and stolen attacks, stolen smart card attack, privileged interior attack are fulfilled. The costs of storage requirement, computation, communication and storage are estimated. The results demonstrate that the proposed protocol is more efficient than Mukherjee et al., Chaudhary et al., and Gupta et al. protocols.
AB - The healthcare ecosystem is migrating from legacy systems to the Internet of Things (IoT), resulting in a digital environment. This transformation has increased importance on demanding both secure and usable user authentication methods. Recently, a post-quantum fuzzy commitment scheme (PQFC) has been constructed as a reliable and efficient method of biometric template protection. This paper presents a new two-factor-based user authentication protocol for the IoT-enabled healthcare ecosystem in post-quantum computing environments using the PQFC scheme. The proposed protocol is proved to be secure using random oracle model. Furthermore, the functionality and security of the proposed protocol are analyzed, showing that memoryless-effortless, user anonymity, mutual authentication, and resistance to biometric templates tampering and stolen attacks, stolen smart card attack, privileged interior attack are fulfilled. The costs of storage requirement, computation, communication and storage are estimated. The results demonstrate that the proposed protocol is more efficient than Mukherjee et al., Chaudhary et al., and Gupta et al. protocols.
KW - Biometric
KW - Internet of Things
KW - IoT-enabled healthcare
KW - Lightweight authentication protocols
KW - Post-quantum cryptography
KW - User authentication
UR - http://www.scopus.com/inward/record.url?scp=85138498314&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85138498314&partnerID=8YFLogxK
U2 - 10.1007/s13369-022-07235-0
DO - 10.1007/s13369-022-07235-0
M3 - Article
AN - SCOPUS:85138498314
SN - 2193-567X
VL - 48
SP - 2347
EP - 2357
JO - Arabian Journal for Science and Engineering
JF - Arabian Journal for Science and Engineering
IS - 2
ER -