Page 127 - 2023-Vol19-Issue2
P. 127
123 | Rashid et al.
phase, PDi computes anonymous password ' = cryption (EPDi , E ' , ESi ) and mutual authentica-
tion ( < IDSi, PDi ESi >, <IDPi, PW Pi' , EPDi >,
PW Pi
h(PW Pi|| ShPDi || RA) that is generated once based on PW ' ,
Si
' <E'PDi >), can be used to protect the transmitted data.
RA. AS can ensure the validity of PW Pi because it owns
''
ShPDi , g to compute R'A and then obtains = • Resisting Replay Attacks: Assuming that an adversary
PW Pi
'
h(PW Pi|| ShPDi || R'A) = PW ( A) intercepts request messages < IDSi, PW 'Si , ESi >
Pi.
Hence, the present scheme supports anonymity and or <IDPi, PW ' , EPDi > and attempts to use these
untraceable metrics. Pi
messages to allow A to use the services of the system,
• Withstanding MITM Attacks: Assume an attacker these parameters are generated once due to RA and ri
( A) has gained a requested demand from Si to PDi so A cannot resend a message request. Furthermore,
< IDSi, PW 'Si , ESi >, and from PDi to AS < IDPi, PW Pi',
EPDi > and vice versa, any attempt to change these A cannot access any other value of the system’s com-
messages by A fails to verify from the other side, as
ponents because it does not know keys ShSi and ShPDi .
the changed parameters do not match with the original Therefore, the proposed scheme is secure against replay
parameters. Additionally, A cannot obtain pivot pa- attacks.
rameters such as ShPDi , RA, RB, g, and ShSi . Moreover, • Resisting DoS Attacks: In the proposed scheme, all
the exchanged messages between components are only requested messages are linked to random values RA and
ri. In normal cases, messages must be variable and not
produced once for each sign-in demand. fixed. Therefore, repeating the same message without
any alteration reveals the attack, and the repeated mes-
• Withstanding Eavesdropping, Traffic, Black Hole At- sage is rejected. In this scheme, all exchanged messages
tacks: Suppose (A˜ ) attempts to quote information to within the system’s components are unique and gener-
ated once during the login and authentication phases.
implement the current attack, and these messages com- This feature can be considered a part of the message
validation. Therefore, the scheme resists DoS attacks.
prise the exchange of information between all compo-
nents (Si, PDi, AS), as shown below:
<I DSi , PW ' Si , ESi >
Si ? PDi • Protecting from Stolen PDi Attack: If a (PDi) is stolen,
Si PDi all the saved information (IDSi, PWsi, PWSi,
< pivot al?signal s> SHki), and (ShSi) would be available to an adversary
PDi AS ( A). However, A cannot resend older messages be-
AS ' cause this scheme is resistant to replay attack, and they
PDi cannot create new medical information because this
PDi <IDPi, PW?Pi , EPDi > information contains the patient’s location. Owing to
these above reasons, A would not benefit from a stolen
<?E'PDi > PDi PDi and access the system. Therefore, the proposed
scheme is protected from instances of stolen personal
Message to renew ShPDi AS devices. Unlinkability: Any two visible system compo-
nents’ connection cannot be specified. Various acts can
? be changed privately and randomly without everyone
else knowing the connection between them.
<Case emer?gency o f Pi > AS
Previously, all the above messages have been gener- • Smart Factor: The login to the system as a smart factor
ated once. Consequently, A cannot apply the eaves- makes the system available permanently. This process
dropping and traffic attacks. Furthermore, the above reduces the login efforts in applications, is performed
security analysis shows the proposed scheme can pro- after the first login to the system or application, and
tect from a Forged Si and resist DoS and replay at- adds efficiency and flexibility to the proposed scheme.
tacks. Furthermore, a Black Hole Attack can also occur
in Wireless Body Area Networks (WBANs), which B. AVISPA
are small, low-power networks that connect wearable Focus is on an official investigation called AVISPA to check
devices to a central hub. In a WBAN, a malicious whether the proposed scheme is protected. This protocol de-
node can launch a Black Hole Attack by falsely ad- pends on High-Level Protocol Specification Language (HLPSL)
vertising itself as having a stronger signal or a shorter [19, 20, 21], whose translated file is an intermediate format.
path to the central hub, causing other nodes to route
their data through it. The malicious node then dis-
cards or modifies the incoming data, potentially com-
promising sensitive medical information. In the pro-
posed work, the secure communication based on en-
