Efficient privacy preserving device authentication in WBANs for industrial e-health applications

Leakage of sensitive e-health data would severely cause threats leading to tampering of health and person related information. So preserving the privacy of the patient information is an essential feature in e-health systems. In this paper, we first explore the security limitations of the existing authentication schemes. Most of the schemes fail to provide privacy of the credentials of users when session ephemeral secrets are revealed to an adversary. To address the drawbacks found in the existing schemes, we propose a privacy preserving device authentication scheme for wireless body area networks. This proposed scheme provides robust security even if ephemeral secrets are revealed to the adversary. Additionally the proposed scheme avoids the management of large number of public-keys of application providers by the client device. Using Java Pairing-Based Cryptography Library (JPBC), we performed simulations to show that our proposed scheme provides reduced computational overhead for both the client device and the application provider.