Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks.

Wireless body area networks (WBANs) are used to collect and exchange vital and sensitive information about the physical conditions of patients. Due to the openness and mobility of such networks, even without knowing the context of the exchanged data or linking traffic to the identities of involved sensors, criminals are able to gain useful information about the severe conditions of patients and carry effective undetectable physical attacks. Therefore, confidentiality and mutual authentication services are essential for WBANs, and the transmission must be anonymous and unlinkable as well. Given the limitations of the resources available for these sensors, a lightweight anonymous mutual authentication and key agreement scheme for centralized two-hop WBANs is proposed in this paper, which allows sensor nodes attached to the patient’s body to authenticate with the local server/hub node and establish a session key in an anonymous and unlinkable manner. The security of our scheme is proved by rigorous formal proof using BAN logic and also through informal analysis. Besides, the security of our scheme is evaluated by using the Automated Validation of Internet Security Protocols and Applications (AVISPA) as well. Finally, we compare our proposed scheme with other related schemes and the comparison results show that our scheme outperforms previously related schemes.