An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks

Wireless sensor networks (WSNs) are fast developed and widely used in many applications. One of the most important applications is wireless medical sensor network (WMSN) which makes modern health-care more popular. The doctor can get the patient's physiological data collected by special sensors deployed on or in the patient's body in real time with the mobile devices via the wireless communication channel. The collected data are important and should be confidential. So security measures are considered in the process of communication. Recently, He et al. (Multimed Syst, 21(1), 49-60, 2015) proposed a new two-factor authentication scheme for health-care with WMSNs and claimed it to be secure. But we find that it is vulnerable to the off-line guessing attack, the user impersonation attack, and the sensor node capture attack. Moreover, we present an improved scheme to overcome the disadvantages. Through the formal verification with Proverif and the analysis presented by us, our scheme is secure. It is more practical for applications through the comparison between some recent schemes for WMSNs.