HARCI: A Two-Way Authentication Protocol for Three Entity Healthcare IoT Networks

With the recent use of IoT in the field of healthcare, a lot of patient data is being transmitted and made available online. This necessitates sufficient security measures to be put in place to prevent the possibilities of cyberattacks. In this regard, several authentication techniques have been designed in recent times to mitigate these challenges, but the physical security of the healthcare IoT devices against node tampering and node replacement attacks, in particular, is not addressed sufficiently in the literature. To address these challenges, a two-way two-stage authentication protocol using hardware security primitives called Physical Unclonable Functions (PUFs) is presented in this paper. Considering the memory and energy constraints of healthcare IoT devices, this protocol is made very lightweight. A formal security evaluation of this protocol is done to prove its validity. We also compare it with relevant protocols in the healthcare IoT scenario in terms of computation time and security to show its suitability and robustness.

Automated summary

This paper introduces a two-way two-stage authentication protocol using Physical Unclonable Functions (PUFs) to address the physical security challenges of healthcare IoT devices. The protocol is lightweight and formally evaluated for security, compared to relevant protocols to show its suitability and robustness.