Secure Mutual Authentication Protocol Based on Wireless Body Area Networks

Main Article Content

Chalee Thammarat
Chian Techapanupreeda


Data sent from wireless body area networks to healthcare professionals or doctors include sensitive information which needs to be protected from unauthorized access. A mutual authentication protocol is a security feature that can prevent man-in-the-middle and spoofing attacks. A number of mutual authentication protocols based on wireless body area networks have been proposed; however, these impose high cryptographic operation costs, energy costs, and time costs, and also lack some security properties. In this research, we propose an efficient mutual authentication protocol for secure data exchange to send personal health records from a smartphone device to a doctor. The proposed protocol leads to a reduction in the cryptographic operation, energy, and time costs, and uses fewer resources than previous protocols. Although our approach utilizes a one-way hash function rather than encryption, it still provides the necessary security properties, unlike existing protocols. We also formally verify our approach using the Scyther tool and AVISPA. The results show that the proposed protocol has been verified as being resistant to attack as designed.

Article Details

How to Cite
C. Thammarat and C. Techapanupreeda, “Secure Mutual Authentication Protocol Based on Wireless Body Area Networks”, JIST, vol. 11, no. 2, pp. 29–37, Dec. 2021.
Academic Article: Information Assurance and Security(Detail in Scope of Journal)


C. Techapanupreed, W. Kurutach, “Enhancing transaction security for handling accountability in electronic health records,” Security and Communication Networks, 2020.

G. hamilarasu, and A. Odesile, "Securing wireless body area networks: Challenges, review and recommendations," International Conference on Computational Intelligence and Computing Research (ICCIC), pp. 1-7, 2016.

M. Kompara, and M. Hölbl, "Survey on security in intra-body area network communication," Ad Hoc Networks, vol. 70, pp. 23-43, 2018.

D. Vera, N. Costa, L. Roda-Sanchez, T. Olivares, A. Fernández-Caballero, and A. Pereira, "Body area networks in healthcare: A brief state of the art," Applied Sciences, vol. 9, no. 16, pp. 3248, 2019.

F. R. Yazdi, M. Hosseinzadeh, and S. Jabbehdari, “A review of state-of-the-art on wireless body area networks,” International Journal of Advanced Computer Science and Applications, pp. 443-455, 2017.

R. A. Khan, and A. S. K. Pathan, “The state-of-the-art wireless body area sensor networks: A survey,” International Journal of Distributed Sensor Networks, vol. 14, no. 4, 2018.

C. A. Tavera, J. H. Ortiz, O. I. Khalaf, D. F. Saavedra, and T. H. Aldhyani, “Wearable wireless body area networks for medical applications,” Computational and Mathematical Methods in Medicine, 2021.

S. J. Hussain, M. Irfan, N. Z. Jhanjhi, K. Hussain, and M. Humayun, “Performance enhancement in wireless body area networks with secure communication,” Wireless Personal Communications, vol. 116, no. 1, pp. 1-22, 2021.

C. C. Tan, H. Wang, S. Zhong, and Q. Li, “Body sensor network security: an identity-based cryptography approach,” In Proceedings of the first ACM conference on Wireless network security, pp. 148-153, 2008.

K. H. Yeh, “A secure IoT-based healthcare system with body sensor networks,” IEEE Access, vol. 4, pp. 10288-10299, 2016.

IEEE 802.15 WPAN Task Group 6 (TG6) Body Area Networ-ks". IEEE Standards Association. 9 Jun 2011. Retrieved 9 Dec 2021.

IEEE Standard for Information technology-- Local and metropolitan area networks- “Specific requirements-- Part 15.1a: Wireless Medium Access Control (MAC) and Physical Layer (PHY) specifications for Wireless Personal Area Networks (WPAN)," in IEEE Std 802.15.1-2005 (Revision of IEEE Std 802.15.1-2002) , vol., no., pp.1-700, 14 June 2005, doi: 10.1109/IEEESTD.2005.96290.

Approved IEEE Draft Amendment to IEEE Standard for Information Technology-Telecommunications and Information Exchange Between Systems-Part 15.4: “Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks (LR-WPANS): Amendment to Add Alternate Phy (Amendment of IEEE Std 802.15.4)," in IEEE Approved Std P802.15.4a/D7, Jan 2007 , 2007.

C. J. Cremers, “The Scyther tool: Verification, falsification, and analysis of security protocols,” In International Conference on Computer Aided Verification, Springer, Berlin, Heidelberg, pp. 414-418, 2008.

C. Thammarat, and W. Kurutach, “A lightweight and secure NFC-base mobile payment protocol ensuring fair exchange based on a hybrid encryption algorithm with formal verification,” International Journal of Communication Systems, vol. 32, no. 12, 2019.

W. Stallings, L. Brown, , M. D. Bauer, and A. K. Bhattacharjee, “Computer security: principles and practice,” Upper Saddle River, NJ, USA: Pearson Education, pp. 978, 2012.

R. Yan, J. Liu, and R. Sun, "An efficient authenticated key exchange protocol for wireless body area network," The Proceedings of the Third International Conference on Communications, Signal Processing, and Systems, Springer, Cham, pp. 51-58, 2015.

J. Liu, Q. Li, R. Yan, and R. Sun, "Efficient authenticated key exchange protocols for wireless body area networks," EURASIP Journal on Wireless Communications and Networking, pp. 1-11, 2015.

D. He, N. Kumar, J. Chen, C. C. Lee, N. Chilamkurti, and S. S. Yeo, "Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks," Multimedia Systems, vol. 21, no. 1, pp. 49-60, 2015.

R. Vishwakarma, and R. K. Mohapatra, "A secure three-party authentication protocol for wireless body area networks," In 2017 Third International Conference on Sensing, Signal Processing and Security (ICSSS), pp. 99-103, 2017.

C. Thammarat, and C. Techapanupreeda, "A secure authentication and key exchange protocol for M2M communication," In 2021 9th International Electrical Engineering Congress (iEECON), pp. 456-459, IEEE, 2021.

C. Thammarat, and C. Techapanupreeda, "A secure mobile payment protocol for handling accountability with formal verification," In 2021 International Conference on Information Networking (ICOIN), pp. 249-254, IEEE, 2021.

N. R. Potlapally, S. Ravi, A. Raghunathan, and N. K. Jha, "A study of the energy consumption characteristics of cryptographic algorithms and security protocols," in IEEE Trans. Mobile computing, vol. 5, no. 2, pp. 128-143, 2006.

X. Zheng, L. Yang, J. Ma, G. Shi, and D. Meng, "TrustPAY: Trusted mobile payment on security enhanced ARM TrustZone platforms," in Proc. on Computers and Communication, pp. 456-462, 2016.