Lightweight authentication protocol for connected medical IoT through privacy-preserving access

With the rapid progress of communication technology, the Internet of Things (IoT) has emerged as an essential element in our daily lives. Given that the IoT encompasses diverse devices that often have limited resources in terms of communication, computation, and storage. Consequently, the National Institute of Standards and Technology (NIST) has standardized several lightweight cryptographic algorithms for encryption and decryption, specifically designed to meet the needs of resource -constrained IoT devices. These cryptographic algorithms, known as authenticated encryption with associated data (AEAD), offer more than just confidentiality-they also guarantee information integrity and authentication. Unlike conventional encryption algorithms like AES, which solely provide confidentiality, AEAD algorithms encompass additional functionality to achieve authenticity. This eliminates the need for separate algorithms like message authentication codes to ensure authenticity. Therefore, by leveraging the characteristics of an AEAD protocol, it is possible to develop a lightweight authentication framework to mitigate the security risks inherent in public communication channels. Therefore, in this work, we designed the lightweight authentication protocol for the smart healthcare system (BLAP-SHS) using an AEAD mechanism. In order to do this, a session key must first be created for encrypted communication. This is done via a method called mutual authentication, which verifies the legitimacy of both the user and the server. The random -or -real methodology ensures the security of the derived session key, and the Scyther tool is used to assess BLAP-SHS' resistance to man -in -the -middle and replay attacks. Through using the technique of informal security analysis, the resilience of BLAP-SHS against denial of service, and password -guessing threats are evaluated. By juxtaposing BLAP-SHS with other prominent authentication techniques, the usefulness of BLAP-SHS is also assessed in terms of computing and communication costs. We illustrate that the BLAP-SHS requires a reduction in computation cost ranging from [70.11% to 95.21%] and a reduction in communication resources ranging from [3.85% to 9.09%], as evidenced by our comparative study.