Blockchain and PUF-Based Lightweight Authentication Protocol for Wireless Medical Sensor Networks

Due to the emergence of heterogeneous Internet of Medical Things (IoMT) (e.g., wearable health devices, smartwatch monitoring, and automated insulin delivery systems), large volumes of patient data are dispatched to central cloud servers for disease analysis and diagnosis. Although this direct mode brings a lot of convenience for both patients and medical professionals (MPs), the open communication channel between them also incurs several security and privacy issues, such as man-in-the-middle attacks, eavesdropping attacks, and tracking attacks. Based on the unsolved challenges in wireless medical sensor networks (WMSNs), several researchers have proposed various authentication and key agreement (AKA) protocols for this type of healthcare system recently. However, most of these protocols do not perceive physical-layer security and over-centralized server problem in WMSN. In this article, to address these two open problems, we propose a lightweight and reliable authentication protocol for WMSN, which is composed of cutting-edge blockchain technology and physically unclonable functions (PUFs). In addition, a fuzzy extractor scheme is introduced to deal with biometric information. Subsequently, two security evaluation methods are used to prove the high reliability of our proposed scheme. Finally, performance evaluation experiments illustrate that the proposed mutual authentication protocol requires the least computation and communication cost among the compared schemes.