In an end-to-end authentication (E2EA) scheme, the physician, patient, and sensor nodes authenticate each other through the healthcare service provider in three phases: the long-term authentication phase (LAP), short-term authentication phase (SAP), and sensor authentication phase (WAP). Once the LAP is executed between all communication nodes, the SAP is executed (m) times between the physician and patient by deriving a new key from the PSij key generated by healthcare service provider during the LAP. In addition, the WAP is executed between the connected sensor and patient (m + 1) times without going back to the service provider. Thus, it is critical to determine an appropriate (m) value to maintain a specific security level and to minimize the cost of E2EA. Therefore, we proposed an analytic model in which the authentication signaling traffic is represented by a Poisson process to derive an authentication signaling traffic cost function for the (m) value. wherein the residence time of authentication has three distributions: gamma, hypo-exponential, and exponential. Finally, using the numerical analysis of the derived cost function, an optimal value (m) that minimizes the authentication signaling traffic cost of the E2EA scheme was determined.
Keywords: E2EA scheme; Poisson process; WMSN; healthcare IoT system; mutual authentication; probability distribution.