In healthcare, wireless body area networks (WBANs) can be used to constantly collect patient body data and assist in real-time medical services for patients from physicians. In such security- and privacy-critical systems, the user authentication mechanism can be fundamentally expected to prevent illegal access and privacy leakage occurrences issued by hacker intrusion. Currently, a significant quantity of new WBAN-oriented authentication protocols have been designed to verify user identity and ensure that body data are accessed only with a session key. However, those newly published protocols still unavoidably affect session key security and user privacy due to the lack of forward secrecy, mutual authentication, user anonymity, etc. To solve this problem, this paper designs a robust user authentication protocol. By checking the integrity of the message sent by the other party, the communication entity verifies the other party's identity validity. Compared with existing protocols, the presented protocol enhances security and privacy while maintaining the efficiency of computation.
Keywords: Rivest–Shamir–Adleman (RSA); authentication; hash function; healthcare; wireless body area networks (WBANs).