A Secure Biometric-Based User Authentication Scheme for Cyber-Physical Systems in Healthcare

Abstract

The effectiveness and advantages of Cyber-Physical Systems (CPS) are significantly influenced by the interconnectivity of individual devices or nodes, such as Internet of Things (IoT) devices. The exchange of data that is pertinent to a comprehensive job or capability plays a crucial role in numerous CPS applications, including healthcare monitoring in smart cities and homes and many more. Data exploitation in remote healthcare systems may have catastrophic consequences for patients; hence, a safe cryptographic technique is necessary. To address these security difficulties, a highly effective biometric based three-factor mutual authentication along with a key agreement scheme has been put forth that leverages the lightweight Elliptic Curve Cryptosystem (ECC). This scheme has been specifically designed to cater to the unique requirements of remote healthcare systems. The approach has been validated utilizing the Burrows-Abadi-Needham (BAN) logic, which verifies the effectiveness of mutual authentication. Also, the resistance to active and passive attacks was demonstrated through the use of the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Furthermore, a preliminary security evaluation is conducted to verify the resilience of the proposed system against several cryptographic attacks. Additionally, the suggested method is evaluated against existing state-of-the-art schemes and demonstrates superior performance in various security dimensions.