Open AccessOpen Access


A Lightweight and Robust User Authentication Protocol with User Anonymity for IoT-Based Healthcare

Chien-Ming Chen1,*, Shuangshuang Liu1, Shehzad Ashraf Chaudhry2, Yeh-Cheng Chen3, Muhammad Asghar khan4

1 College of Computer Science and Engineering, Shandong University of Science and Technology, Qingdao, 266590, China
2 Department of Computer Engineering, Istanbul Gelisim University, Istanbul, 34310, Turkey
3 Department of Computer Science, University of California, Davis, CA, 95616, USA
4 Department of Electrical Engineering, Hamdard University, Islamabad, 44000, Pakistan

* Corresponding Author: Chien-Ming Chen. Email:

(This article belongs to this Special Issue: Internet of Things in Healthcare and Health: Security and Privacy)

Computer Modeling in Engineering & Sciences 2022, 131(1), 307-329.


With the rise of the Internet of Things (IoT), the word “intelligent medical care” has increasingly become a major vision. Intelligent medicine adopts the most advanced IoT technology to realize the interaction between patients and people, medical institutions, and medical equipment. However, with the openness of network transmission, the security and privacy of information transmission have become a major problem. Recently, Masud et al. proposed a lightweight anonymous user authentication protocol for IoT medical treatment, claiming that their method can resist various attacks. However, through analysis of the protocol, we observed that their protocol cannot effectively resist privileged internal attacks, sensor node capture attacks, and stolen authentication attacks, and their protocol does not have perfect forward security. Therefore, we propose a new protocol to resolve the security vulnerabilities in Masud’s protocol and remove some redundant parameters, so as to make the protocol more compact and secure. In addition, we evaluate the security and performance of the new protocol and prove that the overall performance of the new protocol is better than that of other related protocols.


Cite This Article

Chen, C., Liu, S., Chaudhry, S. A., Chen, Y., Khan, M. A. (2022). A Lightweight and Robust User Authentication Protocol with User Anonymity for IoT-Based Healthcare. CMES-Computer Modeling in Engineering & Sciences, 131(1), 307–329.


This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1277


  • 868


  • 0


Share Link

WeChat scan