{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,26]],"date-time":"2026-01-26T18:06:39Z","timestamp":1769450799587,"version":"3.49.0"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,1,26]],"date-time":"2026-01-26T00:00:00Z","timestamp":1769385600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,1,26]],"date-time":"2026-01-26T00:00:00Z","timestamp":1769385600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>Wireless Medical Sensor Networks (WMSNs) are crucial for remote medical monitoring, yet they face significant challenges in terms of data security and privacy protection. Authentication and Key Agreement (AKA) protocols are effective technologies for safeguarding privacy; however, existing solutions often struggle to resist desynchronization attacks or sacrifice untraceability in the pursuit of anonymity. Additionally, the adoption of public-key cryptography substantially increases both computational and communication costs. To address these issues, this paper proposes a lightweight protocol based on the RD-UT List (Resistance to Desynchronization and Untraceability List) synchronization mechanism, which can resist desynchronization attacks and ensure untraceability. This mechanism functions by generating and periodically updating temporary identity credentials and hash chain values, ensuring reliable authentication and key agreement among users, servers, and sensor nodes. During data transmission, the mechanism not only achieves anonymity and untraceability but also effectively defends against desynchronization attacks. Compared with existing solutions, this protocol significantly improves both computational and communication efficiency: it reduces computational overhead by at least 65.01% and cuts communication costs by at least 22.22%. Its security has been fully validated through formal proofs and informal analysis. Furthermore, on an experimental platform simulating sensor nodes using Raspberry Pi 5, the protocol successfully achieves mutual authentication and session key agreement between users and sensors, verifying its practicality in resource-constrained WMSNs environments. In summary, this protocol provides an efficient and tailored solution for data protection in WMSNs environments.<\/jats:p>","DOI":"10.1186\/s42400-025-00536-5","type":"journal-article","created":{"date-parts":[[2026,1,26]],"date-time":"2026-01-26T07:49:38Z","timestamp":1769413778000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Lightweight anonymous authentication and key agreement protocol resistant to desynchronization attacks"],"prefix":"10.1186","volume":"9","author":[{"given":"Shenjin","family":"Wang","sequence":"first","affiliation":[]},{"given":"Shunfang","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Junhua","family":"Chen","sequence":"additional","affiliation":[]},{"given":"Kaixuan","family":"Ma","sequence":"additional","affiliation":[]},{"given":"Wei","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Ya","family":"Zhang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,1,26]]},"reference":[{"key":"536_CR1","doi-asserted-by":"publisher","first-page":"483","DOI":"10.1016\/j.future.2016.05.032","volume":"80","author":"R Amin","year":"2018","unstructured":"Amin R, Islam SH, Biswas G, Khan MK, Kumar N (2018) A robust and anonymous patient monitoring system using wireless medical sensor networks. Futur Gener Comput Syst 80:483\u2013495","journal-title":"Futur Gener Comput Syst"},{"key":"536_CR2","doi-asserted-by":"crossref","unstructured":"Ali R, Pal AK, Kumari S, Sangaiah AK, Li X, Wu F (2018) An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring","DOI":"10.1007\/s12652-018-1015-9"},{"key":"536_CR3","doi-asserted-by":"publisher","first-page":"47282","DOI":"10.1109\/ACCESS.2020.2978891","volume":"8","author":"G Xu","year":"2020","unstructured":"Xu G, Wang F, Zhang M, Peng J (2020) Efficient and provably secure anonymous user authentication scheme for patient monitoring using wireless medical sensor networks. IEEE Access 8:47282\u201347294","journal-title":"IEEE Access"},{"key":"536_CR4","doi-asserted-by":"publisher","first-page":"534","DOI":"10.1016\/j.compeleceng.2017.08.003","volume":"69","author":"S Challa","year":"2018","unstructured":"Challa S, Das AK, Odelu V, Kumar N, Kumari S, Khan MK, Vasilakos AV (2018) An efficient ecc-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Compu Electr Eng 69:534\u2013554","journal-title":"Compu Electr Eng"},{"key":"536_CR5","doi-asserted-by":"publisher","first-page":"483","DOI":"10.1016\/j.future.2016.05.032","volume":"80","author":"R Amin","year":"2018","unstructured":"Amin R, Islam SH, Biswas G, Khan MK, Kumar N (2018) A robust and anonymous patient monitoring system using wireless medical sensor networks. Futur Gener Comput Syst 80:483\u2013495","journal-title":"Futur Gener Comput Syst"},{"key":"536_CR6","doi-asserted-by":"crossref","unstructured":"Deebak B, Hwang SO (2024) Privacy preserving based on seamless authentication with provable key verification using miomt for b5g-enabled healthcare systems. IEEE Transactions on Services Computing","DOI":"10.1109\/TSC.2024.3382950"},{"key":"536_CR7","doi-asserted-by":"publisher","first-page":"727","DOI":"10.1016\/j.future.2017.08.042","volume":"82","author":"F Wu","year":"2018","unstructured":"Wu F, Li X, Sangaiah AK, Xu L, Kumari S, Wu L, Shen J (2018) A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Futur Gener Comput Syst 82:727\u2013737","journal-title":"Futur Gener Comput Syst"},{"issue":"2","key":"536_CR8","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1007\/s00530-015-0476-3","volume":"23","author":"F Wu","year":"2015","unstructured":"Wu F, Xu L, Kumari S, Li X (2015) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimedia Syst 23(2):195\u2013205","journal-title":"Multimedia Syst"},{"issue":"1","key":"536_CR9","first-page":"8145087","volume":"2019","author":"M Shuai","year":"2019","unstructured":"Shuai M, Liu B, Yu N, Xiong L (2019) Lightweight and secure three-factor authentication scheme for remote patient monitoring using on-body wireless networks. Security Commun Netw 2019(1):8145087","journal-title":"Security Commun Netw"},{"key":"536_CR10","doi-asserted-by":"crossref","unstructured":"Tu S, Badshah A, Alasmary H, Waqas M (2023) Eake-wc: Efficient and anonymous authenticated key exchange scheme for wearable computing. IEEE Transactions on Mobile Computing","DOI":"10.1109\/TMC.2023.3297854"},{"key":"536_CR11","first-page":"102992","volume":"63","author":"P Mohit","year":"2021","unstructured":"Mohit P (2021) An efficient mutual authentication and privacy prevention scheme for e-healthcare monitoring. J Inform Security Appl 63:102992","journal-title":"J Inform Security Appl"},{"key":"536_CR12","doi-asserted-by":"publisher","first-page":"108460","DOI":"10.1016\/j.comnet.2021.108460","volume":"199","author":"MJ Sadri","year":"2021","unstructured":"Sadri MJ, Asaar MR (2021) An anonymous two-factor authentication protocol for iot-based applications. Comput Netw 199:108460","journal-title":"Comput Netw"},{"key":"536_CR13","first-page":"102499","volume":"52","author":"M Shuai","year":"2020","unstructured":"Shuai M, Liu B, Yu N, Xiong L, Wang C (2020) Efficient and privacy-preserving authentication scheme for wireless body area networks. J Inform Security Appl 52:102499","journal-title":"J Inform Security Appl"},{"key":"536_CR14","doi-asserted-by":"publisher","first-page":"100035","DOI":"10.1016\/j.csa.2024.100035","volume":"2","author":"M Manickam","year":"2024","unstructured":"Manickam M, Devarajan GG (2024) A three-factor mutual authentication scheme for telecare medical information system based on ecc. Cyber Security Appl 2:100035","journal-title":"Cyber Security Appl"},{"key":"536_CR15","doi-asserted-by":"crossref","unstructured":"Salem FM, Zaky NF, Saad EM, Hosny HAH (2024) An improved and efficient rsa-based authentication scheme for healthcare systems. Jordanian Journal of Computers and Information Technology (JJCIT) 10(03)","DOI":"10.5455\/jjcit.71-1707903116"},{"issue":"4","key":"536_CR16","doi-asserted-by":"publisher","first-page":"380","DOI":"10.1049\/iet-ifs.2019.0491","volume":"14","author":"M Shuai","year":"2020","unstructured":"Shuai M, Xiong L, Wang C, Yu N (2020) Lightweight and privacy-preserving authentication scheme with the resilience of desynchronisation attacks for wbans. IET Inf Secur 14(4):380\u2013390","journal-title":"IET Inf Secur"},{"key":"536_CR17","doi-asserted-by":"crossref","unstructured":"Chen CM, Chen Z, Das AK, Chaudhry SA (2023) A security-enhanced and ultra-lightweight communication protocol for internet of medical things. IEEE Internet of Things Journal","DOI":"10.1109\/JIOT.2023.3327322"},{"key":"536_CR18","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1016\/j.ins.2015.03.070","volume":"321","author":"D Wang","year":"2015","unstructured":"Wang D, Wang N, Wang P, Qing S (2015) Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity. Inf Sci 321:162\u2013178","journal-title":"Inf Sci"},{"issue":"15","key":"536_CR19","doi-asserted-by":"publisher","first-page":"2643","DOI":"10.1002\/sec.1214","volume":"9","author":"X Li","year":"2016","unstructured":"Li X, Niu J, Kumari S, Liao J, Liang W, Khan MK (2016) A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity. Security Commun Netw 9(15):2643\u20132655","journal-title":"Security Commun Netw"},{"issue":"94","key":"536_CR20","first-page":"1899","volume":"3","author":"AK Das","year":"2016","unstructured":"Das AK, Sutrala AK, Odelu V, Goswami A (2016) A secure smartcard-based anonymous user authentication scheme for healthcare applications using wireless medical sensor networks. Wireless Pers Commun 3(94):1899\u20131933","journal-title":"Wireless Pers Commun"},{"key":"536_CR21","doi-asserted-by":"publisher","first-page":"250","DOI":"10.1016\/j.compeleceng.2016.01.002","volume":"59","author":"C-H Liu","year":"2017","unstructured":"Liu C-H, Chung Y-F (2017) Secure user authentication scheme for wireless healthcare sensor networks. Comput Electr Eng 59:250\u2013261","journal-title":"Comput Electr Eng"},{"key":"536_CR22","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1007\/s00530-015-0476-3","volume":"23","author":"F Wu","year":"2017","unstructured":"Wu F, Xu L, Kumari S, Li X (2017) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimedia Syst 23:195\u2013205","journal-title":"Multimedia Syst"},{"key":"536_CR23","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10916-017-0720-9","volume":"41","author":"J Srinivas","year":"2017","unstructured":"Srinivas J, Mishra D, Mukhopadhyay S (2017) A mutual authentication framework for wireless medical sensor networks. J Med Syst 41:1\u201319","journal-title":"J Med Syst"},{"key":"536_CR24","doi-asserted-by":"publisher","first-page":"727","DOI":"10.1016\/j.future.2017.08.042","volume":"82","author":"F Wu","year":"2018","unstructured":"Wu F, Li X, Sangaiah AK, Xu L, Kumari S, Wu L, Shen J (2018) A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Futur Gener Comput Syst 82:727\u2013737","journal-title":"Futur Gener Comput Syst"},{"issue":"3","key":"536_CR25","doi-asserted-by":"publisher","first-page":"2316","DOI":"10.1109\/TITS.2021.3056704","volume":"23","author":"AK Sutrala","year":"2022","unstructured":"Sutrala AK, Obaidat MS, Saha S, Das AK, Alazab M, Park Y (2022) Authenticated key agreement scheme with user anonymity and untraceability for 5g-enabled softwarized industrial cyber-physical systems. IEEE Trans Intell Transp Syst 23(3):2316\u20132330","journal-title":"IEEE Trans Intell Transp Syst"},{"key":"536_CR26","doi-asserted-by":"publisher","first-page":"2961","DOI":"10.1109\/TIFS.2023.3272772","volume":"18","author":"C Wang","year":"2023","unstructured":"Wang C, Wang D, Duan Y, Tao X (2023) Secure and lightweight user authentication scheme for cloud-assisted internet of things. IEEE Trans Inf Forensics Secur 18:2961\u20132976","journal-title":"IEEE Trans Inf Forensics Secur"},{"issue":"4","key":"536_CR27","doi-asserted-by":"publisher","first-page":"3484","DOI":"10.1002\/dac.3484","volume":"31","author":"R Ali","year":"2018","unstructured":"Ali R, Pal AK (2018) An efficient three factor-based authentication scheme in multiserver environment using ecc. Int J Commun Syst 31(4):3484","journal-title":"Int J Commun Syst"},{"issue":"2","key":"536_CR28","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","volume":"29","author":"D Dolev","year":"1983","unstructured":"Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198\u2013208","journal-title":"IEEE Trans Inf Theory"},{"issue":"1","key":"536_CR29","doi-asserted-by":"publisher","first-page":"465","DOI":"10.1109\/COMST.2017.2779824","volume":"20","author":"R Spreitzer","year":"2017","unstructured":"Spreitzer R, Moonsamy V, Korak T, Mangard S (2017) Systematic classification of side-channel attacks: a case study for mobile devices. IEEE Commun Surv Tutorials 20(1):465\u2013488","journal-title":"IEEE Commun Surv Tutorials"},{"key":"536_CR30","unstructured":"Kocher PC, Jaffe JM, Jun BC (2009) Differential power analysis. Google Patents. US Patent 7,634,083"},{"key":"536_CR31","doi-asserted-by":"publisher","first-page":"1899","DOI":"10.1007\/s11277-016-3718-6","volume":"94","author":"AK Das","year":"2017","unstructured":"Das AK, Sutrala AK, Odelu V, Goswami A (2017) A secure smartcard-based anonymous user authentication scheme for healthcare applications using wireless medical sensor networks. Wireless Pers Commun 94:1899\u20131933","journal-title":"Wireless Pers Commun"},{"key":"536_CR32","doi-asserted-by":"publisher","first-page":"727","DOI":"10.1016\/j.future.2017.08.042","volume":"82","author":"F Wu","year":"2018","unstructured":"Wu F, Li X, Sangaiah AK, Xu L, Kumari S, Wu L, Shen J (2018) A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Futur Gener Comput Syst 82:727\u2013737","journal-title":"Futur Gener Comput Syst"},{"key":"536_CR33","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1016\/j.ins.2015.03.070","volume":"321","author":"D Wang","year":"2015","unstructured":"Wang D, Wang N, Wang P, Qing S (2015) Preserving privacy for free: efficient and provably secure two-factor authentication scheme with user anonymity. Inf Sci 321:162\u2013178","journal-title":"Inf Sci"},{"key":"536_CR34","doi-asserted-by":"crossref","unstructured":"Abdalla M, Fouque PA, Pointcheval D (2005) Password-based authenticated key exchange in the three-party setting. In: Public Key Cryptography-PKC 2005: 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, January 23-26, 2005. Proceedings 8, pp. 65\u201384. Springer","DOI":"10.1007\/978-3-540-30580-4_6"},{"issue":"11","key":"536_CR35","doi-asserted-by":"publisher","first-page":"2776","DOI":"10.1109\/TIFS.2017.2721359","volume":"12","author":"D Wang","year":"2017","unstructured":"Wang D, Cheng H, Wang P, Huang X, Jian G (2017) Zipf\u2019s law in passwords. IEEE Trans Inf Forensics Secur 12(11):2776\u20132791","journal-title":"IEEE Trans Inf Forensics Secur"},{"key":"536_CR36","doi-asserted-by":"publisher","first-page":"727","DOI":"10.1016\/j.future.2017.08.042","volume":"82","author":"F Wu","year":"2018","unstructured":"Wu F, Li X, Sangaiah AK, Xu L, Kumari S, Wu L, Shen J (2018) A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Futur Gener Comput Syst 82:727\u2013737","journal-title":"Futur Gener Comput Syst"},{"issue":"8","key":"536_CR37","doi-asserted-by":"publisher","first-page":"3599","DOI":"10.1109\/TII.2017.2773666","volume":"14","author":"X Li","year":"2017","unstructured":"Li X, Niu J, Bhuiyan MZA, Wu F, Karuppiah M, Kumari S (2017) A robust ecc-based provable secure authentication protocol with privacy preserving for industrial internet of things. IEEE Trans Industr Inf 14(8):3599\u20133609","journal-title":"IEEE Trans Industr Inf"},{"issue":"9","key":"536_CR38","doi-asserted-by":"publisher","first-page":"7727","DOI":"10.1109\/JIOT.2020.3040938","volume":"8","author":"J Srinivas","year":"2021","unstructured":"Srinivas J, Das AK, Wazid M, Vasilakos AV (2021) Designing secure user authentication protocol for big data collection in iot-based intelligent transportation system. IEEE Internet Things J 8(9):7727\u20137744","journal-title":"IEEE Internet Things J"},{"issue":"3","key":"536_CR39","doi-asserted-by":"publisher","first-page":"2316","DOI":"10.1109\/TITS.2021.3056704","volume":"23","author":"AK Sutrala","year":"2021","unstructured":"Sutrala AK, Obaidat MS, Saha S, Das AK, Alazab M, Park Y (2021) Authenticated key agreement scheme with user anonymity and untraceability for 5g-enabled softwarized industrial cyber-physical systems. IEEE Trans Intell Transp Syst 23(3):2316\u20132330","journal-title":"IEEE Trans Intell Transp Syst"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00536-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-025-00536-5","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00536-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,26]],"date-time":"2026-01-26T07:49:41Z","timestamp":1769413781000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s42400-025-00536-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,1,26]]},"references-count":39,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,12]]}},"alternative-id":["536"],"URL":"https:\/\/doi.org\/10.1186\/s42400-025-00536-5","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,1,26]]},"assertion":[{"value":"21 June 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 December 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 January 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"113"}}