{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,16]],"date-time":"2026-07-16T03:31:26Z","timestamp":1784172686768,"version":"3.55.0"},"reference-count":32,"publisher":"MDPI AG","issue":"7","license":[{"start":{"date-parts":[[2017,6,23]],"date-time":"2017-06-23T00:00:00Z","timestamp":1498176000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients\u2019 physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu\u2013Chung\u2019s scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password\/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.<\/jats:p>","DOI":"10.3390\/s17071482","type":"journal-article","created":{"date-parts":[[2017,6,23]],"date-time":"2017-06-23T08:16:18Z","timestamp":1498205778000},"page":"1482","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":100,"title":["An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System"],"prefix":"10.3390","volume":"17","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0637-5666","authenticated-orcid":false,"given":"Chun-Ta","family":"Li","sequence":"first","affiliation":[{"name":"Department of Information Management, Tainan University of Technology, 529 Zhongzheng Road, Tainan 71002, Taiwan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Tsu-Yang","family":"Wu","sequence":"additional","affiliation":[{"name":"Fujian Provincial Key Laboratory of Big Data Mining and Applications, Fujian University of Technology, Fuzhou 350118, China"},{"name":"National Demonstration Center for Experimental Electronic Information and Electrical Technology Education, Fujian University of Technology, 3 Xueyuan Road, Fuzhou 350118, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Chin-Ling","family":"Chen","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Information Engineering, Chaoyang University of Technology, 168 Jifeng East Road, Taichung 41349, Taiwan"},{"name":"School of Information Engineering, Changchun University of Technology, Changchun 130600, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8918-1703","authenticated-orcid":false,"given":"Cheng-Chi","family":"Lee","sequence":"additional","affiliation":[{"name":"Department of Library and Information Science, Fu Jen Catholic University, 510 Jhongjheng Road, New Taipei 24205, Taiwan"},{"name":"Department of Photonics and Communication Engineering, Asia University, 500 Lioufeng Road, Taichung 41354, Taiwan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6502-472X","authenticated-orcid":false,"given":"Chien-Ming","family":"Chen","sequence":"additional","affiliation":[{"name":"Harbin Institute of Technology Shenzhen Graduate School, Shenzhen University Town, Xili, Nanshan District, Shenzhen 518055, China"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2017,6,23]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1007\/s10916-016-0453-1","article-title":"Improvement of a privacy authentication scheme Based on cloud for medical environment","volume":"40","author":"Chiou","year":"2016","journal-title":"J. Med. Syst."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1007\/s00530-013-0346-9","article-title":"Robust anonymous authentication protocol for healthcare applications using wireless medical sensor networks","volume":"21","author":"He","year":"2015","journal-title":"Multimed. Syst."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"9589","DOI":"10.3390\/s130809589","article-title":"An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks","volume":"13","author":"Li","year":"2013","journal-title":"Sensors"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"117","DOI":"10.1007\/s10916-016-0474-9","article-title":"A secure cloud-assisted wireless body area network in mobile emergency medical care system","volume":"40","author":"Li","year":"2016","journal-title":"J. Med. Syst."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"4767","DOI":"10.3390\/s110504767","article-title":"A secured authentication protocol for wireless sensor networks using elliptic curves cryptography","volume":"11","author":"Yeh","year":"2011","journal-title":"Sensors"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1016\/j.ins.2014.09.003","article-title":"4S: A secure and privacy-preserving key management scheme for cloud-assisted wireless body area network in m-healthcare social networks","volume":"314","author":"Zhou","year":"2015","journal-title":"Inf. Sci."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Choi, J., In, Y., Park, C., Seok, S., Seo, H., and Kim, H. (2016). Secure IoT framework and 2D architecture for end-to-end security. J. Supercomput.","DOI":"10.1007\/s11227-016-1684-0"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"159","DOI":"10.1016\/j.adhoc.2014.11.018","article-title":"User authentication schemes for wireless sensor networks: A review","volume":"27","author":"Kumari","year":"2015","journal-title":"Ad Hoc Netw."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"2276","DOI":"10.1002\/sec.1487","article-title":"A secure chaotic maps based privacy-protection scheme for multi-server environments","volume":"9","author":"Li","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"ref_10","first-page":"553","article-title":"An efficient and robust user authentication scheme for hierarchical wireless sensor networks without tamper-proof smart card","volume":"18","author":"Maitra","year":"2016","journal-title":"Int. J. Netw. Secur."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"4400","DOI":"10.1007\/s11227-015-1534-5","article-title":"A lightweight key management scheme for wireless sensor networks","volume":"71","author":"Messai","year":"2015","journal-title":"J. Supercomput."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s11227-013-1021-9","article-title":"Wireless sensor networks: A survey on recent developments and potential synergies","volume":"68","author":"Rawat","year":"2014","journal-title":"J. Supercomput."},{"key":"ref_13","unstructured":"Wong, K., Zheng, Y., Cao, J., and Wang, S. (2006, January 5\u20137). A dynamic user authentication scheme for wireless sensor networks. Proceedings of the IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC), Taichung, Taiwan."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Tseng, H.R., Jan, R.H., and Yang, W. (2007, January 26\u201330). An improved dynamic user authentication scheme for wireless sensor networks. Proceedings of the IEEE Globecom, Washington, DC, USA.","DOI":"10.1109\/GLOCOM.2007.190"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Lee, T.H. (2008, January 25\u201331). Simple dynamic user authentication protocols for wireless sensor networks. Proceedings of the 2nd International Conference on Sensor Technologies and Applications, Cap Esterel, France.","DOI":"10.1109\/SENSORCOMM.2008.43"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1086","DOI":"10.1109\/TWC.2008.080128","article-title":"Two-factor user authentication in wireless sensor Networks","volume":"8","author":"Das","year":"2009","journal-title":"IEEE Trans. Wirel. Commun."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Huang, H.F., Chang, Y.F., and Liu, C.H. (2010, January 15\u201317). Enhancement of two-factor user authentication in wireless sensor networks. Proceedings of the 2010 6th International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), Darmstadt, Germany.","DOI":"10.1109\/IIHMSP.2010.14"},{"key":"ref_18","first-page":"4821","article-title":"A secure billing service with two-factor user authentication in wireless sensor networks","volume":"7","author":"Li","year":"2011","journal-title":"Int. J. Innov. Comput. Inf. Control"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"382810","DOI":"10.1155\/2012\/382810","article-title":"A security-performance-balanced user authentication scheme for wireless sensor networks","volume":"2012","author":"Yoo","year":"2012","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"316","DOI":"10.1016\/j.jnca.2012.05.010","article-title":"A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks","volume":"36","author":"Xue","year":"2013","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"250","DOI":"10.1016\/j.compeleceng.2016.01.002","article-title":"Secure user authentication scheme for wireless healthcare sensor networks","volume":"59","author":"Liu","year":"2016","journal-title":"Comput. Electr. Eng."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1007\/3-540-45455-1_3","article-title":"The weil and tate pairings as building blocks for public key cryptosystems","volume":"2369","author":"Joux","year":"2002","journal-title":"Lect. Notes Comput. Sci."},{"key":"ref_23","first-page":"350","article-title":"Security analysis of a dynamic ID-based authentication scheme for multi-server environment using smart cards","volume":"15","author":"He","year":"2013","journal-title":"Int. J. Netw. Secur."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"He, D., Zeadally, S., Kumar, N., and Lee, J.H. (2016). Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J.","DOI":"10.1109\/JSYST.2016.2544805"},{"key":"ref_25","first-page":"374","article-title":"ECPB: Efficient conditional privacy-preserving authentication scheme supporting batch verification for VANETs","volume":"18","author":"Wang","year":"2016","journal-title":"Int. J. Netw. Secur."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"541","DOI":"10.1109\/TC.2002.1004593","article-title":"Examining smart-card security under the threat of power analysis attacks","volume":"51","author":"Messerges","year":"2002","journal-title":"IEEE Trans. Comput."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Bellare, M., and Rogaway, P. (1993, January 3\u20135). Random oracles are practical: A paradigm designing efficient protocols. Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, VA, USA.","DOI":"10.1145\/168588.168596"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"557","DOI":"10.1145\/1008731.1008734","article-title":"The random oracle metholodology, revisited","volume":"51","author":"Canetti","year":"2004","journal-title":"J. ACM"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"3410","DOI":"10.1109\/ACCESS.2017.2675163","article-title":"A provable secure private data delegation scheme for mountaineering events in emergency system","volume":"5","author":"Chen","year":"2017","journal-title":"IEEE Access"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"1520","DOI":"10.1016\/j.comnet.2009.12.008","article-title":"An efficient user authentication and key exchange protocol for mobile client-server environments","volume":"54","author":"Wu","year":"2010","journal-title":"Comput. Netw."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"1009","DOI":"10.1016\/j.adhoc.2012.01.002","article-title":"An efficient remote user authentication and key agreement protocol for mobile client-Vserver environment from pairings","volume":"10","author":"He","year":"2012","journal-title":"Ad Hoc Netw."},{"key":"ref_32","unstructured":"(2017, June 22). Shamus Software. Available online: https:\/\/github.com\/miracl\/MIRACL."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/17\/7\/1482\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T18:40:07Z","timestamp":1760208007000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/17\/7\/1482"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,6,23]]},"references-count":32,"journal-issue":{"issue":"7","published-online":{"date-parts":[[2017,7]]}},"alternative-id":["s17071482"],"URL":"https:\/\/doi.org\/10.3390\/s17071482","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,6,23]]}}}