{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,13]],"date-time":"2026-03-13T03:01:49Z","timestamp":1773370909109,"version":"3.50.1"},"reference-count":34,"publisher":"MDPI AG","issue":"24","license":[{"start":{"date-parts":[[2020,12,12]],"date-time":"2020-12-12T00:00:00Z","timestamp":1607731200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Internet of Things (IoT) technology has recently been integrated with various healthcare devices to monitor patients\u2019 health status and share it with their healthcare practitioners. Since healthcare data often contain personal and sensitive information, healthcare systems must provide a secure user authentication scheme. Recently, Adavoudi-Jolfaei et al. and Sharma and Kalra proposed a lightweight protocol using hash function encryption only for user authentication on wireless sensor systems. In this paper, we found some weaknesses in target schemes. We propose a novel three-factor lightweight user authentication scheme that addresses these weaknesses and verifies the security of the proposed scheme using a formal verification tool called ProVerif. In addition, our proposed scheme outperforms other proposed symmetric encryption-based schemes or elliptic curve-based schemes.<\/jats:p>","DOI":"10.3390\/s20247136","type":"journal-article","created":{"date-parts":[[2020,12,13]],"date-time":"2020-12-13T23:39:36Z","timestamp":1607902776000},"page":"7136","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":28,"title":["A Secure and Lightweight Three-Factor-Based Authentication Scheme for Smart Healthcare Systems"],"prefix":"10.3390","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8124-3853","authenticated-orcid":false,"given":"Jihyeon","family":"Ryu","sequence":"first","affiliation":[{"name":"Department of Software, Sungkyunkwan University, 2066 Seobu-ro, Jangan-gu, Suwon-si 16419, Gyeonggi-do, Korea"}]},{"given":"Dongwoo","family":"Kang","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, Sungkyunkwan University, 2066 Seobu-ro, Jangan-gu, Suwon-si 16419, Gyeonggi-do, Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5777-4256","authenticated-orcid":false,"given":"Hakjun","family":"Lee","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, Sungkyunkwan University, 2066 Seobu-ro, Jangan-gu, Suwon-si 16419, Gyeonggi-do, Korea"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1605-3866","authenticated-orcid":false,"given":"Hyoungshick","family":"Kim","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Sungkyunkwan University, 2066 Seobu-ro, Jangan-gu, Suwon-si 16419, Gyeonggi-do, Korea"}]},{"given":"Dongho","family":"Won","sequence":"additional","affiliation":[{"name":"Department of Computer Engineering, Sungkyunkwan University, 2066 Seobu-ro, Jangan-gu, Suwon-si 16419, Gyeonggi-do, Korea"}]}],"member":"1968","published-online":{"date-parts":[[2020,12,12]]},"reference":[{"key":"ref_1","unstructured":"Gregg, M. (2020, December 12). Trends in Remote Patient Monitoring 2019. Spyglass Consulting Group. Available online: http:\/\/www.spyglass-consulting.com\/wp_RPM_2019.html."},{"key":"ref_2","first-page":"66","article-title":"Applications of artificial neural networks for ECG signal detection and classification","volume":"26","author":"Hu","year":"1993","journal-title":"J. Electrocardiol."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"245","DOI":"10.1016\/j.cmpb.2008.04.006","article-title":"QRS complexes detection for ECG signal: The Difference Operation Method","volume":"91","author":"Yeh","year":"2008","journal-title":"Comput. Methods Programs Biomed."},{"key":"ref_4","unstructured":"Van Ess, D.W. (2006). ECG Signal Detection Device. (7,092,750), US Patent."},{"key":"ref_5","unstructured":"Chung, W.Y., Lee, Y.D., and Jung, S.J. (2008, January 20\u201325). A wireless sensor network compatible wearable u-healthcare monitoring system using integrated ECG, accelerometer and SpO2. Proceedings of the 2008 30th Annual International Conference of the IEEE Engineering in Medicine and Biology Society, Vancouver, BC, Canada."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"619","DOI":"10.1007\/s40998-018-0146-5","article-title":"A Lightweight User Authentication Scheme for Cloud-IoT Based Healthcare Services","volume":"43","author":"Sharma","year":"2019","journal-title":"Iran. J. Sci. Technol. Trans. Electr. Eng."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Ryu, J., Lee, H., Kim, H., and Won, D. (2018). Secure and efficient three-factor protocol for wireless sensor networks. Sensors, 18.","DOI":"10.3390\/s18124481"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Rathore, H., Al-Ali, A., Mohamed, A., Du, X., and Guizani, M. (2018, January 25\u201329). DTW based authentication for wireless medical device security. Proceedings of the 2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC), Limassol, Cyprus.","DOI":"10.1109\/IWCMC.2018.8450419"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Ali, R., Pal, A.K., Kumari, S., Sangaiah, A.K., Li, X., and Wu, F. (2018). An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring. J. Ambient. Intell. Humaniz. Comput., 1\u201322.","DOI":"10.1007\/s12652-018-1015-9"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"10081","DOI":"10.3390\/s140610081","article-title":"Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography","volume":"14","author":"Choi","year":"2014","journal-title":"Sensors"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"43","DOI":"10.1007\/s12083-017-0627-8","article-title":"Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks","volume":"12","author":"Maede","year":"2019","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"85440","DOI":"10.1109\/ACCESS.2019.2923777","article-title":"An improved three-factor user authentication and key agreement scheme for wireless medical sensor networks","volume":"7","author":"Chen","year":"2019","journal-title":"IEEE Access"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Renuka, K., Kumar, S., Kumari, S., and Chen, C.M. (2019). Cryptanalysis and improvement of a privacy-preserving three-factor authentication protocol for wireless sensor networks. Sensors, 19.","DOI":"10.3390\/s19214625"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"3599","DOI":"10.1109\/TII.2017.2773666","article-title":"A robust ECC-based provable secure authentication protocol with privacy preserving for industrial internet of things","volume":"14","author":"Li","year":"2017","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"619","DOI":"10.1109\/TITB.2007.894818","article-title":"Privacy-preserving telecardiology sensor networks: Toward a low-cost portable wireless hardware\/software codesign","volume":"11","author":"Hu","year":"2007","journal-title":"IEEE Trans. Inf. Technol. Biomed."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"6273","DOI":"10.3390\/s90806273","article-title":"Design and implementation of a securewireless mote-based medical sensor network","volume":"9","author":"Malasri","year":"2009","journal-title":"Sensors"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"1625","DOI":"10.3390\/s120201625","article-title":"E-SAP: Efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks","volume":"12","author":"Kumar","year":"2012","journal-title":"Sensors"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"347169","DOI":"10.1155\/2014\/347169","article-title":"An improved user authentication protocol for healthcare services via wireless medical sensor networks","volume":"10","author":"Khan","year":"2014","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"2643","DOI":"10.1002\/sec.1214","article-title":"A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity","volume":"9","author":"Li","year":"2016","journal-title":"Secur. Commun. Netw."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"195","DOI":"10.1007\/s00530-015-0476-3","article-title":"An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks","volume":"23","author":"Wu","year":"2017","journal-title":"Multimed. Syst."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"391","DOI":"10.1007\/s11036-015-0586-3","article-title":"Cloud-assisted speech and face recognition framework for health monitoring","volume":"20","author":"Hossain","year":"2015","journal-title":"Mob. Netw. Appl."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Wazid, M., Das, A.K., Shetty, S., Rodrigues, J.J.P.C., and Park, Y. (2019). LDAKM-EIoT: Lightweight device authentication and key management mechanism for edge-based IoT deployment. Sensors, 19.","DOI":"10.3390\/s19245539"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"155645","DOI":"10.1109\/ACCESS.2020.3019367","article-title":"LAKE-IoD: Lightweight Authenticated Key Exchange Protocol for the Internet of Drone Environment","volume":"8","author":"Tanveer","year":"2020","journal-title":"IEEE Access"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"7124","DOI":"10.1109\/TIE.2016.2585081","article-title":"A realistic lightweight anonymous authentication protocol for securing real-time application data access in wireless sensor networks","volume":"63","author":"Gope","year":"2016","journal-title":"IEEE Trans. Ind. Electron."},{"key":"ref_25","unstructured":"Katz, J., Menezes, A.J., Van Oorschot, P.C., and Vanstone, S.A. (1996). Handbook of Applied Cryptography, CRC Press."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Katz, J., Reyzin, L., and Smith, A. (2006). Robust fuzzy extractors and authenticated key agreement from close secrets. Annual International Cryptology Conference, Springer.","DOI":"10.1007\/11818175_14"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Dodis, Y., Reyzin, L., and Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. International Conference on the Theory and Applications of Cryptographic Techniques, Springer.","DOI":"10.1007\/978-3-540-24676-3_31"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Moon, J., Lee, D., Lee, Y., and Won, D. (2017). Improving biometric-based authentication schemes with smart card revocation\/reissue for wireless sensor networks. Sensors, 17.","DOI":"10.3390\/s17050940"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Lee, H., Lee, D., Moon, J., Jung, J., Kang, D., Kim, H., and Won, D. (2018). An improved anonymous authentication scheme for roaming in ubiquitous networks. PLoS ONE, 13.","DOI":"10.1371\/journal.pone.0193366"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"727","DOI":"10.1016\/j.future.2017.08.042","article-title":"A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks","volume":"82","author":"Wu","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_32","unstructured":"Blanchet, B., Smyth, B., Cheval, V., and Sylvestre, M. (2020, December 12). ProVerif 2.00: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial. Available online: https:\/\/prosecco.gforge.inria.fr\/personal\/bblanche\/proverif\/manual.pdf."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"223","DOI":"10.1007\/s12083-014-0324-9","article-title":"A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks","volume":"9","author":"Das","year":"2016","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"10","DOI":"10.1007\/s10916-014-0179-x","article-title":"Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care","volume":"39","author":"Xu","year":"2015","journal-title":"J. Med. Syst."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/24\/7136\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T10:44:24Z","timestamp":1760179464000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/24\/7136"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12,12]]},"references-count":34,"journal-issue":{"issue":"24","published-online":{"date-parts":[[2020,12]]}},"alternative-id":["s20247136"],"URL":"https:\/\/doi.org\/10.3390\/s20247136","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,12,12]]}}}