Securing IoT-based Smart Healthcare Systems by using Advanced Lightweight Privacy-Preserving Authentication Scheme

In the healthcare network, the Internet of Things (IoT) devices are connected to the network for enabling remote monitoring of patients' health. IoT device security, however, is a serious concern because typical security measures might not be appropriate for IoT devices, making them naturally vulnerable to physical and copying attacks. Therefore, device authentication is a very essential security concern for IoT networks. Additionally, the storage and processing power of these devices are constrained. To address all these requirements, Physically Unclonable Functions (PUFs) for device authentication is a potential strategy. In this paper, an advanced lightweight authentication scheme for IoT devices is proposed by using PUF. This scheme provides robust authentication without storing any sensitive information on the device's memory and establishes the session key exchange process simultaneously. Moreover, this scheme preserves device privacy by including a temporary identity, which is updated at the end of each session. The effectiveness of this novel model is assessed, and results demonstrate that it is more effective and secure than many existing schemes.