# RAMHU: A New Robust Lightweight Scheme for Mutual Users Authentication   in Healthcare Applications

**Authors:** Mishall Al-Zubaidie, Zhongwei Zhang, and Ji Zhang

arXiv: 1902.08686 · 2019-02-26

## TL;DR

RAMHU is a novel lightweight authentication scheme designed for healthcare applications, ensuring mutual security between users and servers by leveraging device and user information, elliptic curve encryption, and formal security analysis.

## Contribution

The paper introduces RAMHU, a new mutual authentication model combining elliptic curve encryption, pseudonyms, and one-time passwords for enhanced healthcare data security.

## Key findings

- Provides strong security against various attacks.
- Achieves good performance with ECIES and PHOTON.
- Validated using AVISPA security analysis tool.

## Abstract

Providing a mechanism to authenticate users in healthcare applications is an essential security requirement to prevent both external and internal attackers from penetrating patients' identities and revealing their health data. Many schemes have been developed to provide authentication mechanisms to ensure that only legitimate users are authorized to connect, but these schemes still suffer from vulnerable security. Various attacks expose patients' data for malicious tampering or destruction. Transferring health-related data and information between users and the health centre makes them exposed to penetration by adversaries as they may move through an insecure channel. In addition, previous mechanisms have suffered from the poor protection of users' authentication information. To ensure the protection of patients' information and data, we propose a scheme that authenticates users based on the information of both the device and the legitimate user. In this paper, we propose a Robust Authentication Model for Healthcare Users (RAMHU) that provides mutual authentication between server and clients. This model utilizes an Elliptic Curve Integrated Encryption Scheme (ECIES) and PHOTON to achieve strong security and a good overall performance. RAMHU relies on multi pseudonyms, physical address, and one-time password mechanisms to authenticate legitimate users. Moreover, extensive informal and formal security analysis with the automated validation of Internet security protocols and applications (AVISPA) tool demonstrates that our model offers a high level of security in repelling a wide variety of possible attacks.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1902.08686/full.md

## Figures

16 figures with captions in the complete paper: https://tomesphere.com/paper/1902.08686/full.md

## References

61 references — full list in the complete paper: https://tomesphere.com/paper/1902.08686/full.md

---
Source: https://tomesphere.com/paper/1902.08686