Integrating ABHA for authentication and key exchange: A hybrid security framework for smart healthcare in India

Digital technologies enable huge potential for cultivating healthcare access and quality globally, including in India. The Internet of Things (IoT) allows connection between devices and healthcare specialists, thus enhancing healthcare delivery with reduced overheads such as manual intervention, time consumption and administrative cost. However, the incorporation of IoT technology in the healthcare sector has experienced obstacles due to security issues. These concerns involve unauthorized access arising from vulnerabilities in open wireless channels and the limitations of device abilities, which may hamper the performance of complex security algorithms. Existing solutions often rely on conventional security algorithms that incur high computational overhead. Moreover, the inclusion of non-unique identifiers as authenticating parameters, makes them vulnerable to security attacks including replay attack, identity collisions etc. Furthermore, the current solutions fail to balance adequately between security and efficiency, thus leading to increased energy consumption. Therefore, to address these challenges, we propose a minimally intrusive authentication scheme that integrates the Ayushman Bharat Health Account (ABHA) number – a unique identifier, with Physical Unclonable Function (PUF), and Zero-Knowledge Proof (ZKP) as the authenticating parameters. The scheme prevents from several security attacks including replay attack, man-in-the-middle attack, impersonation and insider attack, eavesdropping and message modification attack, password guessing attack, DoS attack alongside it provides session key security as well. Further it undergoes a wide range of evaluation and validation using the “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool, providing convincing evidence of its resilience against security threats. Since the scheme exploits lightweight techniques such as PUF, message digest, and ZKP, thus it yields lower cost overhead compared to traditional methods. Upon comparison, the scheme presents an average of 99.14 ms for computation cost and 1248 bits of communication cost which is far lesser than most of the existing schemes. Therefore, the proposed scheme outperforms many of the existing protocols in terms of complexity, communication and computation cost and presents a comprehensive solution for e-healthcare security.