	US 11,722,887 B2
	Privacy protection authentication method based on wireless body area network
Qi Xie, Hangzhou (CN); Xiumei Li, Hangzhou (CN); Dongnan Liu, Hangzhou (CN); Zixuan Ding, Hangzhou (CN); Bin Hu, Hangzhou (CN); Xiao Tan, Hangzhou (CN); and Lidong Han, Hangzhou (CN)
Assigned to HANGZHOU NORMAL UNIVERSITY, Hangzhou (CN)
Filed by HANGZHOU NORMAL UNIVERSITY, Hangzhou (CN)
Filed on Aug. 23, 2022, as Appl. No. 17/893,170.
Claims priority of application No. 202111043102.8 (CN), filed on Sep. 7, 2021.
Prior Publication US 2023/0075612 A1, Mar. 9, 2023
Int. Cl. H04L 9/32 (2006.01); H04W 12/02 (2009.01); H04L 9/40 (2022.01); H04W 84/18 (2009.01); H04L 9/08 (2006.01)

CPC H04W 12/02 (2013.01) [H04L 63/0869 (2013.01); H04W 84/18 (2013.01)]

8 Claims

1. A privacy protection authentication method based on a wireless body area network, comprising:

S1, initializing a cloud server HN;

S2, submitting a registration request in a secure channel to a super administrator SA by a user through a device, and returning registration information to the device through the secure channel by the super administrator after computational processing;

S3, submitting an authentication request to the cloud server HN, accessing the registration information from a memory and sending the registration information after being added with verification parameters to the cloud server HN, by the user through the device;

S4, determining a session key K_SHfor the device and the cloud server HN, after the device and the cloud server HN both complete authentications; and

S5, updating the registration information in the memory;

wherein the device and the cloud server HN transmit information EMS through a wireless public channel, the information EMS is relayed through a router AP, the router AP is responsible for relaying and forwarding the information EMS, and an identity id_pof the router AP is added to or removed from the relayed information EMS; and

wherein the S2 specifically comprises:

S2.1, transmitting information with the super administrator SA through the secure channel by the user after installing a healthcare monitoring device;

S2.2, sending the registration request to the super administrator SA through the secure channel by the user;

S2.3, generating current time stamp T_jand storing the current time stamp T_jin the cloud server HN, by the super administrator SA after receiving the registration request; setting an identity id_jand a random integer a_jfor a sensor node SN of the healthcare monitoring device by the super administrator SA, calculating public values x_jand y_jbetween the cloud server HN and the sensor node SN of the healthcare monitoring device and a secret value MN_jbetween the cloud server HN and the sensor node SN of the healthcare monitoring device, and sending the registration information to the sensor node SN of the healthcare monitoring device through the secure channel;

S2.4, storing the registration information {id_j, x_j, y_j, MN_j} to the memory by the sensor node SN of the healthcare monitoring device after receiving the registration information;

S2.5, setting an identity id_pfor a router AP by the super administrator SA, and storing the identity id_pin both the router AP and the cloud server HN; and

S2.6, generating a device challenge value Cha_jbased on a physical unclonable function (PUF), calculating a response value Res_j, calculating a secret value ST_jof the sensor node SN and storing Cha_j, Res_j, ST_jin the memory, by the sensor node SN of the healthcare monitoring device.