Lightweight authentication scheme based on modified EAP security for CoAP protocol-based IoMT applications

The medical data generated from the patients that are communicated and stored on servers are highly sensitive, and also the IoMT network creates open spaces for an adversary. The proposed work designs a lightweight authentication scheme to support the extensible authentication protocol (EAP) called lightweight EAP (L-EAP). The proposed L-EAP modifies the EAP model and dynamically changes the security service as per healthcare application requirements. The L-EAP selectively applies the data encryption and integrity without frequent re-handshaking with the server using one-bit epoch field in the EAP message header. The L-EAP performs such a key generation process as a part of the authentication phase and enlarges the lifetime of the IoMT network. The advanced encryption standard (AES) is improved for providing data confidentiality in L-EAP. The L-EAP improves the confusion property of cipher text in AES and applies shift row and XOR operations to all the words.