A secure communication using multifactor authentication and key agreement techniques in internet of medical things for COVID-19 patients.

Currently, Internet of Medical Things (IoMT) gained popularity because of an ongoing pandemic. A few developed countries plan to deploy the IoMT for improving the security and safety of frontline workers to decrease the mortality rates of COVID-19 patients. However, IoMT devices share the information through an open network which leads to increased vulnerability to various attacks. Hence, electronic health management systems remain many security challenges, like recording sensitive patient data, secure communication, transferring patient information to other doctors, providing the data for future medical diagnosis, collecting data from WBAN, etc. In addition, the sensor devices attached to the human body are resource-limited and have minimal power capacity. Hence, to protect the medical privacy of patients, confidentiality and reliability of the system, the register sensor, doctor and server need to authenticate each other. Therefore, rather than two factors, in this work, a multifactor authentication protocol has been proposed to provide more secure communication. The presented scheme uses biometric and fuzzy extractors for more security purposes. Furthermore, the scheme is proved using informal and formal security verification BAN logic, ProVerif and AVISPA tools. The ProVerif simulation result of the suggested scheme shows that the proposed protocol achieves session key secrecy and mutual authentication