DOI: 10.14569/IJACSA.2025.0160451

Comprehensive Vulnerability Analysis of Three-Factor Authentication Protocols in Internet of Things-Enabled Healthcare Systems

Author 1: Haewon Byeon

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 16 Issue 4, 2025.

Abstract: This study evaluates a three-factor authentication protocol designed for IoT healthcare systems, identifying several key vulnerabilities that could compromise its security. The analysis reveals weaknesses in single-factor authentication, time synchronization, side-channel attacks, and replay attacks. To address these vulnerabilities, the study proposes a series of enhancements, including the implementation of multi-factor authentication (MFA) to strengthen user verification processes and the inclusion of timestamps or nonces in messages to prevent replay attacks. Additionally, the adoption of advanced cryptographic techniques, such as masking and shuffling, can mitigate side-channel attacks by minimizing information leakage during encryption. The use of message authentication codes (MACs) ensures communication integrity by verifying message authenticity. These improvements aim to fortify the protocol's security framework, ensuring the protection of sensitive medical data. Future research directions include exploring adaptive security policies leveraging artificial intelligence and optimizing cryptographic operations to enhance efficiency. These efforts are essential for maintaining the protocol's resilience against evolving threats and ensuring the secure operation of IoT-based healthcare systems.

Keywords: Three-factor authentication; IoT healthcare security; multi-factor authentication; side-channel attack mitigation; replay attack prevention

Haewon Byeon, “Comprehensive Vulnerability Analysis of Three-Factor Authentication Protocols in Internet of Things-Enabled Healthcare Systems” International Journal of Advanced Computer Science and Applications(IJACSA), 16(4), 2025. http://dx.doi.org/10.14569/IJACSA.2025.0160451

@article{Byeon2025,
title = {Comprehensive Vulnerability Analysis of Three-Factor Authentication Protocols in Internet of Things-Enabled Healthcare Systems},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2025.0160451},
url = {http://dx.doi.org/10.14569/IJACSA.2025.0160451},
year = {2025},
publisher = {The Science and Information Organization},
volume = {16},
number = {4},
author = {Haewon Byeon}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

Computer Vision Conference (CVC) 2026

16-17 April 2026

Healthcare Conference 2026

21-22 May 2025

Computing Conference 2025

19-20 June 2025

IntelliSys 2025

28-29 August 2025

Future Technologies Conference (FTC) 2025

6-7 November 2025