DOI: 10.14569/IJACSA.2026.0170440

On the Security of Authentication Protocols for Remote Healthcare Systems Through Cryptographic Vulnerability Analysis and Secure Protocol Redesign

Author 1: Haewon Byeon

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 17 Issue 4, 2026.

Abstract: This paper revisits a previously proposed authentication scheme for remote healthcare systems in Cloud-IoT. Although that protocol was introduced as a repair of an earlier healthcare design and was claimed to satisfy the usual confidentiality and mutual-authentication goals, a closer reconstruction of its registration, login, authentication, and password-update logic reveals several structural weaknesses. The analysis shows that a stolen smart card combined with one captured transcript enables offline password verification, that the session key is deterministic for a fixed user-sensor pair, that static pseudonyms expose long-term linkability, and that compromise of the server-wide secret expands immediately to all registered sensors. To address these problems, the core key-management path is redesigned while keeping the original cloud-assisted remote healthcare architecture. The revised scheme uses a device-bound seed only for local recovery, a fresh elliptic-curve Diffie-Hellman exchange for every run, dynamic pseudonyms, and KDF-based session-key derivation with explicit context binding. A comparative evaluation against the Sharma-Kalra baseline and the 2021 Azrour design indicates that the revised protocol raises resistance to guessing, replay, cross-session correlation, and compromise propagation with only modest latency growth.

Keywords: Remote Healthcare Security; Authentication Protocol; Internet of Medical Things; Cryptographic Vulnerability Analysis; Secure Session Key Establishment; Privacy-Preserving Authentication

Haewon Byeon. “On the Security of Authentication Protocols for Remote Healthcare Systems Through Cryptographic Vulnerability Analysis and Secure Protocol Redesign”. International Journal of Advanced Computer Science and Applications (IJACSA) 17.4 (2026). http://dx.doi.org/10.14569/IJACSA.2026.0170440

@article{Byeon2026,
title = {On the Security of Authentication Protocols for Remote Healthcare Systems Through Cryptographic Vulnerability Analysis and Secure Protocol Redesign},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2026.0170440},
url = {http://dx.doi.org/10.14569/IJACSA.2026.0170440},
year = {2026},
publisher = {The Science and Information Organization},
volume = {17},
number = {4},
author = {Haewon Byeon}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

Computer Vision Conference (CVC) 2026

21-22 May 2026

Computing Conference 2026

9-10 July 2026

Artificial Intelligence Conference 2026

3-4 September 2026

Future Technologies Conference (FTC) 2026

15-16 October 2026