Lightweight Two-Factor-Based User Authentication Protocol for IoT-Enabled Healthcare Ecosystem in Quantum Computing

The healthcare ecosystem is migrating from legacy systems to the Internet of Things (IoT), resulting in a digital environment. This transformation has increased importance on demanding both secure and usable user authentication methods. Recently, a post-quantum fuzzy commitment scheme (PQFC) has been constructed as a reliable and efficient method of biometric template protection. This paper presents a new two-factor-based user authentication protocol for the IoT-enabled healthcare ecosystem in post-quantum computing environments using the PQFC scheme. The proposed protocol is proved to be secure using random oracle model. Furthermore, the functionality and security of the proposed protocol are analyzed, showing that memoryless-effortless, user anonymity, mutual authentication, and resistance to biometric templates tampering and stolen attacks, stolen smart card attack, privileged interior attack are fulfilled. The costs of storage requirement, computation, communication and storage are estimated. The results demonstrate that the proposed protocol is more efficient than Mukherjee et al., Chaudhary et al., and Gupta et al. protocols.