Selective disclosure and yoking-proof based privacy-preserving authentication scheme for cloud assisted wearable devices

Along with the development of user-centric wireless communications, wearable devices appear to be popular for real-time collecting a user's private data to provide intelligent service support. Compared with traditional short-range communications, the wearable devices confront more severe system vulnerabilities and security threats during interactions. Considering the limitations of computational capabilities and communication resources, it brings more challenges to design privacy-preserving authentication schemes for the resource-constrained wearable devices. In this work, local authentication and remote authentication are respectively designed for cloud assisted wearable devices. In the local authentication mode, hash based selective disclosure mechanism and Chebyshev chaotic map are jointly applied to achieve mutual authentication between a wearable device and a smart phone. In the remote authentication mode, Merkle hash tree based selective disclosure mechanism is designed to improve the structure of data fields in the certificate, and a yoking-proof is established to realize interactions between two wearable devices and a smart phone, and is further transmitted to the cloud server for simultaneous verification. Meanwhile, security formal analysis is performed based on the BAN logic for proving that the proposed remote authentication protocol has theoretical design correctness. It indicates that the proposed authentication scheme is available and flexible for ubiquitous wearable devices.