An Improved Ultra-Lightweight Anonymous Authenticated Key Agreement Protocol for Wearable Devices

For wearable devices with constrained computational resources, it is typically required to offload processing tasks to more capable servers. However, this practice introduces vulnerabilities to data confidentiality and integrity due to potential malicious network attacks, unreliable servers, and insecure communication channels. A robust mechanism that ensures anonymous authentication and key agreement is therefore imperative for safeguarding the authenticity of computing entities and securing data during transmission. Recently, Guo et al. proposed an anonymous authentication key agreement and group proof protocol specifically designed for wearable devices. This protocol, benefiting from the strengths of previous research, is designed to thwart a variety of cyber threats. However, inaccuracies in their protocol lead to issues with authenticity verification, ultimately preventing the establishment of secure session keys between communication entities. To address these design flaws, an improved ultra-lightweight protocol was proposed, employing cryptographic hash functions to ensure authentication and privacy during data transmission in wearable devices. Supported by rigorous security validations and analyses, the proposed protocol significantly boosts both security and efficiency, marking a substantial advancement over prior methodologies.