A cloud server centric multifactor lightweight authentication scheme for eHealth systems

Keeping Your Health Data Safe in the Cloud

Hospitals and clinics are rapidly moving medical records and monitoring devices into the cloud. That shift brings big benefits: doctors can check a patient’s vital signs from miles away, and specialists can collaborate without sharing paper files. But it also creates a pressing question for anyone who has ever worn a health tracker or visited a telemedicine portal: how can we be sure that only the right people see our most private medical details? This paper tackles that problem head‑on by designing and testing a new way to log in to cloud‑based e‑health systems that is both highly secure and light enough to run on tiny connected devices.

Why Online Health Records Are Hard to Protect

Modern e‑health systems connect three main players: patients with sensors or wearables, medical staff using phones or laptops, and a powerful cloud server that stores and processes data. Previous research has produced many security schemes for this triad, but closer inspection reveals gaps. Some expose a person’s identity as data moves through the network, making it easier to track or profile them. Others use heavy cryptography that slows down small devices, or they skip basic housekeeping features like safe password updates. Several well‑known proposals were later shown to be vulnerable to impersonation, where an attacker pretends to be a doctor or cloud server and quietly siphons off sensitive records.

Finding Weak Spots in Earlier Security Designs

The authors begin by re‑examining a recent cloud‑centric protocol that had been advertised as provably secure for e‑health. By following each step of its login and key‑exchange procedures, they show how an attacker can slip into the conversation. In some phases, the patient never truly checks that a message comes from a real doctor, and the server never fully confirms a doctor’s identity before granting access. An eavesdropper who forges the right kind of message can therefore convince a patient device or the cloud that they are a trusted party, learn the secret key used for that session, and read or alter medical data. Similar flaws appear in the part of the protocol that links the cloud to the patient’s sensor node. These examples underline a sobering lesson: even mathematically elegant schemes can fail if basic identity checks are skipped in practice.

A New Multi‑Lock System for Doctors and Sensors

To close these holes, the paper introduces CSMAE, a new login and key‑agreement scheme tailored specifically for cloud‑assisted healthcare. Its design centers on the cloud server, which acts as the trusted hub for doctors and patient sensors. Doctors prove who they are using three independent “locks”: something they know (a password), something they are (a biometric such as a fingerprint), and something they have (a smart card). The smart card and server store only scrambled values built from these ingredients and random numbers, so that even if a device is stolen, the original password and biometric cannot easily be reconstructed. Patients’ sensors also register with the cloud, but in a way that hides their long‑term identifiers and uses fresh random values each time they communicate, making it hard for an outsider to link sessions together.

How the New Scheme Fights Attackers

Once a doctor logs in, the protocol runs a carefully choreographed dance between doctor, server, and sensor. Each message is tied to the current time and to secret random numbers known only to the legitimate parties. If an attacker replays an old message or tweaks a timestamp, the built‑in checks fail and the session is dropped. Only after all three sides have independently verified one another do they derive a shared session key, again using hidden sensor identities and fresh randomness. The authors test the design with several complementary methods: logical reasoning about what each party believes, a formal “real‑or‑random” model that measures an attacker’s chances of guessing the session key, and automated verification tools that search for man‑in‑the‑middle and replay attacks. In each case, CSMAE is shown to resist a broad catalog of threats, including insider misuse, password guessing, denial‑of‑service floods, and key‑compromise impersonation.

Fast, Frugal, and Ready for Real Devices

Security is only half the story; an e‑health protocol must also run smoothly on simple sensors and battery‑powered gadgets. CSMAE is built almost entirely from very cheap operations such as bit‑wise logic and hash functions. It avoids heavyweight public‑key techniques that demand thousands of times more processing time and energy. In tests on a modest laptop and in simulations scaled to many devices, the scheme adds only tiny delays and transmits fewer bits than many competing methods. That translates into lower energy use, less wireless congestion, and better battery life for wearables and home monitors.

What This Means for Connected Care

In practical terms, the proposed scheme offers a way for future health platforms to confirm that a doctor, a cloud service, and a patient sensor are all genuine before any medical data changes hands, and to do so with minimal strain on small devices. While the authors note that their work has not yet been adapted to resist quantum computers, they argue that CSMAE already improves on the security and efficiency of today’s leading proposals. If adopted and integrated into real systems, approaches like this could help patients enjoy the convenience of remote monitoring and online consultations without giving up control over who sees their most intimate health information.

Citation: Gairola, D., Maurya, P.K. & Chanda, A. A cloud server centric multifactor lightweight authentication scheme for eHealth systems. Sci Rep 16, 13524 (2026). https://doi.org/10.1038/s41598-026-40356-2

Keywords: e-health security, cloud healthcare, multi-factor authentication, IoT medical devices, patient data privacy