SC-LAMT: A Side-Channel Hardened Lightweight Protocol for Secure Wearable Medical Devices

Authors

  • Ghazwh G. Jumaa College of Computer Science, University of Technology, Baghdad, Iraq
  • Atheer R. Muhsen College of Computer Science, University of Technology, Baghdad, Iraq
  • Fatimah Nazar Hamzah Department of Computer Science, Shatt Al-Arab University College, Basra, Iraq
  • Mohammed Amin Almaiah Department of Computer Science, King Abdullah the II IT School, The University of Jordan, Amman, Jordan
  • Rami Shehab Vice-Presidency for Postgraduate Studies and Scientific Research, King Faisal University, Al-Ahsa, Saudi Arabia
Volume: 15 | Issue: 5 | Pages: 28032-28040 | October 2025 | https://doi.org/10.48084/etasr.12644

Received: 9 June 2025 | Revised: 8 July 2025 and 13 July 2025 | Accepted: 16 July 2025 | Online: 6 October 2025


Corresponding author: Atheer R. Muhsen

Abstract

With the emergence of Medical Internet of Things (MIoT) devices, new security and privacy challenges have also arisen, especially at the physical layer with Side Channel Attacks (SCAs) that can compromise sensitive patient data and cryptographic operations.s. Existing lightweight authentication schemes provide security at the expense of timing, power, and memory resources. This study presents a comprehensive vulnerability analysis of the LAMT protocol and shows that it is vulnerable to SCAs. It also introduces SC-LAMT, an SCA–resistant lightweight authentication protocol designed for constrained MIoT platforms. To make SC-LAMT resilient against passive and active physical layer attacks, it involves constant-time hashing, session-based key masking, and secure memory handling. An implementation on a Cortex-M4-based platform demonstrates that SC-LAMT achieves mutual authentication in 0.14 ms, using only 144 bytes during the communication, which is superior to state-of-the-art protocols. In more than 1000 session-simulated cases, SC-LAMT achieved anonymity, session key secrecy, and full timing and power-analysis resistance. The results of the security analysis demonstrate that it achieved 100% resistance against all tested SCA vectors, thus being a robust and efficient solution for secure MIoT deployments.

Keywords:

Physically Unclonable Functions (PUFs), Medical IoT (MIoT), side-channel attacks, mutual authentication, lightweight authentication, embedded systems security

Downloads

Download data is not yet available.

References

Y. S. Chen, W. H. Wang, C. T. Hu, and I. You, "Cross-modal contrastive learning for predicting sepsis onset in Medical Internet of Things (MIoT)," Internet of Things, vol. 29, Jan. 2025, Art. no. 101456.

R. M. Czekster, T. Webber, L. B. Furstenau, and C. Marcon, "Dynamic risk assessment approach for analysing cyber security events in medical IoT networks," Internet of Things, vol. 29, Jan. 2025, Art. no. 101437.

N. G. Rezk, S. Alshathri, A. Sayed, E. E. D. Hemdan, and H. El-Behery, "Secure Hybrid Deep Learning for MRI-Based Brain Tumor Detection in Smart Medical IoT Systems," Diagnostics, vol. 15, no. 5, Jan. 2025, Art. no. 639.

M. J. Almansor et al., "Vessel berthing system using internet of things (IoT) for smart port," AIP Conference Proceedings, vol. 3303, no. 1, Mar. 2025, Art. no. 080004.

S. Khan, M. Khan, M. A. Khan, M. A. Khan, L. Wang, and K. Wu, "A Blockchain-Enabled AI-Driven Secure Searchable Encryption Framework for Medical IoT Systems," IEEE Journal of Biomedical and Health Informatics, pp. 1–14, 2025.

S. Ksibi, F. Jaidi, and A. Bouhoula, "MLRA-Sec: an adaptive and intelligent cyber-security-assessment model for internet of medical things (IoMT)," International Journal of Information Security, vol. 24, no. 1, Nov. 2024, Art. no. 21.

Y. Perwej, N. Akhtar, N. Kulshrestha, and P. Mishra, "A Methodical Analysis of Medical Internet of Things (MIoT) Security and Privacy in Current and Future Trends," Journal of Emerging Technologies and Innovative Research, vol. 9, no. 1, pp. 346–371, 2022.

R. Y. Patil, "A secure privacy preserving and access control scheme for medical internet of things (MIoT) using attribute-based signcryption," International Journal of Information Technology, vol. 16, no. 1, pp. 181–191, Jan. 2024.

N. Akhtar, S. Rahman, H. Sadia, and Y. Perwej, "A holistic analysis of Medical Internet of Things (MIoT)," Journal of Information and Computational Science, vol. 11, no. 4, pp. 209–222, 2021.

A. Mcgowan, S. Sittig, and T. Andel, "Medical Internet of Things: A Survey of the Current Threat and Vulnerability Landscape," presented at the Hawaii International Conference on System Sciences, 2021.

R. Khatoon et al., "Advancing Healthcare: A Comprehensive Review and Future Outlook of IoT Innovations," Engineering, Technology & Applied Science Research, vol. 15, no. 1, pp. 19700–19711, Feb. 2025.

X. Liu, X. Yang, Y. Luo, and Q. Zhang, "Verifiable Multikeyword Search Encryption Scheme With Anonymous Key Generation for Medical Internet of Things," IEEE Internet of Things Journal, vol. 9, no. 22, pp. 22315–22326, Aug. 2022.

Z. G. Al-Mekhlafi, H. D. K. Al-Janabi, M. A. Al-Shareeda, B. A. Mohammed, J. S. Alshudukhi, and K. A. Al-Dhlan, "Fog computing and blockchain technology based certificateless authentication scheme in 5G-assisted vehicular communication," Peer-to-Peer Networking and Applications, vol. 17, no. 6, pp. 3703–3721, Nov. 2024.

H. Mestiri, "Evaluating AES Security: Correlation Power Analysis Attack Implementation using the Switching Distance Power Model," Engineering, Technology & Applied Science Research, vol. 15, no. 1, pp. 20314–20320, Feb. 2025.

B. Hu, W. Tang, and Q. Xie, "A two-factor security authentication scheme for wireless sensor networks in IoT environments," Neurocomputing, vol. 500, pp. 741–749, Aug. 2022.

S. S. Sahoo, S. Mohanty, K. S. Sahoo, M. Daneshmand, and A. H. Gandomi, "A Three-Factor-Based Authentication Scheme of 5G Wireless Sensor Networks for IoT System," IEEE Internet of Things Journal, vol. 10, no. 17, pp. 15087–15099, Sep. 2023.

T. Y. Wu, L. Wang, and C. M. Chen, "Enhancing the Security: A Lightweight Authentication and Key Agreement Protocol for Smart Medical Services in the IoHT," Mathematics, vol. 11, no. 17, Jan. 2023, Art. no. 3701.

H. J. Lee, S. Kook, K. Kim, J. Ryu, Y. Lee, and D. Won, "LAMT: Lightweight and Anonymous Authentication Scheme for Medical Internet of Things Services," Sensors, vol. 25, no. 3, Jan. 2025, Art. no. 821.

H. Chabanne, J. L. Danger, L. Guiga, and U. Kühne, "Side channel attacks for architecture extraction of neural networks," CAAI Transactions on Intelligence Technology, vol. 6, no. 1, pp. 3–16, 2021.

D. R. Dipta and B. Gulmezoglu, "DF-SCA: Dynamic Frequency Side Channel Attacks are Practical," in Proceedings of the 38th Annual Computer Security Applications Conference, Sep. 2022, pp. 841–853.

Q. Guo, D. Nabokov, A. Nilsson, and T. Johansson, "SCA-LDPC: A Code-Based Framework for Key-Recovery Side-Channel Attacks on Post-quantum Encryption Schemes," in Advances in Cryptology – ASIACRYPT 2023, 2023, pp. 203–236.

Q. Pan, J. Wu, A. K. Bashir, J. Li, and J. Wu, "Side-Channel Fuzzy Analysis-Based AI Model Extraction Attack With Information-Theoretic Perspective in Intelligent IoT," IEEE Transactions on Fuzzy Systems, vol. 30, no. 11, pp. 4642–4656, Aug. 2022.

Y. Liu, "Security Assessment Against Side-Channel Attacks : Insights from an Information-Theoretic Perspective," Ph.D. dissertation, Institut Polytechnique de Paris, 2023.

X. Wang et al., "A new RFID ultra-lightweight authentication protocol for medical privacy protection in smart living," Computer Communications, vol. 186, pp. 121–132, Mar. 2022.

G. Thakur, S. Prajapat, P. Kumar, A. K. Das, and S. Shetty, "An Efficient Lightweight Provably Secure Authentication Protocol for Patient Monitoring Using Wireless Medical Sensor Networks," IEEE Access, vol. 11, pp. 114662–114679, 2023.

Minahil, M. F. Ayub, K. Mahmood, S. Kumari, and A. K. Sangaiah, "Lightweight authentication protocol for e-health clouds in IoT-based applications through 5G technology," Digital Communications and Networks, vol. 7, no. 2, pp. 235–244, May 2021.

W. Wang et al., "Blockchain and PUF-Based Lightweight Authentication Protocol for Wireless Medical Sensor Networks," IEEE Internet of Things Journal, vol. 9, no. 11, pp. 8883–8891, Jun. 2022.

M. Masud, G. S. Gaba, K. Choudhary, M. S. Hossain, M. F. Alhamid, and G. Muhammad, "Lightweight and Anonymity-Preserving User Authentication Scheme for IoT-Based Healthcare," IEEE Internet of Things Journal, vol. 9, no. 4, pp. 2649–2656, Oct. 2022.

R. Vatambeti, E. S. P. Krishna, M. G. Karthik, and V. K. Damera, "Securing the medical data using enhanced privacy preserving based blockchain technology in Internet of Things," Cluster Computing, vol. 27, no. 2, pp. 1625–1637, Apr. 2024.

S. Sabu, H. M. Ramalingam, M. Vishaka, H. R. Swapna, and S. Hegde, "Implementation of a secure and privacy-aware E-Health record and IoT data sharing using blockchain," Global Transitions Proceedings, vol. 2, no. 2, pp. 429–433, Nov. 2021.

O. A. Alzubi, J. A. Alzubi, K. Shankar, and D. Gupta, "Blockchain and artificial intelligence enabled privacy-preserving medical data transmission in Internet of Things," Transactions on Emerging Telecommunications Technologies, vol. 32, no. 12, 2021, Art. no. e4360.

A. A. Abbood, F. K. AL-Shammri, Z. M. Alzamili, ‪Mahmood A. Al-Shareeda‬‏, M. A. Almaiah, and R. AlAli, "Investigating Quantum-Resilient Security Mechanisms for Flying Ad-Hoc Networks (FANETs)," Journal of Robotics and Control (JRC), vol. 6, no. 1, pp. 456–469, Feb. 2025.‬‬

A. A. Abbood et al., "Benchmarking Bilinear Pair Cryptography for Resource-Constrained Platforms Using Raspberry Pi," WSEAS Transactions on Information Science and Applications, vol. 22, pp. 245–257, Feb. 2025.

S. R. Addula, S. Norozpour, and M. Amin, "Risk Assessment for Identifying Threats, vulnerabilities and countermeasures in Cloud Computing," Jordanian Journal of Informatics and Computing, vol. 2025, no. 1, pp. 37–48, Mar. 2025

A. AlShuaibi, M. W. Arshad, and M. Maayah, "A Hybrid Genetic Algorithm and Hidden Markov Model-Based Hashing Technique for Robust Data Security," Journal of Cyber Security and Risk Auditing, vol. 2025, no. 3, pp. 42–56, May 2025.

M. A. Al-Shareeda, M. Anbar, S. Manickam, and I. H. Hasbullah, "Towards Identity-Based Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks," IEEE Access, vol. 9, pp. 113226–113238, 2021.

Downloads

How to Cite

[1]
G. G. Jumaa, A. R. Muhsen, F. N. Hamzah, M. A. Almaiah, and R. Shehab, “SC-LAMT: A Side-Channel Hardened Lightweight Protocol for Secure Wearable Medical Devices”, Eng. Technol. Appl. Sci. Res., vol. 15, no. 5, pp. 28032–28040, Oct. 2025.

Metrics

Abstract Views: 7
PDF Downloads: 2

Metrics Information

License

Copyright (c) 2025 Ghazwh G. Jumaa, Atheer R. Muhsen, Fatimah Nazar Hamzah, Mohammed Amin Almaiah, Rami Shehab

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.