Abstract
Wireless Medical Sensor Networks (WMSNs) collect and transmit patients' physiological data in real time through various sensors, playing an increasingly important role in intelligent healthcare. Authentication protocols in WMSNs ensure that users can securely access real-time data from sensor nodes. Although many researchers have proposed authentication schemes to resist common attacks, insufficient attention has been paid to insider attacks and ephemeral secret leakage (ESL) attacks. Moreover, existing adversary models still have limitations in accurately characterizing an attacker's capabilities. To address these issues, this paper extends the traditional adversary model to better reflect practical deployment scenarios, assuming a semi-trusted server and allowing adversaries to obtain users' temporary secrets. Based on this enhanced model, we design an efficient ECC-based authentication and key agreement protocol that ensures the confidentiality of users' passwords, biometric data, and long-term private keys during the registration phase, thereby mitigating insider threats. The proposed protocol combines anonymous authentication and elliptic curve cryptography (ECC) key exchange to satisfy security requirements. Performance analysis demonstrates that the proposed protocol achieves lower computational and communication costs compared with existing schemes. Furthermore, the protocol's security is formally proven under the Random Oracle (ROR) model and verified using the ProVerif tool, confirming its security and reliability. Therefore, the proposed protocol can be effectively applied to secure data transmission and user authentication in wireless medical sensor networks and other IoT environments.