Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Insaf Ullah,Abdullah Alomari,Noor Ul Amin,Muhammad Asghar Khan,Hizbullah Khattak

DOI: https://doi.org/10.3390/electronics8101171

IF: 2.9

2019-01-01

Electronics

Abstract:Recently, the spectacular innovations in the fields of wireless body area networks (WBAN) and the Internet of Things (IoT) have made e-Care services rise as a promising application domain, which significantly advances the quality of the medical system, however, due to the openness of the wireless environment and privacy of people’s physiological data, WBAN and IoT are prone to various cyber-attacks. There is a significant need for an efficient and highly secured cryptographic scheme that can meet the requirements of resource-constrained devices. Therefore, in this paper, we propose a certificate-based signcryption (CB-SN) scheme for the IoT-enabled WBAN. The proposed scheme is based on the concept of hyper-elliptic curve cryptography (HECC) that offers the same level of security as the elliptic curve and bilinear pairing with lower-key size. The formal security verification using the Automated Validation of the Internet Security Protocols and Applications (AVISPA) tool along with informal security analysis demonstrate that the proposed scheme is not just reducing the complexity of resource-constrained IoT devices, but proves to be secure against several well-known cryptographic attacks. Moreover, performance comparison with relevant existing schemes authenticates that the proposed scheme is far more secure and energy efficient.

Xin Chen,Debiao He,Muhammad Khurram Khan,Min Luo,Cong Peng

DOI: https://doi.org/10.1109/jiot.2022.3233180

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:The Internet of Medical Things (IoMT), which integrates medical sensors with the Internet of Things, is helpful for providing remote diagnosis and real-time decision making. Massive data collected by medical and healthcare monitoring sensors in the IoMT involves sensitive patient information. It brings some security challenges to validate the legitimacy of participating entities and protect patient data privacy. A certificateless signcryption (CLSC) scheme combines encryption and signature that can offer authenticity, confidentiality, and unforgeability, providing a viable solution to the data privacy issue of the IoMT. However, existing CLSC schemes fail to meet confidentiality or unforgeability, or require expensive computation overhead to perform pairing operations. This article first presents a new CLSC scheme for secure data transmission and better smart services in IoMT, which replaces the signature part with the Schnorr signature. We then give a thorough security proof under the random oracle model. Besides, we elaborately evaluate the performance and security of some existing solutions with our solution. Finally, the experiment results indicate that our solution can achieve a better balance between security and performance than some existing schemes. Therefore, in terms of feasibility, our scheme is more suitable for the IoMT scenario.

Naveed Khan,Jianbiao Zhang,Ghulam Ali Mallah,Shehzad Ashraf Chaudhry

DOI: https://doi.org/10.32604/cmc.2023.032553

2023-01-01

Abstract:The mobile cellular network provides internet connectivity for heterogeneous Internet of Things (IoT) devices. The cellular network consists of several towers installed at appropriate locations within a smart city. These cellular towers can be utilized for various tasks, such as e-healthcare systems, smart city surveillance, traffic monitoring, infrastructure surveillance, or sidewalk checking. Security is a primary concern in data broadcasting, particularly authentication, because the strength of a cellular network’s signal is much higher frequency than the associated one, and their frequencies can sometimes be aligned, posing a significant challenge. As a result, that requires attention, and without information authentication, such a barrier cannot be removed. So, we design a secure and efficient information authentication scheme for IoT-enabled devices to mitigate the flaws in the e-healthcare system. The proposed protocol security shall check formally using the Real-or-Random (ROR) model, simulated using ProVerif2.03, and informally using pragmatic discussion. In comparison, the performance phenomenon shall tackle by the already result available in the MIRACL cryptographic lab.

Insaf Ullah,Sherali Zeadally,Noor Ul Amin,Muhammad Asghar Khan,Hizbullah Khattak

DOI: https://doi.org/10.1016/j.micpro.2020.103477

IF: 3.503

2020-01-01

Microprocessors and Microsystems

Abstract:Internet of Things (IoT) not only connects the conventional devices for communication, but also enables low power wireless devices such as sensors, door locks, light switches, mobile phones, refrigerators, thermostats to be connected to the IoT ecosystem. These devices communicate and cooperate with each other to help us achieve our daily life goals in the IoT environment. Normally, these devices are resource-constrained in terms of on-board energy, computing capability and memory. The Wireless Body Area Network (WBAN) is one of the growing technologies, which uses IoT. Wireless body area network (WBAN) is made out of sensors that periodically collect and transmit a human's physiological information to application providers. The communication between IoT devices over the Internet and those on the local networks needs to be secured to gain the trust and acceptance of all stakeholders and to avoid direct physical harm to humans including possible loss of life. By securing the communication, we mainly consider the security features of confidentiality, integrity, authenticity, nonrepudiation, unforgeability, and forward security of the massages exchanged. We designed a lightweight and provable secure cross domain access control scheme for IoT-based WBAN. The new scheme utilizes the concept of certificateless signcryption at the application provider side and identity based signcryption at the WBAN side. The proposed scheme's security hardness and efficiency are based on the hyper elliptic curve, which uses small parameter and key sizes in contrast to bilinear pairing, RSA, and elliptic curve cryptosystems. The results of a comparative analysis with existing counterparts show that the proposed scheme is characterized by least computation cost and communication overhead, these being 1.92 milliseconds and 1296 bits, respectively thereby demonstrating the superiority of the proposed scheme. Additionally, we evaluated the formal security of the proposed scheme by using the security verification and validation tool called AVISPA, which shows that our scheme is safe.

Zaid Alaa Hussien,Hai Jin,Zaid Ameen Abduljabbar,Mohammed Abdulridha Hussain,Ali A. Yassin,Salah H. Abbdal,Mustafa A. Al Sibahee,Deqing Zou

DOI: https://doi.org/10.1109/ICSPCC.2016.7753621

2016-01-01

Abstract:Internet of Things is a new generation of network service platform that allows everyday objects including small devices in sensor networks to be capable of connecting to the internet. Such an innovative technology can lead to positive changes in human life. An e-health service based on the Internet of Things has great potential. The popularity of intelligent mobile medical devices, wearable bio-medical sensor devices, cloud computing, and big data analysis have dramatically changed the usage pattern and business rule of e-health services based on the Internet of Things. The rapid development of e-health services based on the Internet of Things poses risks in security and privacy. In this study, we propose a new security scheme for an e-health service. This scheme allows both the local base station and hospital cloud server to authenticate each other, to secure the collection of health data. Our scheme uses the crypto hash function to check the integrity of authentication exchanges. In addition, it provides mutual authentication with anonymity and terminates with a session key agreement between each local base station and the hospital cloud server. To assess our scheme, we conduct performance and security analysis. Results show that our scheme is secure, lightweight, and resistant to different types of attacks.

Zainab Jamroz,Insaf Ullah,Bilal Hassan,Noor Ul Amin,Muhammad Asghar Khan,Pascal Lorenz,Nisreen Innab

DOI: https://doi.org/10.3390/fi15080258

2023-01-01

Future Internet

Abstract:The Internet of Medical Things (IoMT) overcomes the flaws in the traditional healthcare system by enabling remote administration, more effective use of resources, and the mobility of medical devices to fulfil the patient's needs. The IoMT makes it simple to review the patient's cloud-based medical history in addition to allowing the doctor to keep a close eye on the patient's condition. However, any communication must be secure and dependable due to the private nature of patient medical records. In this paper, we proposed an authentication method for the IoMT based on hyperelliptic curves and featuring dual signatures. The decreased key size of hyperelliptic curves makes the proposed scheme efficient. Furthermore, security validation analysis is performed with the help of the formal verification tool called Scyther, which shows that the proposed scheme is secure against several types of attacks. A comparison of the proposed scheme's computational and communication expenses with those of existing schemes reveals its efficiency.

Muhammad Arif Mughal,Xiong Luo,Ata Ullah,Subhan Ullah,Zahid Mahmood

DOI: https://doi.org/10.1109/access.2018.2844406

IF: 3.9

2018-01-01

IEEE Access

Abstract:Internet of Things (IoT) comprises of large number of smart devices that can exchange sensed data by availing online services. Smart devices can directly interact with the human beings for sensing the healthcare parameters and transmitting to a central repository. During the data exchange, it is mandatory to secure the messages between sender and receiver to handle the malicious human based attacks. For providing secure communication, a number of signature-based schemes are explored in literature but smart devices need more lightweight operations by ensuring desired security strengths. The main problem during signature based approaches is the computational overhead due to large real numbers required for signature and verification processes. This paper presents a light weight shortened complex digital signature algorithm for providing secure communication between smart devices in human centered IoT. We have used less extensive operations to achieve signature and verification processes like human beings do signatures on legal documents and verify later as per witness. We have also presented a multi-option parameter selection to use a signature-verification pair of expressions at particular index by adopting the common practice of human beings for using different signatures as per document criticality level. It enhances the security strength to guard against traffic analysis attacks. We have developed an experimental setup where a number of cell phones and smart devices are considered for secure communication using existing and proposed digital signature schemes. Results demonstrate the supremacy of our scheme as compared to preliminaries.

S. Satheesh Kumar,Manjula Sanjay Koti

DOI: https://doi.org/10.1007/s13721-021-00329-z

2021-08-12

Network Modeling Analysis in Health Informatics and Bioinformatics

Abstract:In recent decades, broad range of Internet of Things (IoT) technologies are deployed such as machine to machine communication, Internet Technologies (IT), robots, smart devices, and wireless sensor networks. IoT is a spectacular technology in the modern world of IT in which the objects can do data transmission and connect using the intranet or internet networks. Data security and privacy is one of the top most challenging issue where several researchers are showing interest that to especially in healthcare domain. For this reason, a hybrid combination of Elliptic Curve Digital Signature Algorithm (ECDSA), Rivest Cipher 4 (RC4), and Secure Hash Algorithm (SHA-256) is proposed for protecting the reliable data which is transmitted from the IoT based healthcare systems. In the proposed model, the ECDSA is used for improving the RC4 in which the encryption of key is processed by ECDSA for performing the XOR operation in RC4. Furthermore, the security is ensured by transforming the incoming data using the SHA-256 technique. Experimental results show that the proposed model outperforms for 10 MB of data in terms of encryption time that obtained as 631 ms, decryption time is 616 ms, and throughput obtained by the proposed models is 11.71 MB/ms when compared with other existing techniques such as ECC+3DES+SHA-256, RC4+AES+SHA-256, and ECC+RC2+SHA-256.

Jianying Qiu,Kai Fan,Kuan Zhang,Qiang Pan,Hui Li,Yintang Yang

DOI: https://doi.org/10.1109/access.2019.2958089

IF: 3.9

2019-01-01

IEEE Access

Abstract:The Internet of Things (IoT) is developing towards smart and mobile Internet of Things (SM-IoT), which has made great progress. Due to the inherent heterogeneity, distribution, intensive communication, and resource constraints of SM-IoT, efficient security and privacy communication protocols become a particularly critical challenge. Signcryption has received considerable attention. Various signcryption schemes have been proposed to solve secure communication. However, most of them are low in efficiency, without the consideration of characteristics of the SM-IoT. In this paper, we propose a signcryption scheme to achieve efficient secure multi-message and multi-receiver communication for the heterogeneous and distributed SM-IoT. We develop Identity-based Cryptography (IBC) and Certificateless Cryptography (CLC) to solve the certificate management problem. Our scheme no longer needs wireless secure channel during key generation phase of traditional CLC system, which improves the applicability of our scheme in wireless SM-IoT environment. There is no expensive operations, such as bilinear pairing, in our scheme. In addition, our scheme out sources part of the verification overhead from the SM-IoT users to the gateway without revealing user privacy. The performance evaluation shows that the computation efficiency in both sender and receiver side is improved in our scheme.

Ali Muhammad,Noor Ul Amin,Insaf Ullah,Ahmed Alsanad,Saddam Hussain,Suheer Al-Hadhrami,M. Irfan Uddin,Hizbullah Khattak,Muhammad Asghar Khan

DOI: https://doi.org/10.1155/2021/9960264

IF: 1.43

2021-01-01

Mathematical Problems in Engineering

Abstract:Currently, hyperelliptic curve cryptography (HECC) got attractions towards low power devices such as Industrial Internet of Things (IIoT). As we all know, it has the capability of utilizing low key size, which can be suitable for IIoT environment. Inspired by the aforementioned property of HECC, we proposed an efficient scheme for IIoT using certificateless signature with the help of HECC. The presented approach is proven to be unforgeable against the challenges of type I and type II attackers. We tested the security of the designed approach through Automated Validation of Internet Security Protocols and Applications (AVISPA). We also performed the computational and communicational cost comparisons with already existed schemes, and it is observed from our analysis that our scheme is computationally efficient and needs low communication cost.

Zahid Mahmood,Huansheng Ning,Ata Ullah,Xuanxia Yao

DOI: https://doi.org/10.3390/app7101069

2017-01-01

Applied Sciences

Abstract:Internet-of-Things (IoT) include a large number of devices that can communicate across different networks. Cyber-Physical Systems (CPS) also includes a number of devices connected to the internet where wearable devices are also included. Both systems enable researchers to develop healthcare systems with additional intelligence as well as prediction capabilities both for lifestyle and in hospitals. It offers as much persistence as a platform to ubiquitous healthcare by using wearable sensors to transfer the information over servers, smartphones, and other smart devices in the Telecare Medical Information System (TMIS). Security is a challenging issue in TMIS, and resourceful access to health care services requires user verification and confidentiality. Existing schemes lack in ensuring reliable prescription safety along with authentication. This research presents a Secure Authentication and Prescription Safety (SAPS) protocol to ensure secure communication between the patient, doctor/nurse, and the trusted server. The proposed procedure relies upon the efficient elliptic curve cryptosystem which can generate a symmetric secure key to ensure secure data exchange between patients and physicians after successful authentication of participants individually. A trusted server is involved for mutual authentication between parties and then generates a common key after completing the validation process. Moreover, the scheme is verified by doing formal modeling using Rubin Logic and validated using simulations in NS-2.35. We have analyzed the SAPS against security attacks, and then performance analysis is elucidated. Results prove the dominance of SAPS over preliminaries regarding mutual authentication, message integrity, freshness, and session key management and attack prevention.

Muhammad Asghar Khan,Hosam Alhakami,Wajdi Alhakami,Alexey V. Shvetsov,Insaf Ullah

DOI: https://doi.org/10.3390/s23125419

IF: 3.9

2023-06-08

Sensors

Abstract:The integration of the Internet of Things (IoT) and the telecare medical information system (TMIS) enables patients to receive timely and convenient healthcare services regardless of their location or time zone. Since the Internet serves as the key hub for connection and data sharing, its open nature presents security and privacy concerns and should be considered when integrating this technology into the current global healthcare system. Cybercriminals target the TMIS because it holds a lot of sensitive patient data, including medical records, personal information, and financial information. As a result, when developing a trustworthy TMIS, strict security procedures are required to deal with these concerns. Several researchers have proposed smart card-based mutual authentication methods to prevent such security attacks, indicating that this will be the preferred method for TMIS security with the IoT. In the existing literature, such methods are typically developed using computationally expensive procedures, such as bilinear pairing, elliptic curve operations, etc., which are unsuitable for biomedical devices with limited resources. Using the concept of hyperelliptic curve cryptography (HECC), we propose a new solution: a smart card-based two-factor mutual authentication scheme. In this new scheme, HECC's finest properties, such as compact parameters and key sizes, are utilized to enhance the real-time performance of an IoT-based TMIS system. The results of a security analysis indicate that the newly contributed scheme is resistant to a wide variety of cryptographic attacks. A comparison of computation and communication costs demonstrates that the proposed scheme is more cost-effective than existing schemes.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jawaid Iqbal,Abdul Waheed,Mahdi Zareei,Arif Iqbal Umar,Noor Ul Amin,Abdallah Aldosary,Ehab Mahmoud Mohamed

DOI: https://doi.org/10.1109/access.2020.3035324

IF: 3.9

2020-01-01

IEEE Access

Abstract:With the rising number of patients along with the same time, the comparative evolution in wireless technology has made Body Sensor Networks (BSNs) flourishing in the market. In BSNs, tiny biosensor nodes are deployed inside/outside of a human body to continuously monitor patient vital signs such as heartbeat rate, blood pressure, respiratory rate, and temperature. BSNs face various challenges due to their constrained nature environment. These are prioritized, delaying less, and secure patient data transmission using a public network, simultaneous reception of patient data by end-users, patient identity privacy, high overhead, and energy constraints. However, various researchers have worked in this domain, unable to cope with all these issues in one go. In this paper, we have proposed a novel cryptosystem covering the mentioned issues in a desirable way. For this purpose, we offer a novel concept of a lightweight and secure attribute-based multi-receiver generalized signcryption scheme that can adaptively work as an encryption mode, a signature mode, or a signcryption mode with a single algorithm that consume fewer resources by using shorter keys size of Hyper-elliptic Curve Cryptography (HECC). Similarly, we design a modified priority-based scheduling algorithm to delay less emergency patient data. Multiple end-users access the encoded data simultaneously by defining an access policy using AND & OR logic gates. Furthermore, we simulate our scheme using the AVISPA tool and demonstrate that our proposed scheme can meet the security requirements such as data confidentiality (IND-CCA), integrity, unforgeability (EUF-CMA), patient data authenticity, forward secrecy, and non-repudiation distinctly in the Random Oracle Model (ROM). Due to lower processing costs and transmission overhead, this scheme is more efficient and suitable for the resource-constrained environment of BSNs.

Shanvendra Rai,Rituparna Paul,Subhasish Banerjee,Preetisudha Meher

DOI: https://doi.org/10.1007/s11042-024-18625-x

IF: 2.577

2024-03-27

Multimedia Tools and Applications

Abstract:The Internet of Medical Things (IoMT) provides such flexibility in our society where anyone can get medical treatment at any time, from anywhere. IoMT is a type of network where different resource-constraint physiological sensors are deployed in and/or on the human body that connects with the internet through the Gateway node, for monitoring purposes. However, due to the open nature of communication in the IoMT; the security, and privacy of patients' sensed data is very challenging, and that needs to be addressed, because any modification or alteration to it may lead to putting the life of a patient in danger. In this context, Chunka et al. proposed an authentication and key agreement (AKA) scheme for IoMT and claimed that the scheme has many security features and is easy to deploy. Unfortunately, it came to notice during this research that the scheme is vulnerable to multiple attacks, including replay, insider, smart card loss, eavesdropping, and server spoofing attacks, additionally failing to establish the session key agreement. So to overcome this issue, an efficient and improved multi-factor lightweight mutual AKA scheme is proposed through this article by incorporating a PUF-enabled sensor node and smart card for the users. To prove the superiority of the proposed schemes and to demonstrate the security features, the scheme is verified by formal security proof using the ROR model and informal proof using the AVISPA tool kit. In the end, a comprehensive analysis covering security, performance, and a comparative evaluation with existing similar approaches along with the Chunka et al. scheme demonstrates that the suggested approach not only achieves a higher level of protection against commonly recognized threats but also maintains an economically efficient mechanism concerning sensor nodes.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Mamoona Humayun

DOI: https://doi.org/10.17485/IJST/V13I28.861

2020-01-01

Indian Journal of Science and Technology

Abstract:Background/objectives: This study presents a secure and energy-efficient scheme of patient’s data transmission from wearable IoT sensors (WIS) to base station (BS). IoT sensors are widely used in the healthcare domain for realtime data collection and transmission. However, these sensors are resourceconstrained in terms of computational power and storage due to which chances of security breaches and threats increase. Moreover, with time the energy level of IoT sensors also degrade that sometimes leads towards loss of sensitive patient data. Purpose: The purpose of this study is to provide secure data transmission between wearable sensors and base stations and increasing energy efficiency of resource-constrained wearable IoT sensors. Method: The proposed scheme was tested by creating a mathematical model and then creating a simulation setup using the Cooja Contiki simulator. Findings: The results show that the proposed scheme provides secure and energy-efficient data transmission from WISs to BS as compared to the existing approaches. Further, the proposed scheme addresses some key issues including availability, reliability, scalability, and limited patient mobility. Novelty: Our research presented a unique approach for e-health applications using the IoT, where we considered the lightweight and secure scheme providing multiple group node concept. Keywords: Internet of Things (IoT); wearable IoT sensors (WIS); healthcare; Group node (GN); base station (BS); simulation

Abigail Akosua Addobea,Jun Hou,Qianmu Li

DOI: https://doi.org/10.1155/2020/7085623

IF: 1.968

2020-01-01

Security and Communication Networks

Abstract:Current trends of mobile technology have seen a tremendous growth in its application in smart healthcare. This has resulted in the adoption and implementation of mobile health (m-health) systems by providing health assistance to the aging population. Despite its advantageous benefits, its computational complexities cannot be overlooked. M-health devices are portable processing tiny equipment with limited computational capabilities thereby making them complex for the implementation of public key cryptosystems. In spite of this, an Offline-Online signature scheme called the MHCOOS has been proposed to solve the difficulties in the computational ability. The scheme enjoys the following benefits by splitting the signing part into both offline and online phases. The offline phase performs heavy computations when a message is absent, whereas lighter computations are performed at the online stage when a message is present. Secondly, the online computations are extremely fast due to the already computed offline signature value and lighter pairings involved. Our performance analysis demonstrates how the proposed scheme outperforms other schemes. Finally, the hardness of the scheme is proven under the Bilinear Diffie–Hellman (BDH) and Computational Diffie–Hellman (CDH) problem in the random oracle model.

Ruhul Amin,SK Hafizul Islam,G. P. Biswas,Muhammad Khurram Khan,Xiong Li

DOI: https://doi.org/10.1007/s10916-015-0318-z

IF: 4.92

2015-01-01

Journal of Medical Systems

Abstract:The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in health care system. Note that patient authentication including secure data transmission in e-health care system is critical issue. Although several user authentication schemes for accessing remote services are available, their security analysis show that none of them are free from relevant security attacks. We reviewed Das et al.’s scheme and demonstrated their scheme lacks proper protection against several security attacks such as user anonymity, off-line password guessing attack, smart card theft attack, user impersonation attack, server impersonation attack, session key discloser attack. In order to overcome the mentioned security pitfalls, this paper proposes an anonymity preserving remote patient authentication scheme usable in E-health care systems. We then validated the security of the proposed scheme using BAN logic that ensures secure mutual authentication and session key agreement. We also presented the experimental results of the proposed scheme using AVISPA software and the results ensure that our scheme is secure under OFMC and CL-AtSe models. Moreover, resilience of relevant security attacks has been proved through both formal and informal security analysis. The performance analysis and comparison with other schemes are also made, and it has been found that the proposed scheme overcomes the security drawbacks of the Das et al.’s scheme and additionally achieves extra security requirements.

Sumithra Alagarsamy,Vijayalakshmi Nagarajan,M. M. Yamuna Devi

DOI: https://doi.org/10.1007/s11276-023-03624-x

IF: 2.701

2024-01-31

Wireless Networks

Abstract:The technological breakthroughs of Internet of thing (IoT) applications in various sectors are nowadays contributing to the development of smart mobile IoT (SM-IoT). Lack of authentication and encryption schemes make SM-IoT more susceptible to major security and privacy issues. Signcryption has evolved as a new paradigm in recent years that provides better authenticity and security to the messages and minimizes both computation cost and communication costs simultaneously. To secure the communicated message on the sender and receiver sides, this paper proposes an efficient and secure decentralized communication system to offer personalized service for the users. The proposed network framework comprises four key entities namely trusted service providers, gateways, resource senders, and receivers. The master private keys are generated at the initial setup phase. Then, the optimal partial private keys are extracted and broadcasted through the channel by the key extraction process utilizing the fuzzy whale sine cosine levy algorithm. The ciphertext is generated for the sender on signcryption using a modified Identity-based Cryptography approach. The signcryption ciphertext generated is broadcasted via gateways to the receiver by measuring verification parameters. Finally, the designcryption process is performed using the certificateless hybrid signcryption scheme to retrieve the plaintext message. The proposed secure communication network is evaluated using performance metrics such as bilinear pairing time, modular experimentation time, pairing-based experimentation time, elliptic curve (EC) scalar point multiplication time, map-to-point hash function time, and EC point addition time. The experimental results revealed the effectiveness of the proposed secure communication framework on both the sender and receiver sides.

computer science, information systems,telecommunications,engineering, electrical & electronic

Sangjukta Das,Suyel Namasudra

DOI: https://doi.org/10.1002/ett.4716

IF: 3.6

2023-01-04

Transactions on Emerging Telecommunications Technologies

Abstract:The proposed scheme consists of three entities, namely IoT device (IoTD), gateway, and central administrator (CA). An IoTD is a resource‐constrained device associated with a patient's body. It collects patients' real‐time healthcare data and sends them to the intended entity via a gateway device. The gateway acts as an intermediate entity between the IoTD and user. The CA is the central entity of the proposed scheme. In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

telecommunications