Zhen Yan,Haipeng Qu,Xi-Jun Lin

DOI: https://doi.org/10.1093/comjnl/bxae048

2024-06-09

The Computer Journal

Abstract:Abstract Recently, Qiao et al. proposed a novel construction of certificateless aggregate signature (CLAS) scheme to ensure the integrity and authenticity of medical data in healthcare wireless medical sensor networks (HWMSNs). They first created an underlying certificateless signature (CLS) scheme, and then proposed a CLAS scheme from the underlying CLS scheme by adding an aggregation algorithm and a verification algorithm. In this paper, we point out that their CLS scheme is insecure because the Type I adversary can forge valid signatures. That is, the unforgeability is not actually captured by their CLS scheme. Finally, we map our cryptanalysis to the practical application. That is, in the practical application of HWMSNs, the attacker can launch real attack to their CLS scheme using our cryptanalysis to forge signatures. Therefore, Qiao et al.’s CLS scheme can be totally broken.

computer science, information systems, theory & methods, software engineering, hardware & architecture

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Min Liu,Liangliang Wang,Kai Zhang,Yu Long,Baodong Qin

DOI: https://doi.org/10.1007/s12083-023-01610-w

IF: 3.488

2024-01-16

Peer-to-Peer Networking and Applications

Abstract:Wireless medical sensor networks (WMSNs) realize remote monitoring of patients' health status through the combination of medical sensors and wireless communication. There is an urgent need to ensure the integrity, authenticity, authentication, and privacy of patients' medical data and improve treatment outcomes. Currently, many aggregate signature schemes have been developed to protect patients' medical data in WMSNs. Among them, the pairing operation and key exposure in some aggregate signature schemes can raise efficiency and security issues in medical data transmission, and some of them do not achieve equivalent security, which leads to healthcare professionals receiving inaccurate medical data. Aiming at these, this paper proposes a pairing-free certificate-based key-insulated aggregate signature scheme (CB-KIAS) in WMSNs, which introduces key-insulated technique that can effectively avoid the problem of key exposure. According to formal security proof, this scheme is unforgeable against adaptive-chosen message attacks and having the equivalent security of aggregate signature to ensure that the validity of the aggregate signature is equal to the validities of all single signatures to resist fully chosen-key attacks. The proposed CB-KIAS scheme, utilizing elliptic curves and the combination of online/offline cryptography mechanism, is effective and more suitable for resource-constrained medical sensors when compared with other related schemes.

computer science, information systems,telecommunications

Weifeng Long,Lunzhi Deng,Jiwen Zeng,Yan Gao,Tianxiu Lu

DOI: https://doi.org/10.3390/s24154899

2024-07-28

Abstract:A Wireless Body Area Network (WBAN), introduced into the healthcare sector to improve patient care and enhance the efficiency of medical services, also brings the risk of the leakage of patients' privacy. Therefore, maintaining the communication security of patients' data has never been more important. However, WBAN faces issues such as open medium channels, resource constraints, and lack of infrastructure, which makes the task of designing a secure and economical communication scheme suitable for WBAN particularly challenging. Signcryption has garnered attention as a solution suitable for resource-constrained devices, offering a combination of authentication and confidentiality with low computational demands. Although the advantages offered by existing certificateless signcryption schemes are notable, most of them only have proven security within the random oracle model (ROM), lack public ciphertext authenticity, and have high computational overheads. To overcome these issues, we propose a certificateless anonymous signcryption (CL-ASC) scheme suitable for WBAN, featuring anonymity of the signcrypter, public verifiability, and public ciphertext authenticity. We prove its security in the standard model, including indistinguishability, unforgeability, anonymity of the signcrypter, and identity identifiability, and demonstrate its superiority over relevant schemes in terms of security, computational overheads, and storage costs.

Jingwei Liu,Zonghua Zhang,Xiaofeng Chen,Kyung Sup Kwak

DOI: https://doi.org/10.1109/tpds.2013.145

IF: 5.3

2014-02-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Wireless body area network (WBAN) has been recognized as one of the promising wireless sensor technologies for improving healthcare service, thanks to its capability of seamlessly and continuously exchanging medical information in real time. However, the lack of a clear in-depth defense line in such a new networking paradigm would make its potential users worry about the leakage of their private information, especially to those unauthenticated or even malicious adversaries. In this paper, we present a pair of efficient and light-weight authentication protocols to enable remote WBAN users to anonymously enjoy healthcare service. In particular, our authentication protocols are rooted with a novel certificateless signature (CLS) scheme, which is computational, efficient, and provably secure against existential forgery on adaptively chosen message attack in the random oracle model. Also, our designs ensure that application or service providers have no privilege to disclose the real identities of users. Even the network manager, which serves as private key generator in the authentication protocols, is prevented from impersonating legitimate users. The performance of our designs is evaluated through both theoretic analysis and experimental simulations, and the comparative studies demonstrate that they outperform the existing schemes in terms of better trade-off between desirable security properties and computational overhead, nicely meeting the needs of WBANs.

computer science, theory & methods,engineering, electrical & electronic

Pradeep Radhakrishnan,Praveen Kumar Sugumar,Preethi Ponnan,Gopirajan Punniyakotti Varadharajan

DOI: https://doi.org/10.1007/s12083-024-01717-8

IF: 3.488

2024-05-24

Peer-to-Peer Networking and Applications

Abstract:Wireless Sensor Networks has been characterized by a disseminated, structured, and independent collection of sensor nodes deployed for broad variants of applications ranging from military, environment-friendly, disaster management, wild-life smart-grid, emergency care, medical treatment and agriculture. However, data has been transmitted in a wide-open wireless infrastructure which can be highly poised with security and privacy attacks. Hence data sent through wireless sensor networks are to be protected. Typically, the sensor utilized is highly resource-constrained in nature, there is a need to achieve a better trade-off between the energy, efficacy, data transmission and scalability. Therefore, in order to cater to these requirements, a full privacy preserving distributed certificate-less signature authentication scheme for secure and efficient data transmission in wireless sensor networks has been proposed. The proposed technique utilizes elliptic curve cryptography, a pairing-free cryptography that offers high security even with smaller key sizes. In order to eliminate the problem of central dependency of the trusted authority or the key generation center, the proposed model utilizes a distributed way of key distribution and management thereby reducing the computational and communication burden associated with it. The proposed methodology has been proved to be efficient by means of security analysis using ROM model. Experimentation has been carried out by using the Networks Simulator tool (NS2) and the performance evaluation shows that the proposed authentication scheme has provided a better trade-off between the objectives like energy efficiency, routing, and scalability.

computer science, information systems,telecommunications

Yulei Chen,Jianhua Chen

DOI: https://doi.org/10.1109/jiot.2021.3121552

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:With the popularity of vehicular ad-hoc networks (VANETs), the secure communications between the vehicle and vehicle as well as between the vehicle and infrastructure have attracted people’s great attention. Vehicle privacy protection (including vehicle identity privacy and location privacy), high mobility, density, and limited bandwidth are also a problem that cannot be negligible. In VANETs, it is necessary to design a message authentication protocol to ensure data transmission security, vehicle anonymity, and unlinkability. Considering the resource-constrained environments, the certificateless aggregate signature (CLAS) scheme can compress $n$ signatures of $n$ messages from $n$ vehicles into a single signature, which reduces the signature verification time and storage overhead at the roadside unit. Based on the aforementioned analysis, we design a fully aggregated conditional privacy-preserving CLAS scheme (CPP-CLAS) for VANETs. Instead of using the expensive bilinear pairings and map-to-point hash function operations, the proposed CPP-CLAS scheme uses the elliptic curve cryptosystem (ECC) and general hash functions. Also, with the use of CLAS technology, the computation and communication cost of the scheme are significantly reduced. In addition, based on the elliptic-curve discrete logarithm problem (ECDLP), we prove that the CPP-CLAS scheme is existential unforgeability under adaptively chosen message attacks (EUF-CMAs). Performance and security analyses show that the CPP-CLAS scheme is more efficient and secure than other existing related schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xiaodong Yang,Songyu Li,Lan Yang,Xiaoni Du,Caifen Wang

DOI: https://doi.org/10.1109/tits.2024.3367925

IF: 8.5

2024-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:Vehicular ad-hoc networks (VANETs) are integral to the evolution of intelligent transportation systems, offering substantial benefits in managing traffic flow, issuing warnings for potential accidents, and delivering information services to drivers. To ensure the authenticity and integrity of data exchanged within VANETs, numerous authentication schemes based on certificateless aggregate signature (CLAS) have been developed. However, state-of-the-art solutions often fail to be applicable in real-world VANETs due to security weaknesses and operational inefficiencies. Recently, Zhu et al. proposed an efficient CLAS-based authentication scheme with conditional privacy preservation (CPP) for VANETs (IEEE Transactions on Intelligent Transportation Systems, DOI: 10.1109/TITS.2023.3275077). Unfortunately, our analysis reveals that Zhu et al.’s scheme is incapable of withstanding coalition attacks from malicious RSUs and vehicles as well as public-key replacement attacks from dishonest vehicles. To facilitate secure communication in VANETs, we present a security-enhanced, pairing-free and energy-efficient CLAS-based authentication scheme with CPP for VANETs. This scheme has been rigorously proven to be secure against Type I, Type II and Type III attackers. Distinguished from other comparable schemes, our construction significantly reduces communication overhead and energy consumption while simultaneously fortifying security.

engineering, electrical & electronic,transportation science & technology, civil

Hong Shu,Ping Qi,Yongqing Huang,Fulong Chen,Dong Xie,Liping Sun

DOI: https://doi.org/10.3390/s20051521

IF: 3.9

2020-03-10

Sensors

Abstract:Different from the traditional healthcare field, Medical Cyber Physical Systems (MCPS) rely more on wireless wearable devices and medical applications to provide better medical services. The secure storage and sharing of medical data are facing great challenges. Blockchain technology with decentralization, security, credibility and tamper-proof is an effective way to solve this problem. However, capacity limitation is one of the main reasons affecting the improvement of blockchain performance. Certificateless aggregation signature schemes can greatly tackle the difficulty of blockchain expansion. In this paper, we describe a two-layer system model in which medical records are stored off-blockchain and shared on-blockchain. Furthermore, a multi-trapdoor hash function is proposed. Based on the proposed multi-trapdoor hash function, we present a certificateless aggregate signature scheme for blockchain-based MCPS. The purpose is to realize the authentication of related medical staffs, medical equipment, and medical apps, ensure the integrity of medical records, and support the secure storage and sharing of medical information. The proposed scheme is highly computationally efficient because it does not use bilinear maps and exponential operations. Many certificateless aggregate signature schemes without bilinear maps in Internet of things (IoT) have been proposed in recent years, but they are not applied to the medical field, and they do not consider the security requirements of medical data. The proposed scheme in this paper has high computing and storage efficiency, while meeting the security requirements in MCPS.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yihao Hu,Chunguang Huang,Hai Cheng

DOI: https://doi.org/10.1016/j.comcom.2024.02.020

IF: 5.047

2024-02-28

Computer Communications

Abstract:Smart healthcare overcomes the limitations of time and space, allowing users to access medical and health services anywhere and anytime, thus improving the quality and efficiency of these services. However, due to its excessive reliance on wireless public networks, smart healthcare faces challenges and issues related to communication security. As a result, authentication and key agreement are critical as the first line of defense for smart healthcare communications. Over the past few years, numerous authentication and key agreement schemes have been proposed by experts and scholars, but most of these schemes are not applicable to practical scenarios due to their lack of security and efficiency. To address these issues, we propose an elliptic curve-based certificateless conditional privacy-preserving authentication and key agreement scheme. This scheme does not require endorsement from a Certificate Authority (CA) and features lightweight and secure properties, making it suitable for resource-limited smart healthcare communication. In addition, the security of the proposed scheme is proven under the random oracle model, and its safety is supplemented using BAN logic. Finally, performance analysis reveals that the proposed scheme not only satisfies security property and can withstand general attacks but also offers certain advantages in communication efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Kui Ma,Yanwei Zhou,Ying Wang,Chunsheng Dong,Zhe Xia,Bo Yang,Mingwu Zhang

DOI: https://doi.org/10.1109/jsyst.2023.3269597

IF: 4.802

2023-01-01

IEEE Systems Journal

Abstract:The Internet of Things (IoT) is helpful in making people's life more convenient and efficient. To ensure that the nodes within IoT can interact securely, a certificateless signature (CLS) can be used to protect message authentication in the IoT. Recently, some concrete constructions of CLS schemes have been proposed in the literature, but through our analyses, we demonstrate that some existing CLS schemes cannot keep their claimed security because of various security flaws. For example, a valid signature can be forged by any Type I adversary by replacing the corresponding user's public key. In this article, we describe the security flaws that need to be addressed and introduce a novel CLS scheme without using bilinear mapping. The existential unforgeability in our proposed scheme can be proved based on the hardness of the elliptic curve discrete logarithm problem in the random oracle model. The comparison with existing CLS schemes shows that our scheme not only enjoys more security features but also is more efficient in computation. Moreover, we introduce an identity authentication protocol as the application of our proposed CLS scheme, which achieves mutual authentication and anonymity in communications.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Yonghua Zhan,Yang Yang,Bixia Yi,Renjie He,Rui Shi,Xianghan Zheng

DOI: https://doi.org/10.1016/j.comcom.2024.107935

IF: 5.047

2024-09-13

Computer Communications

Abstract:With the widespread use of mobile communication and smart devices in the medical field, mobile healthcare has gained significant attention due to its ability to overcome geographical limitations and provide more efficient and high-quality medical services. In mobile healthcare, various instruments and wearable device data are collected, encrypted, and uploaded to the cloud, accessible to medical professionals, researchers, and insurance companies, among others. However, ensuring the security and privacy of healthcare data in the context of mobile networks has been a highly challenging issue.Certificateless signature schemes allow patients to conceal their respective privacy information for different sharing needs. Nevertheless, existing mobile healthcare data protection solutions suffer from costly certificate management and the inability to restrict signature verifiers. This paper proposes a certificateless designated verifier sanitizable signature for mobile healthcare scenarios, aiming to enhance the security and privacy of mobile healthcare data. This scheme enables the sanitization of sensitive data without the need for certificate management and allows for the specification of signature verifiers. This ensures the confidentiality of medical data, protects patient privacy, and prevents unauthorized access to healthcare data.Through security analysis and experimental comparisons, it is demonstrated that the proposed scheme is both efficient and effectively ensures data security and user privacy. Therefore, it is well-suited for privacy protection in mobile healthcare data.

computer science, information systems,telecommunications,engineering, electrical & electronic

Asad Iqbal,Muhammad Zubair,Muhammad Asghar Khan,Insaf Ullah,Ghani Ur-Rehman,Alexey V. Shvetsov,Fazal Noor

DOI: https://doi.org/10.3390/fi15080266

2023-08-11

Future Internet

Abstract:Vehicular ad hoc networks (VANETs) have become an essential part of the intelligent transportation system because they provide secure communication among vehicles, enhance vehicle safety, and improve the driving experience. However, due to the openness and vulnerability of wireless networks, the participating vehicles in a VANET system are prone to a variety of cyberattacks. To secure the privacy of vehicles and assure the authenticity, integrity, and nonrepudiation of messages, numerous signature schemes have been employed in the literature on VANETs. The majority of these solutions, however, are either not fully secured or entail high computational costs. To address the above issues and to enable secure communication between the vehicle and the roadside unit (RSU), we propose a certificateless aggregate signature (CLAS) scheme based on hyperelliptic curve cryptography (HECC). This scheme enables participating vehicles to share their identities with trusted authorities via an open wireless channel without revealing their identities to unauthorized participants. Another advantage of this approach is its capacity to release the partial private key to participating devices via an open wireless channel while keeping its identity secret from any other third parties. A provable security analysis through the random oracle model (ROM), which relies on the hyperelliptic curve discrete logarithm problem, is performed, and we have proven that the proposed scheme is unforgeable against Type 1 () and Type 2 () forgers. The proposed scheme is compared with relevant schemes in terms of computational cost and communication overhead, and the results demonstrate that the proposed scheme is more efficient than the existing schemes in maintaining high-security levels.

Hu Xiong,Qianhong Wu,Zhong Chen

DOI: https://doi.org/10.1109/INCoS.2011.151

2011-01-01

Abstract:An aggregate signature scheme allows a public algorithm to aggregate n signatures of n distinct messages from n signers into a single signature. By validating the single resulting signature, one can be convinced that the messages have been endorsed by all the signers. Certificateless aggregate signatures allow the signers to authenticate messages without suffering from the complex certificate management in the traditional public key cryptography or the key escrow problem in identity-based cryptography. In this paper, we present a new efficient certificate less aggregate signature scheme. Compared with up-to-date certificate less aggregate signatures, our scheme is equipped with a number of attracting features: (1) it is shown to be secure under the standard computational Diffie-Hellman assumption in the random oracle model, (2) the security is proven in the strongest security model so far, (3) the signers do not need to be synchronized, and (4) its performance is comparable to the most efficient up-to-date schemes. These features are desirable in a mobile networking and computing environment where the storage/computation capacity of the end devices are limited, and due to the wireless connection and distributed feature, the computing devices are easy to be attacked and hard to be synchronized.

Taewoong Kang,Naryun Woo,Jihyeon Ryu

DOI: https://doi.org/10.1109/access.2024.3373879

IF: 3.9

2024-03-12

IEEE Access

Abstract:In the rapidly evolving environment of wireless medical sensor networks (WMSN) and the internet of medical things (IoMT), remote medical support has seen unprecedented advancements. It is essential that the data relayed from the sensors must be trustworthy and unaltered, and that the sensors themselves are genuine. Wireless networks, however, have inherent vulnerabilities. In addition, since WMSN is directly linked to patients' lives, its continuous availability is crucial. Considerable efforts have been made to maintain the integrity and authenticity of such data. However, many studies have failed to address the problem of a single point of failure (SPOF). This issue has been particularly detrimental to patients who require ongoing management. To address this issue and ensure the protection of the authenticity and integrity of patient data, we suggest the implementation of an authentication scheme based on blockchain technology. In 2022, Yu et al. introduced a blockchain-integrated authentication and key generation scheme for WMSN using Physical Unclonable Functions (PUFs), effectively addressing the SPOF problem by conducting mutual authentication through smart contracts without relying on centralized servers. Our research found that this scheme inadvertently shared critical parameters, including challenge-response pairs and important private keys, with the blockchain network, making it vulnerable to various breaches. We present an enhanced protocol designed to mitigate these security challenges. By limiting the data interaction with smart contracts and ensuring only relevant parties access crucial parameters, our approach reduces the risk of public information disclosure on the blockchain. This not only mitigates the SPOF issue but also efficiently helps in prevention of physical attacks. We prove that our proposed system prevents known security vulnerabilities through informal and formal analysis using the Scyther, Proverif, and BAN logic. Furthermore, the proposed scheme offers 67.37% reduction in computation costs and 3.67% in communication costs, presenting an efficient and secure solution for WMSN in the IoMT landscape.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jingwei Liu,Huijuan Cao,Qingqing Li,Fanghui Cai,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.48550/arXiv.1804.01822

2018-04-05

Abstract:Recently, with the rapid development of big data, Internet of Things (IoT) brings more and more intelligent and convenient services to people's daily lives. Mobile healthcare crowd sensing (MHCS), as a typical application of IoT, is becoming an effective approach to provide various medical and healthcare services to individual or organizations. However, MHCS still have to face to different security challenges in practice. For example, how to quickly and effectively authenticate masses of bio-information uploaded by IoT terminals without revealing the owners' sensitive information. Therefore, we propose a large-scale concurrent data anonymous batch verification scheme for MHCS based on an improved certificateless aggregate signature. The proposed scheme can authenticate all sensing bio-information at once in a privacy preserving way. The individual data generated by different users can be verified in batch, while the actual identity of participants is hidden. Moreover, assuming the intractability of CDHP, our scheme is proved to be secure. Finally, the performance evaluation shows that the proposed scheme is suitable for MHCS, due to its high efficiency.

Cryptography and Security

Guanglu Wei,Kai Fan,Kuan Zhang,Haoyang Wang,Hui Li,Yintang Yang

DOI: https://doi.org/10.1109/jiot.2023.3323275

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:In recent years, the Internet of Things (IoT) has gained immense popularity in various aspects of work, learning, and daily life. Within the Internet of Things realm, there is a growing concern regarding communication security issues between users and servers. However, addressing the communication security between servers is equally imperative, which has not received as much attention. To this end, we propose a certificateless anonymous authenticated key agreement (AKA) algorithm based on Learning with Errors (LWE) and Inhomogeneous Small Integer Solution (ISIS) security assumptions. Our scheme provides strong resistance to quantum attacks and protects the privacy of communication servers. It also has constant communication costs and lower computational requirements than existing lattice-based anonymous AKA algorithms on the broadcast channel. Additionally, the proposed scheme eliminates the resource consumption of managing complex certificates and addresses the security risks associated with key escrow in the key generation center (KGC). Through security and performance analysis, we demonstrate that our approach can enhance the security of IoT-based healthcare systems while significantly improving communication efficiency. Our proposed scheme provides a promising solution to security issues related to server communication in IoT systems.

computer science, information systems,telecommunications,engineering, electrical & electronic

Huihui Zhu,Chunhua Jin,Yongliang Xu,Guanhua Chen,Liqing Chen

DOI: https://doi.org/10.1016/j.pmcj.2024.101893

IF: 3.848

2024-02-12

Pervasive and Mobile Computing

Abstract:As a special Internet of Things (IoT) application, the wireless body area network (WBAN) has gained widespread attention by medical institutions. However, existing schemes for WBAN data transmission lack heterogeneity support across certificateless cryptosystem (CLC) and public key infrastructure (PKI), resulting in issues like key escrow or complicated certificate management. In addition, for performance reasons, conventional signcryption protocols are unsuitable for WBAN applications. To address these gaps and enable secure and efficient sensitive data transmission from WBAN sensors to hospital servers, we design a heterogeneous online/offline signcryption scheme. Our scheme enables patients' sensors implanted or worn to encrypt sensitive data in CLC and send it to the hospital server in PKI system. The CLC avoids key escrow issue while the PKI increases scalability. We minimize the online computational cost of WBAN sensors by dividing signcryption into offline and online phases, with time-consuming operations in the offline phase. Furthermore, we formally prove the security of our scheme and evaluate its performance. Results show our scheme has advantages in supporting heterogeneity across CLC and PKI with low computational costs, making it uniquely suitable for the protection of data privacy in WBAN applications compared to existing protocols.

computer science, information systems,telecommunications

Shanvendra Rai,Rituparna Paul,Subhasish Banerjee,Preetisudha Meher,Rai, Shanvendra,Paul, Rituparna,Banerjee, Subhasish,Meher, Preetisudha

DOI: https://doi.org/10.1007/s11276-024-03690-9

IF: 2.701

2024-03-07

Wireless Networks

Abstract:Wireless medical sensor network (WMSN) is an application of the Internet of Things (IoT) that plays a very important role in today's era for the healthcare industry, especially after the COVID-19 pandemic. To maintain the security and privacy of the real-time health information of the users or patients, the proper mutual authentication and key agreement (AKA) is the foremost necessity. In this context, Shadi Nashwan proposed an end-to-end authentication scheme for a healthcare IoT system i.e. WMSN, and claimed that their scheme could resist so many existing possible threats and could maintain a low computational cost too. Unfortunately, during this research, it is found that their scheme can be threatened by eavesdropping and jamming/desynchronization attacks and have many computational flaws, as well. Moreover, they also assumed that the gateway node (GWN) is always trustworthy, but in reality, it is not always feasible, as the GWN may act as a local server. Hence, in this article, a new AKA scheme has been proposed using the user's physiological information like ECG data in order to make the WMSN more secure and reliable. In addition, the proposed scheme can resist many well-known threats like GWN spoofing attack, key escrow problem and can guard against GWN stolen database problem, also. To proof the superiority of the proposed scheme, the informal and formal security analysis have been performed using automated validation of internet security protocols and applications (i.e. AVISPA) and Burrows–Abadi–Needham (BAN) logic, respectively. Based on the comparative study with existing schemes concerning security features, computational and communicational cost, and storage requirement; the proposed scheme can perform better than the existing schemes and well suitable for practical implementations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Rui Guo,Ruihan Dong,Xiong Li,Yinghui Zhang,Dong Zheng

DOI: https://doi.org/10.1016/j.vehcom.2024.100763

IF: 6.7

2024-03-16

Vehicular Communications

Abstract:The emergence of the Vehicular Ad-hoc Networks (VANETs) has greatly enhanced the efficiency and safety of transportation systems. However, due to the dynamicness and openness of vehicular networks, it is vulnerable for VANETs to confront various security threats. The dissemination of disinformation and the occurrence of attacks within these networks can result in severe damage and compromise the overall security of transportation systems. To mitigate such challenges, this paper presents an efficient certificateless aggregate signature scheme with dynamic revocation in VANETs. Taking use of the early-stopping factorial bitwise divisions (EFBD) algorithm, it achieves the invalid signatures tracking, and revokes the malicious vehicles dynamically. In addition, by combining the fingerprint counting bloom filter (FP-CBF), the trust assessment mechanism and the cloud server, it enables the vehicle to remedy its incorrect signatures. At last, through the comprehensive security and performance analysis, it demonstrates that this protocol enjoys improved communication security and computational efficiency.

telecommunications,transportation science & technology