Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Pankaj Kumar,Saru Kumari,Vishnu Sharma,Arun Kumar Sangaiah,Jianghong Wei,Xiong Li

DOI: https://doi.org/10.1016/j.suscom.2017.09.002

IF: 4.923

2017-01-01

Sustainable Computing Informatics and Systems

Abstract:Healthcare industry is one of the areas where wireless sensor network provides a lot of opportunities. Online data sharing in healthcare industry not only increases the efficiency but also reduces the time constraints. In the healthcare wireless sensor network, patient's report is available online for health professionals without any delay after patient's checkup. Data privacy becomes an important issue in healthcare industry due to direct involvement of personal health related data of patients. Modified data may become a serious cause of casualty for patient. Digital signature scheme is a technique of public key cryptography that is widely accepted in digital world to retain privacy and integrity. Certificateless public key cryptography was proposed to remove the complication of certificate management in public key cryptography as well as the key escrow problem inherited in identity based cryptography. An aggregate signature scheme is a many to one map which maps different signatures on different messages to a single signature. This feature is very beneficial in an environment which is constrained by limited bandwidth and low computational time/effort, such as wireless sensor network, vehicular ad-hoc network and Internet of things. Our proposed certificateless aggregate signature enjoys the goodness of both the concepts, certificateless and aggregate. We construct a certificateless aggregate signature scheme and prove the security of constructed scheme by using widely-accepted Random Oracle Model under the computationally hard Diffie-Hellman assumption. Random Oracle Model based security analysis proves that our proposed scheme is provably secure against existential forgery on adaptive chosen message and identity attacks under the hardness of computational Diffie-Hellman problem and achieves the required goals such as confidentiality, non-repudiation and integrity. We use batch verification technique for speedy verification of signatures. Since energy consumption for aggregate signature verification in our scheme is lesser than that in many of the related schemes, the proposed CL-AS scheme is compatible with the resource scanty nature of wireless sensor networks. Thus the proposed CL-AS scheme is efficient and suitable for green healthcare wireless sensor networks (HWSNs). (C) 2017 Elsevier Inc. All rights reserved.

Hong Shu,Ping Qi,Yongqing Huang,Fulong Chen,Dong Xie,Liping Sun

DOI: https://doi.org/10.3390/s20051521

IF: 3.9

2020-03-10

Sensors

Abstract:Different from the traditional healthcare field, Medical Cyber Physical Systems (MCPS) rely more on wireless wearable devices and medical applications to provide better medical services. The secure storage and sharing of medical data are facing great challenges. Blockchain technology with decentralization, security, credibility and tamper-proof is an effective way to solve this problem. However, capacity limitation is one of the main reasons affecting the improvement of blockchain performance. Certificateless aggregation signature schemes can greatly tackle the difficulty of blockchain expansion. In this paper, we describe a two-layer system model in which medical records are stored off-blockchain and shared on-blockchain. Furthermore, a multi-trapdoor hash function is proposed. Based on the proposed multi-trapdoor hash function, we present a certificateless aggregate signature scheme for blockchain-based MCPS. The purpose is to realize the authentication of related medical staffs, medical equipment, and medical apps, ensure the integrity of medical records, and support the secure storage and sharing of medical information. The proposed scheme is highly computationally efficient because it does not use bilinear maps and exponential operations. Many certificateless aggregate signature schemes without bilinear maps in Internet of things (IoT) have been proposed in recent years, but they are not applied to the medical field, and they do not consider the security requirements of medical data. The proposed scheme in this paper has high computing and storage efficiency, while meeting the security requirements in MCPS.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Zhen Yan,Haipeng Qu,Xi-Jun Lin

DOI: https://doi.org/10.1093/comjnl/bxae048

2024-06-09

The Computer Journal

Abstract:Abstract Recently, Qiao et al. proposed a novel construction of certificateless aggregate signature (CLAS) scheme to ensure the integrity and authenticity of medical data in healthcare wireless medical sensor networks (HWMSNs). They first created an underlying certificateless signature (CLS) scheme, and then proposed a CLAS scheme from the underlying CLS scheme by adding an aggregation algorithm and a verification algorithm. In this paper, we point out that their CLS scheme is insecure because the Type I adversary can forge valid signatures. That is, the unforgeability is not actually captured by their CLS scheme. Finally, we map our cryptanalysis to the practical application. That is, in the practical application of HWMSNs, the attacker can launch real attack to their CLS scheme using our cryptanalysis to forge signatures. Therefore, Qiao et al.’s CLS scheme can be totally broken.

computer science, information systems, theory & methods, software engineering, hardware & architecture

Jayaprakash Kar,Xiaoguang Liu,Fagen Li

DOI: https://doi.org/10.1016/j.jisa.2021.102905

IF: 4.96

2021-01-01

Journal of Information Security and Applications

Abstract:Protecting data integrity and achieving non-repudiation in wireless sensor networks (WSNs) is very essential during data communication from one sensor to another. However, wireless sensor network nodes are severely limited by power, communication bandwidth, and storage space, so the traditional signature algorithm cannot be adapted to the environment. In this paper, we have proposed a certificateless aggregate signature scheme (CL-ASS) for WSNs. This scheme not only can significantly reduce the bandwidth consumed by network transmission and the occupancy of node storage space but also provides high privacy. In the random oracle model, we demonstrate the security of the scheme against two types of adversaries, under the assumption of the hardness of the computational Diffie–Hellman (CDH) Problem. Finally, the performance analysis shows that our scheme has an ideal computational and communication cost.

Qing Fan,Jianhua Chen,Feng Xu,Li,Min Luo

DOI: https://doi.org/10.1002/cpe.6178

2022-01-01

Abstract:SummaryWireless sensor networks (WSNs) are widespreadly applicable for information acquisition and processing in various fields such as military, healthcare, envrionment monitoring, and so on. WSNs have three main components: sensors, gateways, and users. The sensing information from sensors is transmitted to users through gateways. However, the public wireless networks are vulnerable to malicious active and passive attacks, which could bring security and privacy issues. Numerous two‐factor based authentication and key agreement (AKA) protocols have been proposed to solve these issues, whereas these schemes still have some deficiencies. Three‐factor based authentication method can make up for the drawbacks of two‐factor based schemes. Kumari and Renuka put forward a biometrics‐based AKA for WSNs with elliptic curve cryptography (ECC). But their scheme cannot maintain anonymity and resist to impersonality attack, replay attack, and DoS attack. In this article, we propose a biometrics‐based anonymous AKA scheme, which is equipped with the covered security requirements of WSNs. Meanwhile, the proposed scheme are provably secure in the three‐party AKA security model. Performance analysis demonstrates that our scheme has better security properties, communication cost, and computational cost compared with five recent and related schemes.

Jiaojiao Hong,Bo Liu,Qianyuan Sun,Fagen Li

DOI: https://doi.org/10.1007/s11276-017-1597-8

IF: 2.701

2019-01-01

Wireless Networks

Abstract:The wireless body area networks (WBANs) is a practical application model of Internet of things. It can be used in many scenarios, especially for e-healthcare. The medical data of patients is collected by sensors and transmitted using wireless communication techniques. Different users can access the patient’s data with different privileges. Access control is a crucial problem in WBANs. In this paper, we design a new security mechanism named combined public-key scheme in the case of attribute-based (CP-ABES) to address the user access control in WBANs. Our scheme combines encryption and digital signatures. It uses ciphertext-policy attribute-based encryption to achieve data confidentially, access control, and ciphertext-policy attribute-based signature to realize the identity authentication. The access policy used in our scheme is threshold. Based on this feature, the length of ciphertext and signature of our scheme is constant. Our scheme provides confidentiality, unforgeability, signer privacy and collusion resistance. We prove the efficiency of our scheme theoretically and analyze the security level and energy consumption of our scheme.

Shan Shan,Bo Zhang

DOI: https://doi.org/10.1007/s11277-024-11012-7

IF: 2.017

2024-04-19

Wireless Personal Communications

Abstract:Recently, Kasyoka et al. (Wirel Pers Commun 118:3349–3366, 2021) presented a new pairing free certificateless signcryption scheme for use in ubiquitous healthcare systems. Kasyoka et al. gave a formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack for their scheme in random oracle model. In this paper, we give a cryptographic analysis and the results show that, in their newly proposed scheme, internal users can forge the signcryption ciphertext sent to them. The more serious is that Kasyoka et al.'s scheme can not resist public key replacement attack. Any user can forge or unsigncrypt a signcryption ciphertext by launching a public key replacement attack without knowing partial private key. Therefore, Kasyoka et al.'s scheme is not safe for use in ubiquitous healthcare systems.

telecommunications

Yihao Hu,Chunguang Huang,Hai Cheng

DOI: https://doi.org/10.1016/j.comcom.2024.02.020

IF: 5.047

2024-02-28

Computer Communications

Abstract:Smart healthcare overcomes the limitations of time and space, allowing users to access medical and health services anywhere and anytime, thus improving the quality and efficiency of these services. However, due to its excessive reliance on wireless public networks, smart healthcare faces challenges and issues related to communication security. As a result, authentication and key agreement are critical as the first line of defense for smart healthcare communications. Over the past few years, numerous authentication and key agreement schemes have been proposed by experts and scholars, but most of these schemes are not applicable to practical scenarios due to their lack of security and efficiency. To address these issues, we propose an elliptic curve-based certificateless conditional privacy-preserving authentication and key agreement scheme. This scheme does not require endorsement from a Certificate Authority (CA) and features lightweight and secure properties, making it suitable for resource-limited smart healthcare communication. In addition, the security of the proposed scheme is proven under the random oracle model, and its safety is supplemented using BAN logic. Finally, performance analysis reveals that the proposed scheme not only satisfies security property and can withstand general attacks but also offers certain advantages in communication efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xincheng Li,Lifeng Zhou,Xinchun Yin,Jianting Ning

DOI: https://doi.org/10.1109/jiot.2023.3327505

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Due to the advent of healthcare wireless medical sensor networks (HWMSNs) technology, the traditional model of medical treatment has been transformed. In HWMSNs environments, sensor nodes (e.g., wearable devices) collect medical data from patients and transmit them to doctors for diagnosis. Several certificateless aggregate signature (CLAS) schemes have been put forward to guarantee secure transmission of medical data and privacy of patients in HWMSNs. However, the utilization of a centralized key generation center (KGC) implies elevated risk of insecurity and privacy disclosure. Practical and destructive coalition attacks resulting from the collusion of an insider signer with a malicious KGC are difficult to resist. Therefore, a security-enhanced certificateless designated verifier anonymous aggregate signature (CL-DVAAS) scheme is devised to solve these problems. As introduced in the YOSO (You Only Speak Once) model, an ever-changing, unpredictable committee replaces the role of the KGC for system initialization and key distribution. The serverless computing paradigm empowers the proposed scheme with excellent attack prevention and privacy protection capabilities. The proposed scheme is provably secure against various types of attacks in the random oracle model. Moreover, the performance evaluation and comparison illustrate that our scheme outperforms the state-of-the-art solutions.

Jingwei Liu,Zonghua Zhang,Xiaofeng Chen,Kyung Sup Kwak

DOI: https://doi.org/10.1109/tpds.2013.145

IF: 5.3

2014-02-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Wireless body area network (WBAN) has been recognized as one of the promising wireless sensor technologies for improving healthcare service, thanks to its capability of seamlessly and continuously exchanging medical information in real time. However, the lack of a clear in-depth defense line in such a new networking paradigm would make its potential users worry about the leakage of their private information, especially to those unauthenticated or even malicious adversaries. In this paper, we present a pair of efficient and light-weight authentication protocols to enable remote WBAN users to anonymously enjoy healthcare service. In particular, our authentication protocols are rooted with a novel certificateless signature (CLS) scheme, which is computational, efficient, and provably secure against existential forgery on adaptively chosen message attack in the random oracle model. Also, our designs ensure that application or service providers have no privilege to disclose the real identities of users. Even the network manager, which serves as private key generator in the authentication protocols, is prevented from impersonating legitimate users. The performance of our designs is evaluated through both theoretic analysis and experimental simulations, and the comparative studies demonstrate that they outperform the existing schemes in terms of better trade-off between desirable security properties and computational overhead, nicely meeting the needs of WBANs.

computer science, theory & methods,engineering, electrical & electronic

Hu Xiong,Shikun Wu,Ji Geng,Emmanuel Ahene,Songyang Wu,Zhiguang Qin

DOI: https://doi.org/10.3837/tiis.2015.03.023

2015-01-01

KSII Transactions on Internet and Information Systems

Abstract:Certificate-based signature (CBS) combines the advantages of both public key-based signature and identity-based signature, while saving from the disadvantages of drawbacks in both PKS and IBS. The insecure deployment of CBS under the hostile circumstances usually causes the exposure of signing key to be inescapable. To resist the threat of key leakage, we present a pairing-free key insulated CBS scheme by incorporating the idea of key insulated mechanism and CBS. Our scheme eliminates the costly pairing operations and as a matter of fact outperforms the existing key insulated CBS schemes. It is more suitable for low-power devices. Furthermore, the unforgeability of our scheme has been formally proven to rest on the discrete logarithm assumption in the random oracle model.

Pradeep Radhakrishnan,Praveen Kumar Sugumar,Preethi Ponnan,Gopirajan Punniyakotti Varadharajan

DOI: https://doi.org/10.1007/s12083-024-01717-8

IF: 3.488

2024-05-24

Peer-to-Peer Networking and Applications

Abstract:Wireless Sensor Networks has been characterized by a disseminated, structured, and independent collection of sensor nodes deployed for broad variants of applications ranging from military, environment-friendly, disaster management, wild-life smart-grid, emergency care, medical treatment and agriculture. However, data has been transmitted in a wide-open wireless infrastructure which can be highly poised with security and privacy attacks. Hence data sent through wireless sensor networks are to be protected. Typically, the sensor utilized is highly resource-constrained in nature, there is a need to achieve a better trade-off between the energy, efficacy, data transmission and scalability. Therefore, in order to cater to these requirements, a full privacy preserving distributed certificate-less signature authentication scheme for secure and efficient data transmission in wireless sensor networks has been proposed. The proposed technique utilizes elliptic curve cryptography, a pairing-free cryptography that offers high security even with smaller key sizes. In order to eliminate the problem of central dependency of the trusted authority or the key generation center, the proposed model utilizes a distributed way of key distribution and management thereby reducing the computational and communication burden associated with it. The proposed methodology has been proved to be efficient by means of security analysis using ROM model. Experimentation has been carried out by using the Networks Simulator tool (NS2) and the performance evaluation shows that the proposed authentication scheme has provided a better trade-off between the objectives like energy efficiency, routing, and scalability.

computer science, information systems,telecommunications

Junsong Zhang,Xiong Li,Jian Ma,Wendong Wang

DOI: https://doi.org/10.1155/2014/846901

IF: 1.938

2014-01-01

International Journal of Distributed Sensor Networks

Abstract:Wireless sensor networks (WSNs) have been widely deployed in different application domains ranging between environment monitoring, transportation, target tracking, and health care. However, due to the limited power supply of the sensors, the researchers introduce mobile sinks in WSNs to prolong its lifetime. When introducing the mobile sinks in WSNs, the authentication issue between the mobile sink and the sensors appears. However, there are few studies on the authentication issue when using mobile sinks in WSNs. In this paper, we present a bilinear pairing based authentication and key agreement scheme for the authentication between mobile sinks and cluster head in WSNs. The proposed scheme can solve the problems of mobile sink authentication and provide data confidentiality and integrity. Security and performance analysis demonstrate that the proposed scheme can resist against various attacks and meet the requirements of computational complexity in the environment of WSNs.

Zhaoyang Zhang,Honggang Wang,Athanasios V. Vasilakos,Hua Fang

DOI: https://doi.org/10.4108/icst.bodynets.2013.253689

2013-01-01

Abstract:Wireless Body Area Networks (WBANs) are the core of components of future m-Health system and is playing a crucial role in healthcare applications. A key requirement for such applications is secure communications between body sensors. This paper presents a novel key agreement scheme which allows wireless body sensors in WBANs to share a common key generated using wireless channel information. Unlike traditional biometric based security approach, the proposed key agreement does not need extra hardware, which can secure data communications in a plug-n-play manner. Our experimental results show that the proposed scheme is feasible for WBANs.

Xiaojun Zhang,Chunxiang Xu,Yuan Zhang,Chunhua Jin

DOI: https://doi.org/10.1007/s11277-017-4270-8

IF: 2.017

2017-01-01

Wireless Personal Communications

Abstract:Wireless sensor networks (WSNs) have been widely used in many applications recently. As an important application of the WSNs, the wireless medical sensor networks (WMSNs) could improve health-care quality and have become significant in the modern medical system. WMSNs devices typically have limited computing, storage and communication capabilities. To enhance the capabilities of WSNs, cloud-assisted WMSNs have been introduced, and they can provide more efficient processing of cloud users’ medical data records stored in the cloud. The integrity of medical data records is very important since these data will be used to provide a medical diagnosis and other medical treatments. In this paper, we propose an efficient integrity verification scheme for medical data records in cloud-assisted WMSNs. Based on elliptic curve digital signature algorithm, we construct linearly homomorphic authenticator, so that the third party auditor (TPA) can verify the the integrity of medical data records without bringing in new security threats. TPA does not need to retrieve the entire medical data records, thus can dramatically reduce the communication and computation overhead. Moreover, we further extend our scheme to support batch integrity verification for multiple cloud users simultaneously. In particular, to achieve efficient medical data dynamic operations, using index hash tables, our scheme can execute dynamic operations efficiently. Performance comparison shows that our scheme is more light-weight, and can be used much more practically in cloud-assisted WMSNs.

Shanvendra Rai,Rituparna Paul,Subhasish Banerjee,Preetisudha Meher,Rai, Shanvendra,Paul, Rituparna,Banerjee, Subhasish,Meher, Preetisudha

DOI: https://doi.org/10.1007/s11276-024-03690-9

IF: 2.701

2024-03-07

Wireless Networks

Abstract:Wireless medical sensor network (WMSN) is an application of the Internet of Things (IoT) that plays a very important role in today's era for the healthcare industry, especially after the COVID-19 pandemic. To maintain the security and privacy of the real-time health information of the users or patients, the proper mutual authentication and key agreement (AKA) is the foremost necessity. In this context, Shadi Nashwan proposed an end-to-end authentication scheme for a healthcare IoT system i.e. WMSN, and claimed that their scheme could resist so many existing possible threats and could maintain a low computational cost too. Unfortunately, during this research, it is found that their scheme can be threatened by eavesdropping and jamming/desynchronization attacks and have many computational flaws, as well. Moreover, they also assumed that the gateway node (GWN) is always trustworthy, but in reality, it is not always feasible, as the GWN may act as a local server. Hence, in this article, a new AKA scheme has been proposed using the user's physiological information like ECG data in order to make the WMSN more secure and reliable. In addition, the proposed scheme can resist many well-known threats like GWN spoofing attack, key escrow problem and can guard against GWN stolen database problem, also. To proof the superiority of the proposed scheme, the informal and formal security analysis have been performed using automated validation of internet security protocols and applications (i.e. AVISPA) and Burrows–Abadi–Needham (BAN) logic, respectively. Based on the comparative study with existing schemes concerning security features, computational and communicational cost, and storage requirement; the proposed scheme can perform better than the existing schemes and well suitable for practical implementations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Bahaa Hussein Taher,Muhammad Yasir,Abraham Isiaho,Judith N. Nyakanga

DOI: https://doi.org/10.30564/jcsr.v4i3.4258

2022-07-13

Journal of Computer Science Research

Abstract:Wireless sensor networks process and exchange mission-critical data relating to patients’ health status. Obviously, any leakages of the sensed data can have serious consequences which can endanger the lives of patients. As such, there is need for strong security and privacy protection of the data in storage as well as the data in transit. Over the recent past, researchers have developed numerous security protocols based on digital signatures, advanced encryption standard, digital certificates and elliptic curve cryptography among other approaches. However, previous studies have shown the existence of many security and privacy gaps that can be exploited by attackers to cause some harm in these networks. In addition, some techniques such as digital certificates have high storage and computation complexities occasioned by certificate and public key management issues. In this paper, a certificateless algorithm is developed for authenticating the body sensors and remote medical server units. Security analysis has shown that it offers data privacy, secure session key agreement, untraceability and anonymity. It can also withstand typical wireless sensor networks attacks such as impersonation, packet replay and man-in-the-middle. On the other hand, it is demonstrated to have the least execution time and bandwidth requirements.

Chen Yulei,Chen Jianhua

DOI: https://doi.org/10.1007/s11227-021-03820-6

IF: 3.3

2021-01-01

The Journal of Supercomputing

Abstract:Wireless sensor networks (WSNs) are usually deployed in hostile or unattended areas, and users need to obtain real-time data from WSNs. The data collected by sensor nodes are usually relatively private and sensitive, so users must pass the identity authentication before obtaining the information perceived by sensor nodes. In order to enhance the security of wireless sensor networks and prevent illegal users from accessing sensor nodes, this paper designs an efficient and secure identity authentication protocol for wireless sensor networks. The proposed protocol makes full use of the advantages of lightweight cryptographic primitives such as physical unclonable function, one-way hash function and bitwise exclusive operation. Moreover, users only need to use biometrics (such as fingerprints, iris) to access the remote systems and do not need to rely on any password, which avoids the trouble of memorizing and losing password. To prove the scheme's security, the well-known formal security proof with random oracle model and traditional heuristic discussion are given. Additionally, the performance comparison results show that our scheme has less communication overhead and computation complexity, and is effective for the resource constrained sensor devices in WSNs.

Xiong Li,Maged Hamada Ibrahim,Saru Kumari,Arun Kumar Sangaiah,Vidushi Gupta,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.comnet.2017.03.013

IF: 5.493

2017-01-01

Computer Networks

Abstract:Wireless body area networks (WBANs) are used to collect and exchange vital and sensitive information about the physical conditions of patients. Due to the openness and mobility of such networks, even without knowing the context of the exchanged data or linking traffic to the identities of involved sensors, criminals are able to gain useful information about the severe conditions of patients and carry effective undetectable physical attacks. Therefore, confidentiality and mutual authentication services are essential for WBANs, and the transmission must be anonymous and unlinkable as well. Given the limitations of the resources available for these sensors, a lightweight anonymous mutual authentication and key agreement scheme for centralized two-hop WBANs is proposed in this paper, which allows sensor nodes attached to the patient’s body to authenticate with the local server/hub node and establish a session key in an anonymous and unlinkable manner. The security of our scheme is proved by rigorous formal proof using BAN logic and also through informal analysis. Besides, the security of our scheme is evaluated by using the Automated Validation of Internet Security Protocols and Applications (AVISPA) as well. Finally, we compare our proposed scheme with other related schemes and the comparison results show that our scheme outperforms previously related schemes.