..............................
..............................
..............................
Privacy Preserving Authenticated Key Agreement based on Bilinear Pairing for uHealthcare
With the growth of wireless communication technologies and sensor technologies, ubiquitous Healthcare
(uHealthcare) based on Internet of Things (IoT) is becoming a big research focus from various researchers. However, security
and privacy issues are top most important focuses to be solved for the success of uHealthcare services. This paper shows that
Mahmood et al.’s authentication and prescription safety protocol is prone to denial of service attack and stolen-verifier attack.
Furthermore, we propose a privacy preserving authenticated key agreement protocol for IoT based uHealthcare, which is based
on hash function, symmetric key cryptosystem and bilinear pairing. The proposed protocol efficiently solves the security and
privacy problems in Mahmood et al.’s protocol and also provides computational efficiency compared to the related protocols.
[1] Cho S. and Kim H., “Hash Chain Based Authenticated Secure Communication for Healthcare System,” International Journal of Advances in Science Engineering and Technology, vol. 7, no. 2, pp. 41-46, 2019.
[2] Dai W., http://www.cryptopp.com, Last Visited, 2021.
[3] Debiao H., Jianhua C., and Rui Z., “A More Secure Authentication Scheme for Telecare Medicine Information Systems,” Journal of Medical Systems, vol. 36, no. 3, pp. 1989-1995, 2012.
[4] Houhamdi Z. and Athamena B., “Identity Identification and Management in the Internet of Things,” The International Arab Journal of Information Technology, vol. 17, no. 4A, pp. 645- 654, 2020.
[5] Kapito B., Nyirenda M., and Kim H., “Privacy- Preserving Machine Authenticated Key Agreement for Internet of Things,” International Journal of Computer Networks and Communications, vol. 13, no. 2, pp. 99-120, 2021.
[6] Kim H., “Freshness-Preserving Non-Interactive Hierarchical Key Agreement Protocol over WHMS,” Sensors, vol. 14, no. 12, pp. 23742- 23757, 2014.
[7] Kim H., Ryu E., and Lee S., “Security Considerations on Cognitive Radio Based Body Area Networks for U-Healthcare,” Journal of Security Engineering, vol. 10, no. 1, pp. 9-20, 2013.
[8] Ku D. and Kim H., “Enhanced User Authentication with Privacy for IoT-Based Medical Care System,” International Journal of Computer Theory and Engineering, vol. 10, no. 4, pp. 125-129, 2018.
[9] Lee S., Kim H., and Yoo K., “Cryptanalysis of A User Authentication Scheme Using Hash Functions,” ACM SIGOPS Operating Systems Review, vol. 38, no. 1, pp. 24-28, 2004.
[10] Liu H., Wu Z., Peng C., Tian F., and Lu L., “Privacy-Preserving Data Aggregation 530 The International Arab Journal of Information Technology, Vol. 18, No. 4, July 2021 Framework for Mobile Service Based Multiuser Collaboration,” The International Arab Journal of Information Technology, vol. 17, no. 4, pp. 450- 460, 2020.
[11] Mahmood Z., Ning H., Ullah A., and Yao X., “Secure Authentication and Prescription Safety Protocol for Telecare Health Services Using Ubiquitous IoT,” Applied Sciences, vol. 7, no. 10, pp. 1-22, 2017.
[12] Mohamed M., Ghanem S., and Nagi M., “Privacy- Preserving for Distributed Data Streams: Towards I-Diversity,” The International Arab Journal of Information Technology, vol. 17, no. 1, pp. 52-64, 2020.
[13] Moosavi S., Gia T., Nigussie E., Rahmani A., Virtanen S., Tenhunen H., and Isoaho J., “Session Resumption-Based End-to-End Security for Healthcare Internet-of-Things,” in Proceedings of the International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, Liverpool, pp. 581-588, 2015.
[14] Moosavi S., Gia T., Rahmani A., Nigussie E., Virtanen S., Isaoaho J., and Tenhunen H., “SEA: A Secure and Efficient Authentication and Authorization Architecture for Iot-Based Healthcare Using Smart Gateways,” Procedia Computer Science, vol. 52, 452-459, 2015.
[15] Nguyen H., Mirza F., Naeem M., and Nguyen M., “A Review on Iot Healthcare Monitoring Applications and A Vision for Transforming Sensor Data Into Real-Time Clinical Feedback,” in Proceedings of the 21st International Conference on Computer Supported Cooperative Work in Design, Wellington, pp. 257-262, 2017.
[16] Rao R., https://theiotmagazine.com/internet-of- things-iot-healthcare-benefits-2aae663c5c79, Last Visited, 2018.
[17] Wei J., Hu X., and Liu W., “An Improved Authentication Scheme for Telecare Medicine Information Systems,” Journal of Medical Systems, vol. 36, no. 6, pp. 3597-3604, 2012.
[18] Wu S., Chiang R., Chang S., and Chang W., “An Interactive Telecare System Enhanced with IoT Technology,” IEEE Pervasive Computing, vol. 16, no. 3, pp. 62-69, 2017.
[19] Wu Z., Lee Y., Lai F., Lee H., and Chung Y., “A Secure Authentication Scheme for Telecare Medicine Information Systems,” Journal of Medical Systems, vol. 36, no. 3, pp. 1529-1535, 2012.
[20] Xiong H., Tao J., and Yuan C., “Enabling Telecare Medical Information Systems with Strong Authentication and Anonymity,” IEEE Access, vol. 5, pp. 5648-5661, 2017.
[21] Zhu Z., “An Efficient Authentication Scheme for Telecare Medicine Information Systems,” Journal of Medical Systems, vol. 36, no. 6, pp. 3833-3838, 2012. Sunghyun Cho received the M.Sc. degree in Cyber Security from Kyungil University, Korea, in 2021. He is a Master’s Degree student at College of Computing, Sungkyunkwan University, Korea from 2021. His research interests include cryptography, authentication technologies, network security, ubiquitous computing security, and security protocol. Hyunsung Kim received the M.Sc. and Ph.D. degrees in computer engineering from Kyungpook National University, Korea, in 1998 and 2002, respectively. He is a Professor at the School of Computer Science, Kyungil University, Korea from 2012. Furthermore, he is currently a visiting professor at the Department of Mathematical Sciences, Chancellor College, University of Malawi, Malawi from 2015. He also was a visiting researcher at Dublin City University in 2009. His research interests include cryptography, VLSI, authentication technologies, network security, ubiquitous computing security, and security protocol.