Secure and Efficient Certificateless Signcryption Protocol for Wireless Body Area Networks (WBANs) (original) (raw)
Related papers
Provably secure certificateless protocol for wireless body area network
Wireless Networks
Wireless body area networks are gaining popularity due to their innovative applications such as timely analysis, remote monitoring of patients' health, and high patient care quality. However, these healthcare systems that carry patient's physiological data need special attention for the security and privacy of information. Due to the openness of transmitted data, the healthcare system gets prone to several adverse attacks. In this paper, a provably secure remote healthcare system is proposed based on the elliptic curve cryptosystem. The goal is to enable confidentiality and privacy of sensitive information by designing a certificateless authenticated key agreement protocol with low computational cost and higher security. The proposed scheme achieves anonymity, resistance to key escrow problems, mutual authentication between the sensor nodes attached to patients and the application provider. Furthermore, the protocol undergoes formal security analysis using the random oracle model, and the soundness of the proposed scheme is validated using ProVerif. Finally, the performance analysis depicts that the proposed scheme is efficient compared to existing methods.
Towards an Efficient Certificateless Access Control Scheme for Wireless Body Area Networks
Wireless Personal Communications, 2020
Wireless body area networks have become popular due to recent technological developments in sensor technology. A sensor can be used to collect data from different environments of interest, process and communicate the data to other nodes in a network. By its very nature, a sensor node is limited in resource usage. Due to these limitations, numerous security challenges have emerged in their applications, hence the need for more efficient and secure cryptosystems. In this paper, we give an efficient certificateless pairingfree signcryption scheme then design a secure access control scheme that can satisfy both the properties of ciphertext authentication and public verifiability using the signcryption scheme. A formal security proof of our scheme in random oracle model is provided. In addition, we compare the efficiency of our access control scheme with other existing schemes that are based on signcryption scheme. The analysis reveals that our scheme achieves better trade-off for computational and communication cost.
Electronics
Recently, the spectacular innovations in the fields of wireless body area networks (WBAN) and the Internet of Things (IoT) have made e-Care services rise as a promising application domain, which significantly advances the quality of the medical system, however, due to the openness of the wireless environment and privacy of people’s physiological data, WBAN and IoT are prone to various cyber-attacks. There is a significant need for an efficient and highly secured cryptographic scheme that can meet the requirements of resource-constrained devices. Therefore, in this paper, we propose a certificate-based signcryption (CB-SN) scheme for the IoT-enabled WBAN. The proposed scheme is based on the concept of hyper-elliptic curve cryptography (HECC) that offers the same level of security as the elliptic curve and bilinear pairing with lower-key size. The formal security verification using the Automated Validation of the Internet Security Protocols and Applications (AVISPA) tool along with in...
Wireless Communications and Mobile Computing
In the last few years, the wireless body area network (WBAN) has emerged as an appealing and viable option in the e-health application domain. WBAN technology is primarily used to offer continuous screening of health data to patients, independent of their location, time, or activity. A WBAN, on the other hand, is vulnerable to different cyberattacks due to the openness of the wireless environment and the privacy of people’s physiological data. A highly efficient and secure cryptographic scheme that can fulfill the needs of resource-constrained WBAN sensors and devices is considered necessary. First, we take a look at the most up-to-date security solutions for WBANs. Then, we go through some of the underlying concerns and challenges with WBAN security. We propose a new framework called secure channel free certificateless signcryption scheme for WBANs based on a hyperelliptic curve that can meet security requirements such as confidentiality, anonymity, integrity, resistance against un...
Efficient Certificateless Access Control for Wireless Body Area Networks
— Wireless body area networks (WBANs) are expected to act as an important role in monitoring the health information and creating a highly reliable ubiquitous healthcare system. Since the data collected by the WBANs are used to diagnose and treat, only authorized users can access these data. Therefore, it is important to design an access control scheme that can authorize, authenticate, and revoke a user to access the WBANs. In this paper, we first give an efficient certificateless signcryption scheme and then design an access control scheme for the WBANs using the given signcryption. Our scheme achieves confidentiality, integrity, authentication, non-repudiation, public verifiability, and ciphertext authenticity. Compared with existing three access control schemes using signcryption, our scheme has the least computational cost and energy consumption for the controller. In addition, our scheme has neither key escrow nor public key certificates, since it is based on certificateless cryptography.
IEEE Internet of Things Journal, 2019
In an ordinary signature scheme any one can verify the validity of a signature produced by the signer. But public verifiability of signatures is not desirable in some applications where the signed message is sensitive to the signature receiver, for example signatures on medical records, tax information. To meet this requirement, the concept of directed signature was introduced. A directed signature scheme is a kind of signature scheme in which the verification ability is controlled by the signer. Many directed signature schemes have been proposed in different cryptographic settings and most of the schemes are using bilinear pairings over elliptic curves. But the computation of a bilinear pairing is very expensive. Hence the schemes which use pairings are less efficient and are not much applicable in practice. In order to improve the computational and communicational efficiency, in this paper, we propose a pairing-free certificateless directed signature scheme. The proposed scheme is proven secure in the random oracle model under the assumption that the elliptic curve discrete logarithm problem is hard. We compare our scheme with well known existing schemes and efficiency analysis shows that the proposed scheme is more efficient.
2016
Recently, with the technical advancements in wearable medical sensors and wireless communication techniques, Wireless Body Area Network (WBAN) has emerged as a new technology for e-health care service. The wearable medical device (WMD) aims at collecting an individual's medical data unobtrusively and ubiquitously. The security of the data collected from a WBAN remains a major unsolved concern. So, a certificateless remote anonymous authentication protocol is used to overcome the above challenges and to prevent the leakage of user's private information from unauthorized users. It eliminates the need for distributing clients account information to the application providers and also it achieves forward security. However the revocation functionality of anonymous remote authentication for the WBANs has not been considered in case the private key of the user has been leaked or the misbehaviour of the user has been detected. To address the demand a certificateless remote authentication protocol with efficient revocation is proposed. KUNodes algorithm is used to achieve the efficient revocation function. The revocation mechanism is highly scalable and it is especially suitable for the large-scale WBANs. The proposed authentication protocol is computationally efficient and it is provably secure against existential forgery compared with the existing one. Several key applications ranging from remote health monitoring to military/fitness training can be enabled by remote authentication in WBANs.
the rapid increase in healthcare demand has seen novel developments in health monitoring technologies, such as the body area networks (BAN) paradigm. In wireless body area network is a wireless network inside the body there are some devices are embedded, may be on the surface mounted on the body in a fixed position. The wireless body area network has two types of communication- Intra-body communication and Inter-body communication. To ensure the security and privacy of the patient’s health status in the wireless body area networks (WBAN’s), it is difficult to provide security for Inter-body communication between the smart portable devices (SPD) held by WBAN client and the application provider such as hospital, physician or medical staff. In this project, to ensure security for Inter-body communication, a remote authentication protocol with some features like non-repudiation, client anonymity, key escrow resistance and revocability in WBAN’s is proposed. Firstly, there is a certificate less encryption scheme and a certificate less signature scheme with efficient revocation against short-term key exposure. Secondly we have certificate less anonymous remote authentication with revocation will be constructed by incorporating the proposed encryption scheme and signature scheme. This mechanism is highly scalable and suitable for large scale WBAN’s.
An Anonymous Certificateless Signcryption Scheme for Internet of Health Things
IEEE Access, 2021
Internet of Health Things (IoHT) is a hot topic of research presently, which provides a reliable and intelligent healthcare system for monitoring the physical conditions of the patients over the Internet from anywhere and anytime. The ease of time-independent interaction from geographically remote areas is a core advantage of the IoHT system, which offers preventive or proactive healthcare facilities at a lower cost. IoHT communication, on the other hand, is usually carried out with a range of low-power biomedical sensors, rendering them vulnerable to cyber-attacks and incompatible with traditional cryptographic techniques. The most critical security concern in IoHT is ensuring the authenticity of patients' health-related messages sent over the internet. Other key concerns include receiver anonymity and forward security, which means that only the sender knows the identities of the recipients. As a result, even if the private key of senders compromised, the adversary will be unable to decrypt the ciphertext. Existing signcryption schemes that employ certificateless cryptography for the healthcare system failed to guarantee both receiver anonymity and forward security simultaneously. Therefore, in this article, we propose an anonymous certificateless signcryption scheme for IoHT applications, which is based on the notion of the Hyperelliptic Curve (HEC) cryptosystem to satisfy these security requirements. The proposed scheme guarantees formal security analysis for confidentiality, unforgeability, and receiver anonymity using the Random Oracle Model (ROM). The results authenticate that the proposed scheme improves security while lowering computation and communication costs. INDEX TERMS Internet of things, IoHT, security, signcryption, hyperelliptic curve cryptosystem, random oracle model.
A Comprehensive Survey on Signcryption Security Mechanisms in Wireless Body Area Networks
Sensors, 2022
WBANs (Wireless Body Area Networks) are frequently depicted as a paradigm shift in healthcare from traditional to modern E-Healthcare. The vitals of the patient signs by the sensors are highly sensitive, secret, and vulnerable to numerous adversarial attacks. Since WBANs is a real-world application of the healthcare system, it’s vital to ensure that the data acquired by the WBANs sensors is secure and not accessible to unauthorized parties or security hazards. As a result, effective signcryption security solutions are required for the WBANs’ success and widespread use. Over the last two decades, researchers have proposed a slew of signcryption security solutions to achieve this goal. The lack of a clear and unified study in terms of signcryption solutions can offer a bird’s eye view of WBANs. Based on the most recent signcryption papers, we analyzed WBAN’s communication architecture, security requirements, and the primary problems in WBANs to meet the aforementioned objectives. This...