{"title":"Secure Hierarchical Deterministic Key Generation Scheme in Blockchain-based Medical Environment","authors":"Taehoon Kim, Imyeong Lee","doi":"10.1145/3409934.3409958","DOIUrl":null,"url":null,"abstract":"Blockchain is essentially a form of distributed data storage technology. It is designed to prevent arbitrary manipulation by operators of distributed nodes and contains a list of changes that records the continuously changing data on the participating nodes. Currently, various blockchain-based services are appearing. in particular, blockchain-based medical convergence services are emerging worldwide. In a blockchain-based medical environment, hospitals, departments, doctors and patients must frequently update and use all public and private key pairs to minimize the leakage of personal information. As such, key pairs management is of great importance. To securely manage keys in such a medical environment, hierarchical deterministic wallet is used. Defined as Bitcoin's BIP32 standard, it is currently the most commonly used technology and allows hospitals to easily derive and manage the key of departments, doctors and patients. In addition, if the hospital, which is at the root level, backs up the first seed value, the doctor and patient can easily recover the key in the future, in case it is lost. However, problems have been found with hierarchical deterministic wallets. The attacker can infer the doctor's private key by obtaining doctor's public key, chain code, or the patient's index and private key. In addition, there is a privilege escalation attack that can be acquired up to the department or hospital's private key. Subsequently, an attacker can leak personal information, such as the personal information of doctors or medical records of managed patients. That is why the current BIP32 standard does not include the function to derive lower public keys from the higher public keys. In this scheme, we maintain the functionality removed from BIP32. In addition, we propose a secure scheme of hierarchical deterministic key generation scheme in blockchain-based medical environment by preventing privilege escalation attack.","PeriodicalId":145384,"journal":{"name":"Proceedings of the 2nd International Electronics Communication Conference","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2nd International Electronics Communication Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3409934.3409958","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Blockchain is essentially a form of distributed data storage technology. It is designed to prevent arbitrary manipulation by operators of distributed nodes and contains a list of changes that records the continuously changing data on the participating nodes. Currently, various blockchain-based services are appearing. in particular, blockchain-based medical convergence services are emerging worldwide. In a blockchain-based medical environment, hospitals, departments, doctors and patients must frequently update and use all public and private key pairs to minimize the leakage of personal information. As such, key pairs management is of great importance. To securely manage keys in such a medical environment, hierarchical deterministic wallet is used. Defined as Bitcoin's BIP32 standard, it is currently the most commonly used technology and allows hospitals to easily derive and manage the key of departments, doctors and patients. In addition, if the hospital, which is at the root level, backs up the first seed value, the doctor and patient can easily recover the key in the future, in case it is lost. However, problems have been found with hierarchical deterministic wallets. The attacker can infer the doctor's private key by obtaining doctor's public key, chain code, or the patient's index and private key. In addition, there is a privilege escalation attack that can be acquired up to the department or hospital's private key. Subsequently, an attacker can leak personal information, such as the personal information of doctors or medical records of managed patients. That is why the current BIP32 standard does not include the function to derive lower public keys from the higher public keys. In this scheme, we maintain the functionality removed from BIP32. In addition, we propose a secure scheme of hierarchical deterministic key generation scheme in blockchain-based medical environment by preventing privilege escalation attack.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
