适合基于物联网的医疗系统的隐私保护相互认证方案

M. Ebrahimi, M. Bayat, Behnam Zahednejad
{"title":"适合基于物联网的医疗系统的隐私保护相互认证方案","authors":"M. Ebrahimi, M. Bayat, Behnam Zahednejad","doi":"10.22042/ISECURE.2021.183936.463","DOIUrl":null,"url":null,"abstract":"The medical system remains among the fastest to adopt the Internet of Things. The reason for this trend is that integration Internet of Things(IoT) features into medical devices greatly improve the quality and effectiveness of service. However, there are many unsolved security problems. Due to medical information is critical and important, authentication between users and medical servers is an essential issue. Recently, Park et al. proposed an authentication scheme using Shamir's threshold technique for IoT-based medical information system and claimed that their scheme satisfies all security requirements and is immune to various types of attacks. However, in this paper, we show that Park et al.'s scheme does not achieve user anonymity, forward security, and mutual authentication and it is not resistant to the DoS attacks and then we introduce an improved mutual authentication scheme based on Elliptic Curve Cryptography (ECC) and Shamir 's secret sharing for IoT-based medical information system.In this paper, we formally analyze the security properties of our scheme via the ProVerif. Moreover, we compare our proposed scheme with other related schemes in terms of security and performance.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Privacy Preserving Mutual Authentication Scheme Suitable for IoT-Based Medical Systems\",\"authors\":\"M. Ebrahimi, M. Bayat, Behnam Zahednejad\",\"doi\":\"10.22042/ISECURE.2021.183936.463\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The medical system remains among the fastest to adopt the Internet of Things. The reason for this trend is that integration Internet of Things(IoT) features into medical devices greatly improve the quality and effectiveness of service. However, there are many unsolved security problems. Due to medical information is critical and important, authentication between users and medical servers is an essential issue. Recently, Park et al. proposed an authentication scheme using Shamir's threshold technique for IoT-based medical information system and claimed that their scheme satisfies all security requirements and is immune to various types of attacks. However, in this paper, we show that Park et al.'s scheme does not achieve user anonymity, forward security, and mutual authentication and it is not resistant to the DoS attacks and then we introduce an improved mutual authentication scheme based on Elliptic Curve Cryptography (ECC) and Shamir 's secret sharing for IoT-based medical information system.In this paper, we formally analyze the security properties of our scheme via the ProVerif. Moreover, we compare our proposed scheme with other related schemes in terms of security and performance.\",\"PeriodicalId\":436674,\"journal\":{\"name\":\"ISC Int. J. Inf. Secur.\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ISC Int. J. Inf. Secur.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.22042/ISECURE.2021.183936.463\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ISC Int. J. Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.22042/ISECURE.2021.183936.463","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

摘要

医疗系统仍然是采用物联网最快的领域之一。出现这种趋势的原因是,将物联网功能集成到医疗设备中可以大大提高服务质量和效率。然而,还有许多安全问题尚未解决。由于医疗信息非常关键和重要,用户和医疗服务器之间的身份验证是一个至关重要的问题。最近,Park 等人针对基于物联网的医疗信息系统提出了一种使用 Shamir 门限技术的身份验证方案,并声称他们的方案满足所有安全要求,并能抵御各种类型的攻击。然而,在本文中,我们发现 Park 等人的方案无法实现用户匿名性、前向安全性和相互认证,也无法抵御 DoS 攻击,因此我们为基于物联网的医疗信息系统引入了一种基于椭圆曲线加密(ECC)和 Shamir 秘密共享的改进型相互认证方案。此外,我们还将我们提出的方案与其他相关方案在安全性和性能方面进行了比较。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
A Privacy Preserving Mutual Authentication Scheme Suitable for IoT-Based Medical Systems
The medical system remains among the fastest to adopt the Internet of Things. The reason for this trend is that integration Internet of Things(IoT) features into medical devices greatly improve the quality and effectiveness of service. However, there are many unsolved security problems. Due to medical information is critical and important, authentication between users and medical servers is an essential issue. Recently, Park et al. proposed an authentication scheme using Shamir's threshold technique for IoT-based medical information system and claimed that their scheme satisfies all security requirements and is immune to various types of attacks. However, in this paper, we show that Park et al.'s scheme does not achieve user anonymity, forward security, and mutual authentication and it is not resistant to the DoS attacks and then we introduce an improved mutual authentication scheme based on Elliptic Curve Cryptography (ECC) and Shamir 's secret sharing for IoT-based medical information system.In this paper, we formally analyze the security properties of our scheme via the ProVerif. Moreover, we compare our proposed scheme with other related schemes in terms of security and performance.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
One-Shot Achievable Secrecy Rate Regions for Quantum Interference Wiretap Channel Quantum Multiple Access Wiretap Channel: On the One-Shot Achievable Secrecy Rate Regions Towards a Formal Approach for Detection of Vulnerabilities in the Android Permissions System Towards event aggregation for reducing the volume of logged events during IKC stages of APT attacks A Time Randomization-Based Countermeasure Against the Template Side-Channel Attack
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1