A blockchain-based medical IoT authentication scheme resistant to combined attacks

IF 4.4 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-03-26 DOI:10.1016/j.comnet.2025.111241

Ziwen Wang , Yajun Guo , Yimin Guo

{"title":"A blockchain-based medical IoT authentication scheme resistant to combined attacks","authors":"Ziwen Wang , Yajun Guo , Yimin Guo","doi":"10.1016/j.comnet.2025.111241","DOIUrl":null,"url":null,"abstract":"<div><div>The Medical Internet of Things (MIoT) has transformed the healthcare industry by facilitating telemedicine and real-time health monitoring. In MIoT, doctors can address patients’ issues at any time and in any scenario. However, MIoT faces common data security issues in IoT applications, and the unique nature of healthcare services demands higher privacy protection. Consequently, ensuring secure communication in MIoT is imperative. Traditional MIoT Authentication and Key Agreement (AKA) protocols often use centralized methods, presenting a single point of failure. Moreover, these protocols can only resist single attacks and cannot cope with combined attacks that attackers might launch. These limitations make it difficult to meet the actual needs of MIoT. To address these issues, we propose an MIoT authentication protocol that resists combined attacks and solves single points of failure by integrating Physical Unclonable Functions (PUF), blockchain technology, and Elliptic Curve Cryptography (ECC) while introducing fog computing. Security analysis demonstrates that the proposed protocol ensures semantic security and satisfies the specified security requirements even under combined attacks. Performance analysis indicates that our protocol achieves more comprehensive security features under combined attacks and has lower consumption in several aspects.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"263 ","pages":"Article 111241"},"PeriodicalIF":4.4000,"publicationDate":"2025-03-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625002099","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

The Medical Internet of Things (MIoT) has transformed the healthcare industry by facilitating telemedicine and real-time health monitoring. In MIoT, doctors can address patients’ issues at any time and in any scenario. However, MIoT faces common data security issues in IoT applications, and the unique nature of healthcare services demands higher privacy protection. Consequently, ensuring secure communication in MIoT is imperative. Traditional MIoT Authentication and Key Agreement (AKA) protocols often use centralized methods, presenting a single point of failure. Moreover, these protocols can only resist single attacks and cannot cope with combined attacks that attackers might launch. These limitations make it difficult to meet the actual needs of MIoT. To address these issues, we propose an MIoT authentication protocol that resists combined attacks and solves single points of failure by integrating Physical Unclonable Functions (PUF), blockchain technology, and Elliptic Curve Cryptography (ECC) while introducing fog computing. Security analysis demonstrates that the proposed protocol ensures semantic security and satisfies the specified security requirements even under combined attacks. Performance analysis indicates that our protocol achieves more comprehensive security features under combined attacks and has lower consumption in several aspects.

查看原文本刊更多论文

基于区块链的抗组合攻击医疗物联网认证方案

医疗物联网（MIoT）通过促进远程医疗和实时健康监测，改变了医疗行业。在物联网中，医生可以在任何时间、任何情况下解决病人的问题。然而，物联网面临物联网应用中常见的数据安全问题，医疗保健服务的独特性要求更高的隐私保护。因此，确保物联网中的安全通信是必不可少的。传统的物联网认证和密钥协议（AKA）协议通常使用集中式方法，呈现单点故障。此外，这些协议只能抵御单一攻击，无法应对攻击者可能发起的组合攻击。这些限制使其难以满足实际的物联网需求。为了解决这些问题，我们提出了一种物联网认证协议，该协议通过集成物理不可克隆函数（PUF），区块链技术和椭圆曲线加密（ECC）来抵抗组合攻击并解决单点故障，同时引入雾计算。安全性分析表明，即使在组合攻击下，该协议也能保证语义安全，满足指定的安全要求。性能分析表明，我们的协议在组合攻击下实现了更全面的安全特性，并且在几个方面具有更低的消耗。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.