A Traceable and Anonymous Mutual Authentication Scheme for Smart Healthcare on Elliptic Curves

The rapid development of big data technologies has exacerbated the challenge of maintaining patient privacy in smart healthcare environments. Although previous mutual patient–physician authentication systems achieve basic anonymization, patients' communication addresses are still exposed, and attackers can analyze transaction records to establish correlations between users' addresses and even obtain their real identities. To address this problem, we propose a user anonymization scheme based on the elliptic curve discrete logarithmic problem assumption, which aims to prevent malicious interception and theft of patients' personal data by obfuscating the identity of registered users. By combining identity-based encryption with advanced anonymization techniques and reconstructing signatures of knowledge, traceability is achieved while ensuring that only the intended recipient with the corresponding private key can decrypt the data. The validation shows that our system guarantees unlinkability and anonymity while resisting hijacking attacks and man-in-the-middle attacks, and it is simulated using JPBC 2.0.0 (Jdk version 14.0.1), which shows that the communication overhead needs 808 bytes and that the computation overhead for system initialization, signature, and validation are 102, 167, and 70 ms, respectively.