电子医疗环境中可证明安全的认证密钥管理机制

IF 8.2 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2025-04-17 DOI:10.1109/JIOT.2025.3561892

Muhammad Asad Saleem;Xiong Li;Khalid Mahmood;Zahid Ghaffar;Yong Xie;Guijuan Wang

{"title":"电子医疗环境中可证明安全的认证密钥管理机制","authors":"Muhammad Asad Saleem;Xiong Li;Khalid Mahmood;Zahid Ghaffar;Yong Xie;Guijuan Wang","doi":"10.1109/JIOT.2025.3561892","DOIUrl":null,"url":null,"abstract":"The Internet of Things (IoT) is rapidly permeating all aspects of human life, involving a network of devices that share sensitive data. A notable application is the e-healthcare systems, which employ connected sensors, medical servers, and wearable devices. However, the public nature of communication in e-healthcare systems poses challenges, such as security, privacy, and authentication of participating entities. Recently, many authentication protocols have been introduced to address these challenges. However, most of these protocols remain vulnerable to various security attacks, including device or medical server impersonation, denial of service, physical or cloning, and de-synchronization attacks. Therefore, we introduce an authenticated key-management protocol utilizing hash functions and cipher-block chaining-advanced encryption standard encryption (CBC-AES) encryption. The proposed protocol also employs the physical unclonable function (PUF), which makes it more robust and efficient in resisting physical or cloning attacks. Additionally, the proposed scheme resists various security threats, including impersonation, session key leakage, ephemeral secret leakage, and de-synchronization attacks. We analyze the scheme’s security and reliability through formal and informal analysis. The informal analysis demonstrates that the scheme encompasses crucial security features, while the formal analysis substantiates. Moreover, performance analysis of the proposed protocol with various competing results indicates that our protocol achieves an average reduction in communication and computation overheads by 36.03.% and 41.79%, respectively.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 14","pages":"26933-26942"},"PeriodicalIF":8.2000,"publicationDate":"2025-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Provably Secure Authenticated Key-Management Mechanism for e-Healthcare Environment\",\"authors\":\"Muhammad Asad Saleem;Xiong Li;Khalid Mahmood;Zahid Ghaffar;Yong Xie;Guijuan Wang\",\"doi\":\"10.1109/JIOT.2025.3561892\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Internet of Things (IoT) is rapidly permeating all aspects of human life, involving a network of devices that share sensitive data. A notable application is the e-healthcare systems, which employ connected sensors, medical servers, and wearable devices. However, the public nature of communication in e-healthcare systems poses challenges, such as security, privacy, and authentication of participating entities. Recently, many authentication protocols have been introduced to address these challenges. However, most of these protocols remain vulnerable to various security attacks, including device or medical server impersonation, denial of service, physical or cloning, and de-synchronization attacks. Therefore, we introduce an authenticated key-management protocol utilizing hash functions and cipher-block chaining-advanced encryption standard encryption (CBC-AES) encryption. The proposed protocol also employs the physical unclonable function (PUF), which makes it more robust and efficient in resisting physical or cloning attacks. Additionally, the proposed scheme resists various security threats, including impersonation, session key leakage, ephemeral secret leakage, and de-synchronization attacks. We analyze the scheme’s security and reliability through formal and informal analysis. The informal analysis demonstrates that the scheme encompasses crucial security features, while the formal analysis substantiates. Moreover, performance analysis of the proposed protocol with various competing results indicates that our protocol achieves an average reduction in communication and computation overheads by 36.03.% and 41.79%, respectively.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 14\",\"pages\":\"26933-26942\"},\"PeriodicalIF\":8.2000,\"publicationDate\":\"2025-04-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10969518/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10969518/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

物联网（IoT）正在迅速渗透到人类生活的各个方面，涉及共享敏感数据的设备网络。一个值得注意的应用是电子医疗保健系统，它使用连接的传感器、医疗服务器和可穿戴设备。然而，电子医疗保健系统中通信的公共性质带来了挑战，例如安全、隐私和参与实体的身份验证。最近，引入了许多身份验证协议来解决这些挑战。但是，这些协议中的大多数仍然容易受到各种安全攻击，包括设备或医疗服务器冒充、拒绝服务、物理或克隆以及去同步攻击。因此，我们引入了一种利用哈希函数和密码块链高级加密标准加密（CBC-AES）加密的身份验证密钥管理协议。该协议还采用了物理不可克隆功能（PUF），使其在抵抗物理或克隆攻击时更加健壮和有效。此外，该方案还可以抵御各种安全威胁，包括冒充、会话密钥泄漏、临时秘密泄漏和反同步攻击。通过正式分析和非正式分析，分析了方案的安全性和可靠性。非正式分析证明了该方案包含关键的安全特性，而正式分析则证实了这一点。此外，对各种竞争结果的性能分析表明，我们的协议实现了通信和计算开销的平均减少36.03。%和41.79%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Provably Secure Authenticated Key-Management Mechanism for e-Healthcare Environment

The Internet of Things (IoT) is rapidly permeating all aspects of human life, involving a network of devices that share sensitive data. A notable application is the e-healthcare systems, which employ connected sensors, medical servers, and wearable devices. However, the public nature of communication in e-healthcare systems poses challenges, such as security, privacy, and authentication of participating entities. Recently, many authentication protocols have been introduced to address these challenges. However, most of these protocols remain vulnerable to various security attacks, including device or medical server impersonation, denial of service, physical or cloning, and de-synchronization attacks. Therefore, we introduce an authenticated key-management protocol utilizing hash functions and cipher-block chaining-advanced encryption standard encryption (CBC-AES) encryption. The proposed protocol also employs the physical unclonable function (PUF), which makes it more robust and efficient in resisting physical or cloning attacks. Additionally, the proposed scheme resists various security threats, including impersonation, session key leakage, ephemeral secret leakage, and de-synchronization attacks. We analyze the scheme’s security and reliability through formal and informal analysis. The informal analysis demonstrates that the scheme encompasses crucial security features, while the formal analysis substantiates. Moreover, performance analysis of the proposed protocol with various competing results indicates that our protocol achieves an average reduction in communication and computation overheads by 36.03.% and 41.79%, respectively.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.