An efficient and authenticated key establishment scheme based on fog computing for healthcare system

doi:10.1007/s11704-021-0537-z

Front. Comput. Sci.

2022, Vol. 16

Issue (4) : 164815 https://doi.org/10.1007/s11704-021-0537-z

RESEARCH ARTICLE

An efficient and authenticated key establishment scheme based on fog computing for healthcare system

Xinghua LI¹, Ting CHEN¹, Qingfeng CHENG²(

), Jianfeng MA¹

¹. School of Cyber Engineering, Xidian University, Xi’an 710071, China
². Strategic Support Force Information Engineering University, Zhengzhou 450001, China

Download: PDF(28768 KB) HTML
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract

Because of its closeness to users, fog computing responds faster than cloud computing. Thus, it has been deployed to various applications, such as healthcare system. Recently, to ensure the secure communication of the fog-based healthcare system, Jia et al. proposed an authenticated key agreement scheme. Moreover, in view of the high computation cost existing in Jia et al.’s scheme, Ma et al. presented an efficient one using elliptic curve cryptography. In this paper, we observe that both the two schemes may potentially risk ephemeral key compromise attacks and need improving. Therefore, to overcome this potential risk, we propose a new authenticated scheme based on Jia et al.’s scheme using elliptic curve computational Diffie-Hellman hypothesis and hash functions. Additionally, we provide provable security under the adopted adversarial model and ProVerif simulation, and also analyze the performance in terms of computation and communication costs by comparisons. The analysis results show that the improved scheme resists the common attacks, reduces computation overhead, and has a certain significance.

Keywords authenticated key establishment ephemeral key compromise attack fog-driven healthcare system elliptic curve cryptography provable security ProVerif simulation

Corresponding Author(s): Qingfeng CHENG

Just Accepted Date: 03 March 2021 Issue Date: 01 December 2021

Cite this article:

Xinghua LI,Ting CHEN,Qingfeng CHENG, et al. An efficient and authenticated key establishment scheme based on fog computing for healthcare system[J]. Front. Comput. Sci., 2022, 16(4): 164815.

URL:

https://academic.hep.com.cn/fcs/EN/10.1007/s11704-021-0537-z
https://academic.hep.com.cn/fcs/EN/Y2022/V16/I4/164815

Fig.1 The scene of fog-based healthcare system

Fig.2 The authentication framework of the proposed scheme

Notations	Corresponding explanations
$T C$	The trusted cloud
$U i$	The $i$ th user
$F N j$	The $j$ th fog node
$I D i$	The $i$ th user $U i$ ’s identity
$I D j$	The $j$ th fog node $F N j$ ’s identity
$P W i$	The password of the $i$ th user $U i$
$s$	The master key selected by the trusted cloud
$P p u b$	The trusted cloud’s public key and its value is $s ? P$
$⊕$	The XOR operation

Tab.1 The notations of our scheme and corresponding explanations

Fig.3 The registration of user

U i

Fig.4 The registration of fog node

F N j

Fig.5 Step 1 of the authentication and key establishment phase

Fig.6 Step 2 of the authentication and key establishment phase

Fig.7 Step 3 of the authentication and key establishment phase

Fig.8 Step 4 of the authentication and key establishment phase

Fig.9 The result of simulation using ProVerif tool

Schemes	[9]	[10]	Ours
User	$2 T m + T b + 6 T h$	$3 T m + 4 T h$	$4 T m + 7 T h$
Fog node	$2 T m + T b + 4 T h$	$4 T m + 4 T h$	$5 T m + 5 T h$
Trusted cloud	$3 T m + T b + 11 T h$	$10 T m + 11 T h$	$6 T m + 12 T h$
Total cost	$7 T m + 3 T b + 21 T h$	$17 T m + 19 T h$	$15 T m + 24 T h$

Tab.2 Comparison on the computation cost with related schemes

Fig.10 Comparison on the computation cost with related works

Schemes	[9]	[10]	Ours
User	$4 Z p ? + G p + T$	$3 Z p ? + G p + T$	$4 Z p ? + 2 G p + T$
Fog node	$6 Z p ? + 4 G p + 3 T$	$6 Z p ? + 6 G p + 3 T$	$6 Z p ? + 8 G p + 3 T$
Trusted cloud	$4 Z p ? + G p + T$	$4 Z p ? + 3 G p + T$	$4 Z p ? + 3 G p + T$
Total cost	$14 Z p ? + 6 G p + 5 T$	$13 Z p ? + 10 G p + 5 T$	$14 Z p ? + 13 G p + 5 T$

Tab.3 Comparison on the communication cost with related schemes

Fig.11 Comparison on the communication cost with related works

1	P Bellavista , J Berrocal , A Corradi , S Das , L Foschini , A Zanni . A survey on fog computing for the Internet of Things. Pervasive and Mobile Computing, 2019, 52 : 71– 99
2	A V Dastjerdi , R Buyya . Fog computing: helping the Internet of Things realize its potential. Computer, 2016, 49( 8): 112– 116
3	Filho G P Rocha , R I Meneguette , G Maia , G Pessin , V P Gonçalves , L Weigang , J Ueyama , L A Villas . A fog-enabled smart home solution for decision-making using smart objects. Future Generation Computer Systems, 2020, 103 : 18– 27
4	X Hou , Y Li , M Chen , D Wu , D Jin , S Chen . Vehicular fog computing: a viewpoint of vehicles as the infrastructures. IEEE Transactions on Vehicular Technology, 2016, 65( 6): 3860– 3873
5	A A Mutlag , M K A Ghani , Na Arunkumar , M A Mohammed , O Mohd . Enabling technologies for fog computing in healthcare IoT systems. Future Generation Computer Systems, 2019, 90 : 62– 78
6	D N Kartheek, B Bhushan. Security issues in fog computing for Internet of Things. In: Architecture and Security Issues in Fog Computing Applications. IGI Global, 2020, 53– 63
7	M Mukherjee , R Matam , L Shu , L Maglaras , M A Ferrag , N Choudhury , V Kumar . Security and privacy in fog computing: challenges. IEEE Access, 2017, 5 : 19293– 19304
8	V Odelu , A K Das , M Wazid , M Conti . Provably secure authenticated key agreement scheme for smart grid. IEEE Transactions on Smart Grid, 2016, 9( 3): 1900– 1910
9	X Jia , D He , N Kumar , K K R Choo . Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Networks, 2019, 25( 8): 4737– 4750
10	M Ma , D He , H Wang , N Kumar , K K R Choo . An efficient and provably secure authenticated key agreement protocol for fog-based vehicular ad-hoc networks. IEEE Internet of Things Journal, 2019, 6( 5): 8065– 8075
11	L Catarinucci , D De Donno , L Mainetti , L Palano , L Patrono , M L Stefanizzi , L Tarricone . An IoT-aware architecture for smart healthcare systems. IEEE Internet of Things Journal, 2015, 2( 6): 515– 526
12	K Abouelmehdi , A Beni-Hessane , H Khaloufi . Big healthcare data: preserving security and privacy. Journal of Big Data, 2018, 5( 1): 1– 18
13	D T Handler, L Hauge, A Spognardi, N Dragoni. Security and privacy issues in healthcare monitoring systems: a case study. In: Proceedings of the 10th International Joint Conference on Biomedical Engineering Systems and Technologies. 2017, 383– 388
14	Mahapatra B, Krishnamurthi R, Nayyar A. Healthcare models and algorithms for privacy and security in healthcare records. In: Tanwar S, Tyagi S, Kumar N, eds. Security and Privacy of Electronic Healthcare Records: Concepts, Paradigms and Solutions, IET, 2019, 183
15	P Brandão . The importance of authentication and encryption in cloud computing framework security. International Journal on Data Science and Technology, 2018, 4( 1): 1– 5
16	T Chen , Q Cheng , X Li . An anonymous key agreement protocol with robust authentication for smart grid infrastructure. Science China Information Sciences, 2022, 65( 9): 1– 3
17	S Kumari , X Li , F Wu , A K Das , K K R Choo , J Shen . Design of a provably secure biometrics-based multi-cloud-server authentication scheme. Future Generation Computer Systems, 2017, 68 : 320– 330
18	Y Li , Q Cheng , X Liu , X Li . A secure anonymous identity-based scheme in new authentication architecture for mobile edge computing. IEEE Systems Journal, 2020, 15( 1): 935– 946
19	Z Zhu . An efficient authentication scheme for telecare medicine information systems. Journal of Medical Systems, 2012, 36( 6): 3833– 3838
20	K Arya , A Vidwansh . A robust authentication scheme for telecare medicine information systems. International Journal of Computer Applications, 2015, 123( 6): 5– 10
21	D Kang, D Lee, S Cho, J Jung, D Won. Cryptanalysis and improvement of robust authentication scheme for telecare medicine information systems. In: Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication. 2017, 1– 8
22	C M Chen , B Xiang , E W Ke , T Y Wu , J C W Lin . Improvement of an anonymous and lightweight authentication scheme for TMIS. Journal of Applied Mathematics and Physics, 2018, 6( 1): 18– 28
23	R Madhusudhan, C S Nayak. An improved user authentication scheme for telecare medical information systems. In: Proceedings of IEEEACM International Conference on Connected Health: Applications, Systems and Engineering Technologies. 2018, 100–105
24	Q Jiang , Z Chen , J Ma , X Ma , J Shen , D Wu . Optimized fuzzy commitment based key agreement protocol for wireless body area network. IEEE Transactions on Emerging Topics in Computing, 2021, 9( 2): 839– 853
25	S Kumari , K Renuka . A provably secure biometrics and ECC-based authentication and key agreement scheme for WSNs. International Journal of Communication Systems, 2020, 33( 3): e4194–
26	Q Jiang , N Zhang , J Ni , J Ma , X Ma , K K R Choo . Unified biometric privacy preserving three-factor authentication and key agreement for cloud-assisted autonomous vehicles. IEEE Transactions on Vehicular Technology, 2020, 69( 9): 9390– 9401
27	F Computing. The Internet of Things: extend the cloud to where the things are. Cisco White Paper, 2015
28	F Bonomi, R Milito, J Zhu, S Addepalli. Fog computing and its role in the Internet of Things. In: Proceedings of the 1st Edition of the MCC Workshop on Mobile Cloud Computing. 2012, 13– 16
29	M Barzegaran, A Cervin, P Pop. Towards quality-of-control-aware scheduling of industrial applications on fog computing platforms. In: Proceedings of the Workshop on Fog Computing and the IoT. 2019, 1– 5
30	S P Singh , A Nayyar , H Kaur , A Singla . Dynamic task scheduling using balanced VM allocation policy for fog computing platforms. Scalable Computing: Practice and Experience, 2019, 20( 2): 433– 456
31	R Mahmud, F L Koch, R Buyya. Cloud-fog interoperability in IoT-enabled healthcare solutions. In: Proceedings of the 19th International Conference on Distributed Computing and Networking. 2018, 1– 10
32	Negash B, Gia T N, Anzanpour A, Azimi I, Jiang M, Westerlund T, Rahmani A M, Liljeberg P, Tenhunen H. Leveraging fog computing for healthcare IoT. In: Rahmani A, Liljeberg P, Preden J S, Jantsch A, eds. Fog Computing in the Internet of Things. Springer, Cham, 2018, 145–169
33	T Chen , X Li , Q Cheng . An enhanced key exchange protocol exhibiting key compromise impersonation attacks resistance in mobile commerce environment. Science China Information Sciences, 2021, 64( 9): 1– 3
34	C L Liu , W J Tsai , T Y Chang , T M Liu . Ephemeral-secret-leakage secure ID-based three-party authenticated key agreement protocol for mobile distributed computing environments. Symmetry, 2018, 10( 4): 84–
35	M Bellare, D Pointcheval, P Rogaway. Authenticated key exchange secure against dictionary attacks. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques. 2000, 139– 155
36	B Blanchet. An efficient cryptographic protocol verifier based on prolog rules. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop. 2001, 82– 96

[1]

Download

[1]	Yudi ZHANG, Debiao HE, Mingwu ZHANG, Kim-Kwang Raymond CHOO. A provable-secure and practical two-party distributed signing protocol for SM2 signature algorithm[J]. Front. Comput. Sci., 2020, 14(3): 143803-.
[2]	Wei GAO, Guilin WANG, Kefei CHEN, Xueli WANG. Efficient identity-based threshold decryption scheme from bilinear pairings[J]. Front. Comput. Sci., 2018, 12(1): 177-189.
[3]	Huiyan ZHAO,Jia YU,Shaoxia DUAN,Xiangguo CHENG,Rong HAO. Key-insulated aggregate signature[J]. Front. Comput. Sci., 2014, 8(5): 837-846.
[4]	Lin CHENG, Qiaoyan WEN, Zhengping JIN, Hua ZHANG. Cryptanalysis and improvement of a certificateless encryption scheme in the standard model[J]. Front. Comput. Sci., 2014, 8(1): 163-173.
[5]	Haiyan SUN, Qiaoyan WEN, Hua ZHANG, Zhengping JIN. A novel pairing-free certificateless authenticated key agreement protocol with provable security[J]. Front Comput Sci, 2013, 7(4): 544-557.

Viewed

Full text

Abstract

Cited

Shared

Discussed