基于雾计算的智能医疗三方认证与密钥协商协议

doi:10.13328/j.cnki.jos.006514

微信服务号

微信订阅号

2025年4月7日 1:51 星期一

首页 > 过刊浏览>2023年第34卷第7期 >3272-3291. DOI:10.13328/j.cnki.jos.006514

PDF HTML阅读 XML下载导出引用引用提醒

基于雾计算的智能医疗三方认证与密钥协商协议
DOI:
                        10.13328/j.cnki.jos.006514
                    
CSTR:
                        
                    
作者:
                        王菲菲王菲菲
重庆邮电大学 网络空间安全与信息法学院, 重庆 400065
在期刊界中查找
在百度中查找
在本站中查找
汪定汪定
南开大学 网络空间安全学院, 天津 300350;天津市网络与数据安全技术重点实验室 (南开大学), 天津 300350
在期刊界中查找
在百度中查找
在本站中查找

                    
作者单位:
作者简介:王菲菲(1991-),女,博士,讲师,CCF专业会员,主要研究领域为物联网安全,多因子认证协议;汪定(1985-),男,教授,博士生导师,CCF高级会员,主要研究领域为数字身份安全
通讯作者:汪定,E-mail:wangding@nankai.edu.cn
中图分类号:TP309
基金项目:国家自然科学基金（62172240）；南开大学百名青年学科带头人计划（9920200010）

Fog Computing-based Three-party Authentication and Key Agreement Protocol for Smart Healthcare

Author:

WANG Fei-Fei
WANG Fei-Fei
School of Cyber Security and Information Law, Chongqing University of Posts and Telecommunications, Chongqing 400065, China
在期刊界中查找
在百度中查找
在本站中查找
WANG Ding
WANG Ding
College of Cyber Science, Nankai University, Tianjin 300350, China;Tianjin Key Laboratory of Network and Data Security Technology (Nankai University), Tianjin 300350, China
在期刊界中查找
在百度中查找
在本站中查找

Affiliation:

Fund Project:

摘要

图/表

访问统计

参考文献 [46]

相似文献

引证文献

资源附件

文章评论

摘要:

在智能医疗中，将云计算技术与物联网技术结合，可有效解决大规模医疗数据的实时访问问题.然而，数据上传到远程云服务器，将带来额外的通信开销与传输时延.借助雾计算技术，以终端设备作为雾节点，辅助云服务器在本地完成数据存储与访问，能够实现数据访问的低延迟与高移动性.如何保障基于雾计算的智能医疗环境的安全性成为近期研究热点.面向基于雾计算的智能医疗场景，设计认证协议的挑战在于：一方面，医疗数据是高度敏感的隐私数据，与病人身体健康密切相关，若用户身份泄漏或者数据遭到非法篡改将导致严重后果；另一方面，用户设备和雾节点往往资源受限，认证协议在保护用户隐私的同时，需要实现用户、雾节点、云服务器之间的三方数据安全传输.对智能医疗领域两个具有代表性的认证方案进行安全分析，指出Hajian等人的协议无法抵抗验证表丢失攻击、拒绝服务攻击、仿冒攻击、设备捕获攻击、会话密钥泄漏攻击；指出Wu等人的协议无法抵抗离线口令猜测攻击、仿冒攻击.提出一个基于雾计算的智能医疗三方认证与密钥协商协议，采用随机预言机模型下安全归约、BAN逻辑证明和启发式分析，证明所提方案能实现双向认证与会话密钥协商，并且对已知攻击是安全的；与同类方案的性能对比分析表明，所提方案显著提高了安全性，并具有较高的效率.

关键词:认证协议;智能医疗;雾计算;密钥协商;物联网

Abstract:

In smart healthcare, cloud computing and the Internet of Things are combined to solve the problem of real-time access to large-scale data. However, the data is uploaded to a remote cloud. It increases additional communication cost and transmission delay. Fog computing has been introduced into smart healthcare to solve this problem. The fog servers assist the cloud server to complete data storage and access locally. It contributes to low latency and high mobility. Since the medical data is highly sensitive, how to design a fog computing-based smart healthcare authentication protocol has become a research hotspot. If the data is tampered illegally, the consequences will be catastrophic. Hence, the authentication protocol should be secure against various attacks and realize the secure data transmission among users, fog nodes, and cloud servers. This study analyzes two schemes for smart healthcare, and points out that Hajian et al.’s scheme cannot resist stolen verifier attack, denial of service attacks, impersonation attacks, node capture attack, and session key disclosure attacks; Wu et al.’s scheme cannot resist offline password guessing attacks and impersonation attacks. Furthermore, a fog computing-based three-party authentication and key agreement protocol are proposed for smart healthcare. The security is proved by using the random oracle model, the BAN logic, and heuristic analysis. As result, it is secure against known attacks. The performance comparison with related schemes shows that the proposed scheme is more suitable for fog computing-based smart healthcare.

Key words:authentication protocol;smart healthcare;fog computing;key agreement;Internet of Things (IoT)

参考文献

[1] Wang CY, Wang D, Tu Y, Xu GA, Wang HX. Understanding node capture attacks in user authentication schemes for wireless sensor networks. IEEE Transactions on Dependable and Secure Computing, 2022, 19(1): 507-523. [doi: 10.1109/TDSC.2020.2974220]

[2] Wang D, Li WT, Wang P. Measuring two-factor authentication schemes for real-time data access in industrial wireless sensor networks. IEEE Transactions on Industrial Informatics, 2018, 14(9): 4081-4092. [doi: 10.1109/TII.2018.2834351]

[3] Rahmani AM, Gia TN, Negash B, Anzanpour A, Azimi I, Jiang MZ, Liljeberg P. Exploiting smart e-Health gateways at the edge of healthcare internet-of-things: A fog computing approach. Future Generation Computer Systems, 2018, 78: 641-658. [doi: 10.1016/j.future.2017.02.014]

[4] 李文婷, 汪定, 王平. 无线传感器网络下多因素身份认证协议的内部人员攻击. 软件学报, 2019, 3(8): 2375-2391. http://www.jos.org.cn/1000-9825/5766.htm

Li WT, Wang D, Wang P. Insider attacks against multi-factor authentication protocols for wireless sensor networks. Ruan Jian Xue Bao/Journal of Software, 2019, 30(8): 2375-2391 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5766.htm

[5] 王晨宇, 汪定, 王菲菲, 徐国爱. 面向多网关的无线传感器网络多因素认证协议. 计算机学报, 2020, 43(4): 683-700. [doi: 10.11897/SP.J.1016.2020.00683]

Wang CY, Wang D, Wang FF, Xu AG. Multi-factor user authentication scheme for multi-gateway wireless sensor networks. Chinese Journal of Computers, 2020, 43(4): 683-700 (in Chinese with English abstract). [doi: 10.11897/SP.J.1016.2020.00683]

[6] 胡学先, 张启慧, 张振峰, 刘凤梅. 通用可组合的网关口令认证密钥交换协议. 计算机学报, 2017, 40(5): 1109-1120. [doi: 10.11897/SP.J.1016.2017.01109]

Hu XX, Zhang QH, Zhang ZF, Liu FM. Universally composable gateway-oriented password-authenticated key exchange protocol. Chinese Journal of Computers, 2017, 40(5): 1109-1120 (in Chinese with English abstract). [doi: 10.11897/SP.J.1016.2017.01109]

[7] Das AK, Wazid M, Kumar N, Vasilakos AV, Rodrigues JJPC. Biometrics-based privacy-preserving user authentication scheme for cloud-based industrial Internet of Things deployment. IEEE Internet of Things Journal, 2018, 5(6): 4900-4913. [doi: 10.1109/JIOT.2018.2877690]

[8] 汪定, 李文婷, 王平. 对三个多服务器环境下匿名认证协议的分析. 软件学报, 2018, 29(7): 1937-1952. http://www.jos.org.cn/1000-9825/5361.htm

Wang D, Li WT, Wang P. Crytanalysis of three anonymous authentication schemes for multi-server environment. Ruan Jian Xue Bao/Journal of Software, 2018, 29(7): 1937-1952 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5361.htm

[9] 魏福山, 马建峰, 李光松, 马传贵. 标准模型下高效的三方口令认证密钥交换协议. 软件学报, 2016, 27(9): 2389-2399. http://www.jos.org.cn/1000-9825/4861.htm

Wei FS, Ma JF, Li GS, Ma CG. Efficient three-party password-based authenticated key exchange protocol in the standard model. Ruan Jian Xue Bao/Journal of Software, 2016, 27(9): 2389-2399 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/4861.htm

[10] He DB, Zeadally S, Kumar N, Wu W. Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures. IEEE Transactions on Information Forensics and Security, 2016, 11(9): 2052–2064. [doi: 10.1109/TIFS.2016.2573746]

[11] Alrawais A, Alhothaily A, Hu CQ, Cheng XZ. Fog computing for the internet of things: Security and privacy issues. IEEE Internet Computing, 2017, 21(2): 34-42. [doi: 10.1109/MIC.2017.37]

[12] Wu ZY, Lee YC, Lai FP, Lee HC, Chung Y. A secure authentication scheme for telecare medicine information systems. Journal of Medical Systems, 2012, 36(3): 1529-1535. [doi: 10.1007/s10916-010-9614-9]

[13] Huang XY, Chen XF, Li J, Xiang Y, Xu L. Further observations on smart-card-based password-authenticated key agreement in distributed systems. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(7): 1767–1775. [doi: 10.1109/TPDS.2013.230]

[14] He DB, Kumar N, Chen JH, Lee CC, Chilamkurti N, Yeo SS. Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Systems, 2015, 21(1): 49–60. [doi: 10.1007/s00530-013-0346-9]

[15] Li X, Niu JW, Kumari S, Liao JG, Liang W, Khan MK. A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity. Security and Communication Networks, 2016, 9(15): 2643-2655. [doi: 10.1002/sec.1214]

[16] Li X, Ibrahim MH, Kumari S, Sangaiah AK, Gupta V, Choo KKR. Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Computer Networks, 2017, 129: 429-443. [doi: 10.1016/j.comnet.2017.03.013]

[17] Koya AM, Deepthi PP. Anonymous hybrid mutual authentication and key agreement scheme for wireless body area network. Computer Networks, 2018, 140: 138-151. [doi: 10.1016/j.comnet.2018.05.006]

[18] Wu F, Li X, Xu LL, Kumari S, Karuppiah M, Shen J. A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Computers & Electrical Engineering, 2017, 63: 168-181. [doi: 10.1016/j.compeleceng.2017.04.012]

[19] Das AK, Wazid M, Kumar N, Khan MK, Choo KKR, Park Y. Design of secure and lightweight authentication protocol for wearable devices environment. IEEE Journal of Biomedical and Health Informatics, 2018, 22(4): 1310-1322. [doi: 10.1109/JBHI.2017.2753464]

[20] Wu F, Li X, Sangaiah AK, Xu LL, Kumari S, Wu LX, Shen J. A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Future Generation Computer Systems, 2018, 82: 727-737. [doi: 10.1016/j.future.2017.08.042]

[21] Wazid M, Das AK, Vasilakos AV. Authenticated key management protocol for cloud-assisted body area sensor networks. Journal of Network and Computer Applications, 2018, 123: 112-126. [doi: 10.1016/j.jnca.2018.09.008]

[22] Dodis Y, Reyzin L, Smith A. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Proc. of the 2004 Int’l Conf. on the Theory and Applications of Cryptographic Techniques. Interlaken: Springer, 2004. 523-540.

[23] Amin R, Islam SKH, Biswas GP, Khan MK, Kumar N. A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Generation Computer Systems, 2018, 80: 483-495. [doi: 10.1016/j.future.2016.05.032]

[24] Gupta A, Tripathi M, Shaikh TJ, Sharma A. A lightweight anonymous user authentication and key establishment scheme for wearable devices. Computer Networks, 2019, 149: 29-42. [doi: 10.1016/j.comnet.2018.11.021]

[25] Jia XY, He DB, Kumar N, Choo KKR. Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Networks, 2019, 25(8): 4737-4750. [doi: 10.1007/s11276-018-1759-3]

[26] Fotouhi M, Bayat M, Das AK, Far HAN, Pournaghi SM, Doostari MA. A lightweight and secure two-factor authentication scheme for wireless body area networks in health-care IoT. Computer Networks, 2020, 177: 107333. [doi: 10.1016/j.comnet.2020.107333]

[27] Hajian R, ZakeriKia S, Erfani SH, Mirabi M. SHAPARAK: Scalable healthcare authentication protocol with attack-resilience and anonymous key-agreement. Computer Networks, 2020, 183: 107567. [doi: 10.1016/j.comnet.2020.107567]

[28] Wu TY, Wang T, Lee YQ, Zheng WM, Kumari S, Kumar S. Improved authenticated key agreement scheme for fog-driven IoT healthcare system. Security and Communication Networks, 2021, 2021: 6658041. [doi: 10.1155/2021/6658041]

[29] Wang D, He DB, Wang P, Chu CH. Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment. IEEE Transactions on Dependable and Secure Computing, 2015, 12(4): 428–442. [doi: 10.1109/TDSC.2014.2355850]

[30] 冯登国, 徐静, 兰晓. 5G移动通信网络安全研究. 软件学报, 2018, 29(6): 1813-1825. http://www.jos.org.cn/1000-9825/5547.htm

Feng DG, Xu J, Lan X. Study on 5G mobile communication network security. Ruan Jian Xue Bao/Journal of Software, 2018, 29(6): 1813–1825 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5547.htm

[31] 杨力, 马建峰, 姜奇. 无线移动网络跨可信域的直接匿名证明方案. 软件学报, 2012, 23(5): 1260-1271. http://www.jos.org.cn/1000-9825/4052.htm

Yang L, Ma JF, Jiang Q. Direct anonymous attestation scheme in cross trusted domain for wireless mobile networks. Ruan Jian Xue Bao/Journal of Software, 2012, 23(5): 1260-1271 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/4052.htm

[32] Wang D, Wang P. Two birds with one stone: Two-factor authentication with security beyond conventional bound. IEEE Transactions on Dependable and Secure Computing, 2018, 15(4): 708–722. [doi: 10.1109/TDSC.2016.2605087]

[33] Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attacks. In: Proc. of the 2000 Int’l Conf. on the Theory and Application of Cryptographic Techniques. Bruges: Springer, 2000. 139–155.

[34] Soni P, Pal AK, Islam SKH. An improved three-factor authentication scheme for patient monitoring using WSN in remote health-care system. Comput. Computer Methods and Programs in Biomedicine, 2019, 182: 105054. [doi: 10.1016/j.cmpb.2019.105054]

[35] Li X, Peng JY, Obaidat MS, Wu F, Khan MK, Chen CY. A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems. IEEE Systems Journal, 2020, 14(1): 39–50. [doi: 10.1109/JSYST.2019.2899580]

[36] Ma MM, He DB, Wang HQ, Kumar H, Choo KKR. An efficient and provably secure authenticated key agreement protocol for fog-based vehicular ad-hoc networks. IEEE Internet of Things Journal, 2019, 6(5): 8065–8075. [doi: 10.1109/JIOT.2019.2902840]

[37] Wazid M, Das AK, Kumar N, Vasilakos AV. Design of secure key management and user authentication scheme for fog computing services. Future Generation Computer Systems, 2019, 91: 475–492. [doi: 10.1016/j.future.2018.09.017]

[38] He DB, Kumar N, Khan MK, Wang LN, Shen J. Efficient privacy-aware authentication scheme for mobile cloud computing services. IEEE Systems Journal, 2018, 12(2): 1621–1631. [doi: 10.1109/JSYST.2016.2633809]

[39] Burrows M, Abadi M, Needham RM. A logic of authentication. Proc. of the Royal Society A: Mathematical, Physical and Engineering Sciences, 1989, 426(1871): 233–271.

引用本文

王菲菲,汪定.基于雾计算的智能医疗三方认证与密钥协商协议.软件学报,2023,34(7):3272-3291

复制

文章指标

点击次数:751
下载次数: 2548
HTML阅读次数: 2216
引用次数: 0

历史

收稿日期:2021-05-20
最后修改日期:2021-08-30
录用日期:
在线发布日期: 2022-12-08
出版日期: 2023-07-06

微信服务号

微信订阅号

引用本文

分享

文章指标

历史

文章二维码

微信服务号

微信订阅号

引用本文

分享

微信扫一扫：分享

文章指标

历史

文章二维码