Recently, the spectacular innovations in the fields of wireless body area networks (WBAN) and the Internet of Things (IoT) have made e-Care services rise as a promising application domain, which significantly advances the quality of the medical system, however, due to the openness of the wireless environment and privacy of people's physiological data, WBAN and IoT are prone to various cyber-a acks. There is a significant need for an efficient and highly secured cryptographic scheme that can meet the requirements of resource-constrained devices. Therefore, in this paper, we propose a certificate-based signcryption (CB-SN) scheme for the IoT-enabled WBAN. The proposed scheme is based on the concept of hyper-elliptic curve cryptography (HECC) that offers the same level of security as the elliptic curve and bilinear pairing with lower-key size. The formal security verification using the Automated Validation of the Internet Security Protocols and Applications (AVISPA) tool along with informal security analysis demonstrate that the proposed scheme is not just reducing the complexity of resource-constrained IoT devices, but proves to be secure against several well-known cryptographic a acks. Moreover, performance comparison with relevant existing schemes authenticates that the proposed scheme is far more secure and energy efficient. different algorithms separately, i.e., signature and then encryption at the same time. In 1997, Zheng was the pioneer to merge these two processes in one algorithm, called signcryption [7]. This scheme is based on the concept of old public key cryptography (PKC), which is suffering from certificate overheads, renewing, and revocation problems [8]. Shamir was the first to propose an alternate concept of PKC, called identity-based cryptography (IBC) [9]. This technique removed the limitations of PKC and used the identity in place of a certificate. Later, in 2002, Malone-Lee [10], for the first time merged the concept of IBC with the signcryption technique, namely, identity-based signcryption (IBS). The IBS includes three entities, for example, a sender (signcrypter), a receiver (unsigncrypter), and the private key generation center (PKGC), respectively. In this setup, the users (signcrypter and unsigncrypter) generate their identities and after that, send it to the PKGC. Then, the PKGC produces and delivers the private keys for all the participating users, by using the secured networks. Unfortunately, IBS suffers from the key escrow issue (KEI), because the private key is generated by the PKGC and one can easily use this key for forging the digital signature and decrypting the ciphertext [11].To eliminate the above problem in IBS, in 2008, Barbosa and Farshim [12], put forward the concept of a certificateless signcryption (CL-SC) scheme. The CL-SC mechanism almost works the same as IBS, but the main difference is that the private key is generated by the users themselves. The central authority known as a key generation center (KGC) only provides the partial private key to the users by using an ...
