Hierarchical and Dynamic Elliptic Curve Cryptosystem Based Self-Certified Public Key Scheme for Medical Data Protection

Tseng, Chinyang Henry; Wang, Shiau-Huey; Tsaur, Woei‐Jiunn

doi:10.1109/tr.2015.2429271

Cited by 25 publications

(16 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to improve the both schemes, Amin and Biswas introduced a secure three‐factor authentication and key agreement scheme for TMISs that can offer the user anonymity. Yet another ECC‐based scheme was presented in Tseng et al Nonetheless, careful investigation of their work indicates that in their scheme, there is no key confirmation and it cannot guarantee the message integrity.…”

Section: Related Workmentioning

confidence: 99%

“…In this section, we compare the performance and features of the proposed scheme with those of related ones, including the schemes of Ravanbakhsh and Nazari, Arshad and Nikooghadam, Tan, Giri et al, Amin and Biswas, Arshad et al, Bin Muhaya, Islam and Khan, Amin and Biswas, Lu et al, Xu et al, Tseng et al, and Chaudhry et al…”

Section: Performance Analysismentioning

confidence: 99%

“…According to Table , although the communication cost of the proposed scheme is slightly more than some related ones, in terms of security it is more resilient to well‐known attacks. That is to say, the schemes of Tan, Xu et al, and Tseng et al are vulnerable to the replay attack. The scheme of Ravanbakhsh and Nazari and Amin and Biswas both are susceptible to the known session‐specific temporary information attack, whereas the proposed scheme is secure against this attack.…”

Section: Performance Analysismentioning

confidence: 99%

“…Moreover, the schemes of Ravanbakhsh and Nazari and Islam and Khan do not provide the perfect forward secrecy. Furthermore, the schemes of Islam and Khan, Amin and Biswas, and Tseng et al are susceptible to the impersonation attack. As a result, considering the security features, the execution time of the proposed scheme is much better than the other related ones.…”

Section: Performance Analysismentioning

confidence: 99%

See 3 more Smart Citations

An enhanced anonymous and unlinkable user authentication and key agreement protocol for TMIS by utilization of ECC

Ostad-Sharif

Abbasinezhad-Mood

Nikooghadam

2019

Int J Communication

View full text Add to dashboard Cite

The telecare medicine information systems (TMISs) not only help patients to receive incessant health care services but also assist the medical staffs to access patients' electronic health records anytime and from anywhere via Internet. Since the online communications are exposed to numerous security threats, the mutual authentication and key agreement between patients and the medical servers are of prime significance. During the recent years, various user authentication schemes have been suggested for the TMISs.Nonetheless, most of them are susceptible to some known attacks or have high computational cost. Newly, an effective remote user authentication and session key agreement protocol has been introduced by Ravanbakhsh and Nazari for health care systems. Besides the nice contributions of their work, we found that it has two security weaknesses, namely, known session-specific temporary information attack and lack of perfect forward secrecy. As a result, to overcome these deficiencies, this paper suggests a novel anonymous and unlinkable user authentication and key agreement scheme for TMISs using the elliptic curve cryptosystem (ECC). We have evaluated the security of the proposed scheme by applying the automated validation of internet security protocols and applications (AVISPA) tool with the intention of indicating that our scheme can satisfy the vital security features. In addition, we have compared the proposed protocol with related schemes to show that it has a proper level of performance. The obtained results demonstrate that the new scheme is more preferable considering both efficiency and security criteria.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Performance Analysismentioning

confidence: 99%

Section: Performance Analysismentioning

confidence: 99%

Section: Performance Analysismentioning

confidence: 99%

See 2 more Smart Citations

An enhanced anonymous and unlinkable user authentication and key agreement protocol for TMIS by utilization of ECC

Ostad-Sharif

Abbasinezhad-Mood

Nikooghadam

2019

Int J Communication

View full text Add to dashboard Cite

show abstract

“…More discussions about related work and generic centralized and decentralized access control mechanisms can be found in our earlier conference paper …”

mentioning

confidence: 99%

Preventing unauthorized access in information centric networking

AbdAllah

Zulkernine

Hassanein

2018

Security and Privacy

View full text Add to dashboard Cite

The increasing traffic volume and new requirements of highly scalable and efficient distribution of contents exceed the capabilities of the current Internet architecture. Information centric networking (ICN) is a new communication paradigm for the next generation internet (NGI), which focuses mainly on contents. ICN has in-network caching capability, which enables any node to cache any content coming from any publisher. ICN subscribers are able to access contents from different distributed locations. This capability maximizes the problem of unauthorized access to ICN contents. In this paper, we propose a decentralized elliptic curve-based access control (ECAC) protocol for ICN architectures. In this protocol, fewer public messages are needed for access control enforcement between ICN subscribers and ICN nodes than the existing access control protocols. ECAC protocol depends on ICN self-certifying naming scheme. We perform security analysis on ECAC for the following attacks: man-in-the-middle, forward security, replay attacks, integrity, and privacy violations. We also evaluate communication, computational, and storage overhead for performance analysis to ECAC. Based on our results that are obtained under various scenarios, ECAC efficiently prevents unauthorized access to ICN contents. KEYWORDS access control, elliptic curve cryptography, information centric networking, unauthorized access attacks INTRODUCTIONThe Internet is changing from Internet of hosts to Internet of things, Internet of media, Internet of service, and Internet of people. These new Internets require highly scalable and efficient contents distribution. Information centric networking (ICN) is one of the alternatives for these new Internets. The number of objects in ICN is expected to be several orders of magnitude higher than the number of nodes in current Internet architectures. According to Cisco Visual Networking Index, there will be almost 4.1 billion Internet users and 26.3 billion network devices and connections globally, the average fixed broadband connection speed will increase to 47.7 Mbps, and IP video will represent 82% of all traffic by 2020. 38 Different architectures have been proposed for ICN such as data oriented network architecture (DONA), network of information (NetInf), named data networking (NDN), and publish subscribe internet technology (PURSUIT). 39 All ICN architectures have some commonly shared concepts, which can be classified as follows: information object, naming, routing, caching, security, and application programming interface. [40][41][42][43][44][45][46] In-network caching is a major attribute of ICN, which allows any node to cache any content. This attribute is one of the major differences between ICN and non-ICN architectures. In the current Internet architectures, contents are stored at specific points, which simplifies the access control mechanisms. Network security administrator can deploy their security modules More discussions about related work and generic centralized and decentralized access control mecha...

show abstract

Post‐quantum cryptography techniques for secure communication in resource‐constrained Internet of Things devices: A comprehensive survey

Kumari

Singh

et al. 2022

Softw Pract Exp

View full text Add to dashboard Cite

As the number and characteristics of smart devices change, the concept of the Internet of Things (IoT) emerges. The IoT provides the connected devices with a variety of resources that enable effective communication. At this point, several security issues arise to get the sensitive information behind every communication in the IoT. To provide users with security and privacy, cryptographic schemes are adopted, the most popular being public key cryptographic systems (PKC). However, with the advent of quantum computing, the level of security that can be provided by the PKC schemes is a big question. Another important issue is that the IoT environment is resource-constrained, which necessitates the implementation of lightweight cryptographic algorithms for better security. In response to these issues, the post-quantum cryptographic (PQC) schemes are one of the significant developments contributing to IoT security in the post-quantum world. This article examines the key security issues in the IoT environment and examines the effective solutions found in the literature. The problems in IoT in the quantum era are discussed and appropriate solutions by PKC schemes under limited resources in IoT are focused. As the lattice-based cryptosystems are more effective, the importance of these schemes

show abstract

Hierarchical and Dynamic Elliptic Curve Cryptosystem Based Self-Certified Public Key Scheme for Medical Data Protection

Cited by 25 publications

References 27 publications

An enhanced anonymous and unlinkable user authentication and key agreement protocol for TMIS by utilization of ECC

An enhanced anonymous and unlinkable user authentication and key agreement protocol for TMIS by utilization of ECC

Preventing unauthorized access in information centric networking

Post‐quantum cryptography techniques for secure communication in resource‐constrained Internet of Things devices: A comprehensive survey

Contact Info

Product

Resources

About