SymMatch: Secure and privacy-preserving symptom matching for mobile healthcare social networks

Recently, mobile healthcare social networks (MHSN), serving as a promising platform for eHealthcare system, has attracted considerable interest. Profile matching is an effective method for medical users to find possible helpers in the mobile healthcare social networks while preserving privacy of the personal health information (PHI). This paper concerns the challenging problem of how to resist inside semi-honest-but-curious medical users from disclosing the PHI by altering their symptom matching results and joining the data transmission group. A new security threat arising from existing profile matching protocols, coined as inflation attack, is first formulated. Then, a new secure and privacy-preserving symptom matching scheme, called SymMatch, is proposed based on homomorphic encryption to thwart the inflation attack and other active attacks. The security analysis and simulation results show the effectiveness and efficiency of the proposed scheme.

[1]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[2]  Huaxiong Wang,et al.  Distributed Private Matching and Set Operations , 2008, ISPEC.

[3]  Yin Zhang,et al.  Secure friend discovery in mobile social networks , 2011, 2011 Proceedings IEEE INFOCOM.

[4]  Guanhua Yan,et al.  Fine-grained private matching for proximity-based mobile social networking , 2012, 2012 Proceedings IEEE INFOCOM.

[5]  Ingrid Moerman,et al.  A survey on wireless body area networks , 2011, Wirel. Networks.

[6]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[7]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[8]  Ming Li,et al.  FindU: Privacy-preserving personal profile matching in mobile social networks , 2011, 2011 Proceedings IEEE INFOCOM.

[9]  Emiliano De Cristofaro,et al.  Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[10]  Xiaohui Liang,et al.  PEC: A privacy-preserving emergency call scheme for mobile healthcare social networks , 2011, Journal of Communications and Networks.

[11]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[12]  Xiaodong Lin,et al.  SPOC: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency , 2013, IEEE Transactions on Parallel and Distributed Systems.

[13]  Yang Hao,et al.  Wireless body sensor networks for health-monitoring applications , 2008, Physiological measurement.

[14]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[15]  Roger Wattenhofer,et al.  VENETA: Serverless Friend-of-Friend Detection in Mobile Social Networking , 2008, 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[16]  Xiaohui Liang,et al.  Secure handshake with symptoms-matching: the essential to the success of mhealthcare social network , 2010, BODYNETS.

[17]  Xiaohui Liang,et al.  Fully Anonymous Profile Matching in Mobile Social Networks , 2013, IEEE Journal on Selected Areas in Communications.