A Rainbow-Based Authentical Scheme for Securing Smart Connected Health Systems

Smart Connected Health Systems (SCHSs) belong to health systems that provide services of health care remotely. They provide the doctors with access to electronic medical records with the aid of medical sensors, smart wearable devices and smart medical instruments. Although SCHSs have many applications in the area of health care, securing massive amount of valuable and sensitive data of the patients and preserving the privacy are challenging. User authentication based on public key cryptographic techniques is playing a crucial role in SCHSs for protecting the privacy of patients. However, quantum computers will break such techniques. Rainbow signature is one of the candidates of the next generation of cryptographic algorithms which can resist attacks on quantum computers. However, it is vulnerable to Differential Power Analysis (DPA) attacks, which is based on information gained from the cryptographic implementations. We present techniques to exploit the countermeasures to protect Rainbow against DPA attacks. We propose a variant of Rainbow with resistance to DPA attacks. First, we take a random vector to randomize the power consumption of private keys during computing the first affine transformation; Second, random variables are adopted during computing central map transformation; Third, we take two random vectors during computing the second affine transformation to randomize the power consumption of private keys. We analyze the efficiency and implement the scheme on hardware. Compared with the related implementations, our scheme is efficient and suitable for signature generations on hardware. Besides, we propose a secure authentical scheme based on the implementation for protecting record of patients in SCHSs.

[1]  Haibo Yi,et al.  Under Quantum Computer Attack: Is Rainbow a Replacement of RSA and Elliptic Curves on Hardware? , 2018, Secur. Commun. Networks.

[2]  Jintai Ding,et al.  High-Speed Hardware Implementation of Rainbow Signature on FPGAs , 2011, PQCrypto.

[3]  Shaohua Tang,et al.  Circulant Rainbow: A New Rainbow Variant With Shorter Private Key and Faster Signature Generation , 2017, IEEE Access.

[4]  Chen-Mou Cheng,et al.  New Differential-Algebraic Attacks and Reparametrization of Rainbow , 2008, ACNS.

[5]  Stanislav Bulygin,et al.  Fast Verification for Improved Versions of the UOV and Rainbow Signature Schemes , 2013, PQCrypto.

[6]  Ajoy Kumar Khan,et al.  Securing RSA against power analysis attacks through non-uniform exponent partitioning with randomisation , 2018, IET Inf. Secur..

[7]  Witold Pedrycz,et al.  Guest Editorial Special Issue on Communications Technologies and Infrastructures for Smart e-Health Systems , 2018, IEEE Syst. J..

[8]  Zafar Mirza,et al.  Strengthening health systems for universal health coverage and sustainable development , 2017, Bulletin of the World Health Organization.

[9]  Tsuyoshi Takagi,et al.  Reducing the Key Size of Rainbow Using Non-commutative Rings , 2012, CT-RSA.

[10]  Andrey Bogdanov,et al.  Fast multivariate signature generation in hardware: The case of rainbow , 2008, 2008 International Conference on Application-Specific Systems, Architectures and Processors.

[11]  Kai Zheng,et al.  Evaluation of a proximity card authentication system for health care settings , 2016, Int. J. Medical Informatics.

[12]  Thomas Maeder,et al.  Reducing Humidity Response of Gas Sensors for Medical Applications: Use of Spark Discharge Synthesis of Metal Oxide Nanoparticles , 2018, Sensors.

[13]  Alessandro Barenghi,et al.  A Fault-Based Secret Key Retrieval Method for ECDSA: Analysis and Countermeasure , 2016, JETC.

[14]  Tsuyoshi Takagi,et al.  Efficient Variant of Rainbow without Triangular Matrix Representation , 2014, International Conference on Information and Communicatiaon Technology.

[15]  Yi Wang,et al.  Differential Privacy Preserving in Big Data Analytics for Connected Health , 2016, Journal of Medical Systems.

[16]  Daniel R. L. Brown,et al.  Breaking RSA May Be As Difficult As Factoring , 2014, Journal of Cryptology.

[17]  Ioannis G. Askoxylakis,et al.  Policy-Controlled Authenticated Access to LLN-Connected Healthcare Resources , 2018, IEEE Systems Journal.

[18]  Denis Butin,et al.  Hash-Based Signatures: State of Play , 2017, IEEE Security & Privacy.

[19]  Albrecht Petzoldt,et al.  RingRainbow - An Efficient Multivariate Ring Signature Scheme , 2017, AFRICACRYPT.

[20]  Enrico Thomae,et al.  Quo Vadis Quaternion? Cryptanalysis of Rainbow over Non-commutative Rings , 2012, SCN.

[21]  Saso Koceski,et al.  Connected-Health Algorithm: Development and Evaluation , 2016, Journal of Medical Systems.

[22]  Tsuyoshi Takagi,et al.  On the Importance of Protecting ∆ in SFLASH against Side Channel Attacks , 2001 .

[23]  Tsuyoshi Takagi,et al.  Efficient Variant of Rainbow without Triangular Matrix Representation , 2014, ICT-EurAsia.

[24]  Gaurav Sharma,et al.  PF-IBS: Pairing-Free Identity Based Digital Signature Algorithm for Wireless Sensor Networks , 2017, Wirel. Pers. Commun..

[25]  Kouichi Sakurai,et al.  A Multivariate Encryption Scheme with Rainbow , 2015, ICICS.

[26]  Olivier Billet,et al.  Cryptanalysis of Rainbow , 2006, SCN.

[27]  Weijian Li,et al.  On the Importance of Checking Multivariate Public Key Cryptography for Side-Channel Attacks: The Case of enTTS Scheme , 2017, Comput. J..

[28]  Muhammad Khurram Khan,et al.  A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System , 2017, Journal of Medical Systems.

[29]  Stanislav Bulygin,et al.  Selecting Parameters for the Rainbow Signature Scheme , 2010, PQCrypto.

[30]  Philip R. Miller,et al.  Microneedle-based sensors for medical diagnosis. , 2016, Journal of materials chemistry. B.

[31]  Tsuyoshi Takagi,et al.  Efficient variant of Rainbow using sparse secret keys , 2014, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[32]  Ning Ye,et al.  Private and Secured Medical Data Transmission and Analysis for Wireless Sensing Healthcare System , 2017, IEEE Transactions on Industrial Informatics.

[33]  Liping Zhang,et al.  Privacy Protection for E-Health Systems by Means of Dynamic Authentication and Three-Factor Key Agreement , 2018, IEEE Transactions on Industrial Electronics.

[34]  Jintai Ding,et al.  Current State of Multivariate Cryptography , 2017, IEEE Security & Privacy.

[35]  Musheer Ahmad,et al.  An Efficient Mutual Authentication Framework for Healthcare System in Cloud Computing , 2018, Journal of Medical Systems.

[36]  K. Rasanathan,et al.  Strengthening health systems through embedded research , 2017, Bulletin of the World Health Organization.

[37]  Haibo Yi,et al.  On the security of MQ cryptographic systems for constructing secure Internet of medical things , 2018, Personal and Ubiquitous Computing.

[38]  Stanislav Bulygin,et al.  CyclicRainbow - A Multivariate Signature Scheme with a Partially Cyclic Public Key , 2010, INDOCRYPT.

[39]  Daniel J. Bernstein Post-Quantum Cryptography , 2011, Encyclopedia of Cryptography and Security.

[40]  Tanja Lange,et al.  Post-quantum cryptography , 2008, Nature.

[41]  Amit P. Sheth,et al.  Toward Practical Privacy-Preserving Analytics for IoT and Cloud-Based Healthcare Systems , 2018, IEEE Internet Computing.

[42]  Weidong Chen,et al.  Node-Pancyclic Properties of Biswapped Networks Based on Cycles in Their Factor Networks , 2017, Comput. J..

[43]  Kijoon Chae,et al.  A Secure and Efficient Key Authentication using Bilinear Pairing for NFC Mobile Payment Service , 2017, Wireless Personal Communications.

[44]  Richard Bloss Embedded medical sensors, an emerging technology to monitor hearts, brains, nerves and addressing other medical applications for improved patient care , 2016 .

[45]  Zilong Liu,et al.  An Efficient and Flexible Hardware Implementation of the Dual-Field Elliptic Curve Cryptographic Processor , 2017, IEEE Transactions on Industrial Electronics.

[46]  J. Kutzin,et al.  Health systems strengthening, universal health coverage, health security and resilience , 2016, Bulletin of the World Health Organization.

[47]  Nicolas Sendrier,et al.  Code-Based Cryptography: State of the Art and Perspectives , 2017, IEEE Security & Privacy.

[48]  Jinlong Zhang,et al.  Correction to the “Integrated control of braking and steering subsystems for autonomous vehicle based on an efficient yaw moment distribution” , 2017 .

[49]  Jintai Ding,et al.  Rainbow, a New Multivariable Polynomial Signature Scheme , 2005, ACNS.

[50]  Ayesha Khalid,et al.  On Practical Discrete Gaussian Samplers for Lattice-Based Cryptography , 2018, IEEE Transactions on Computers.