Efficient and secure attribute-based heterogeneous online/offline signcryption for body sensor networks based on blockchain

In body sensor networks, both wearable and implantable biosensors are deployed in a patient body to monitor and collect patient health record information. The health record information is then transmitted toward the medical server via a base station for analysis, diagnosis, and treatment by medical experts. Advancement in wireless technology although improves the patient health–monitoring mechanism, but still there are some limitations regarding security, privacy, and efficiency due to open wireless channel and limited resources of body sensor networks. To overcome these limitations, we have proposed an efficient and secure heterogeneous scheme for body sensor networks, in which biosensor nodes use a certificate-less cryptography environment to resolve the key escrow and certificate-management problems, while MS uses a public key infrastructure environment to enhance the scalability of the networks. Furthermore, we design an online/offline signcryption method to overcome the burden on biosensor nodes. We split the signcryption process into two phases: offline phase and online phase. In the offline phase, the major operations are computed without prior knowledge of patient data. While in online phase, the minor operations are computed when patient data are known. Besides, we have used a new hybrid blockchain technology approach for the secure transmission of patient information along with attributes stored in the medical server toward the cloud that provides ease of patient data access remotely from anywhere by the authorized users and data backup in case of medical server failure. Moreover, hybrid blockchain provides advantages of interoperability, transparency traceability, and universal access. The formal security analysis of the proposed scheme is proved in the standard model, and informal security assures that our scheme provides resistance against possible attacks. As compared to other existing schemes, our proposed scheme consumes fewer resources and efficient in terms of processing cost, transmission overhead, and energy consumption.

[1]  Jianfeng Xu,et al.  A security communication model based on certificateless online/offline signcryption for Internet of Things , 2014, Secur. Commun. Networks.

[2]  R.T.Subhalakshmi,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption , 2016 .

[3]  Guanzhong Dai,et al.  An Efficient Online/Offline Signcryption Scheme for MANET , 2007, 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07).

[4]  Jian Weng,et al.  Fully secure identity-based signcryption scheme with shorter signcryptext in the standard model , 2013, Math. Comput. Model..

[5]  Jin Li,et al.  Hidden attribute-based signatures without anonymity revocation , 2010, Inf. Sci..

[6]  Dongho Won,et al.  A mechanical approach to derive identity-based protocols from Diffie-Hellman-based protocols , 2014, Inf. Sci..

[7]  Md Zakirul Alam Bhuiyan,et al.  Provably Secure Identity-Based Signcryption Scheme for Crowdsourced Industrial Internet of Things Environments , 2018, IEEE Internet of Things Journal.

[8]  Manoj Prabhakaran,et al.  Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance , 2008, IACR Cryptol. ePrint Arch..

[9]  Pil Joong Lee,et al.  New Signcryption Schemes Based on KCDSA , 2001, ICISC.

[10]  Robert H. Deng,et al.  Efficient and Robust Certificateless Signature for Data Crowdsensing in Cloud-Assisted Industrial IoT , 2019, IEEE Transactions on Industrial Informatics.

[11]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[12]  Francisco Rodríguez-Henríquez,et al.  Software Implementation of an Attribute-Based Encryption Scheme , 2015, IEEE Transactions on Computers.

[13]  Jian Shen,et al.  Bitcoin-based fair payments for outsourcing computations of fog devices , 2018, Future Gener. Comput. Syst..

[14]  Sangsuree Vasupongayya,et al.  Blockchain Based Secret-Data Sharing Model for Personal Health Record System , 2018, 2018 5th International Conference on Advanced Informatics: Concept Theory and Applications (ICAICTA).

[15]  Kyung-Ah Shim,et al.  EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks , 2013, Ad Hoc Networks.

[16]  SK Hafizul Islam,et al.  Provably Secure and Lightweight Certificateless Signature Scheme for IIoT Environments , 2018, IEEE Transactions on Industrial Informatics.

[17]  Xiaofeng Liao,et al.  Body Area Network Security: A Fuzzy Attribute-Based Signcryption Scheme , 2013, IEEE Journal on Selected Areas in Communications.

[18]  Huanshui Zhang,et al.  Consensus problems for discrete-time agents with communication delay , 2017 .

[19]  Yan Luo,et al.  A Review of Secure and Privacy-Preserving Medical Data Sharing , 2019, IEEE Access.

[20]  Yi Mu,et al.  Reducing security overhead for mobile networks , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[21]  Wenjing Lou,et al.  Attribute-based on-demand multicast group setup with membership anonymity , 2008, SecureComm.

[22]  Naveen K. Chilamkurti,et al.  On the security of a certificateless online/offline signcryption for Internet of Things , 2014, Peer-to-Peer Networking and Applications.

[23]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[24]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.

[25]  Sherali Zeadally,et al.  Certificateless Public Auditing Scheme for Cloud-Assisted Wireless Body Area Networks , 2018, IEEE Systems Journal.

[26]  Chunhua Jin,et al.  Certificateless online/offline signcryption for the Internet of Things , 2015, Wireless Networks.

[27]  Robert H. Deng,et al.  TKSE: Trustworthy Keyword Search Over Encrypted Data With Two-Side Verifiability via Blockchain , 2018, IEEE Access.

[28]  Hyeon-Eui Kim,et al.  Blockchain distributed ledger technologies for biomedical and health care applications , 2017, J. Am. Medical Informatics Assoc..

[29]  Débora C. Muchaluat-Saade,et al.  Towards a Blockchain-Based Secure Electronic Medical Record for Healthcare Applications , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[30]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[31]  Fuchun Guo,et al.  Efficient identity-based online/offline encryption and signcryption with short ciphertext , 2017, International Journal of Information Security.

[32]  Ahmed Raza Rajput,et al.  EACMS: Emergency Access Control Management System for Personal Health Record Based on Blockchain , 2019, IEEE Access.

[33]  Changyu Dong,et al.  Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing , 2017, CCS.

[34]  Kyung-Ah Shim,et al.  S2DRP: Secure implementations of distributed reprogramming protocol for wireless sensor networks , 2014, Ad Hoc Networks.

[35]  B Keerthana,et al.  WBAN CLIENT VERIFICATION USING REMOTE ANONYMOUS AUTHENTICATION SCHEMES WITHOUT CERTIFICATES , 2015 .

[36]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[37]  Xiangguo Cheng,et al.  An Efficient Identity-based Signature Scheme and Its Applications , 2007, Int. J. Netw. Secur..

[38]  Robert H. Deng,et al.  Outsourcing Service Fair Payment Based on Blockchain and Its Applications in Cloud Computing , 2018, IEEE Transactions on Services Computing.

[39]  Sheng Zhong,et al.  Body sensor network security: an identity-based cryptography approach , 2008, WiSec '08.

[40]  Yun Peng,et al.  Efficient key management scheme for health blockchain , 2018, CAAI Trans. Intell. Technol..

[41]  Hui Li,et al.  Efficient signcryption between TPKC and IDPKC and its multi-receiver construction , 2010, Science China Information Sciences.

[42]  Lu Zhang,et al.  An Efficient and Lightweight Certificateless Authentication Protocol for Wireless Body Area Networks , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[43]  Junbeom Hur,et al.  Fine-grained data access control for distributed sensor networks , 2011, Wirel. Networks.

[44]  Feng Hao,et al.  A Smart Contract for Boardroom Voting with Maximum Voter Privacy , 2017, IACR Cryptol. ePrint Arch..

[45]  Wei Jiang,et al.  Healthcare Data Gateways: Found Healthcare Intelligence on Blockchain with Novel Privacy Risk Control , 2016, Journal of Medical Systems.

[46]  Yi Mu,et al.  Improving Privacy and Security in Decentralized Ciphertext-Policy Attribute-Based Encryption , 2015, IEEE Transactions on Information Forensics and Security.

[47]  Bin Zhao,et al.  IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks , 2008, Comput. Commun..

[48]  Robert H. Deng,et al.  Cryptanalysis of a certificateless signcryption scheme in the standard model , 2011, Inf. Sci..

[49]  Joseph K. Liu,et al.  Secure sharing of Personal Health Records in cloud computing: Ciphertext-Policy Attribute-Based Signcryption , 2015, Future Gener. Comput. Syst..

[50]  Robert H. Deng,et al.  Blockchain based efficient and robust fair payment for outsourcing services in cloud computing , 2018, Inf. Sci..

[51]  Junjie Yang,et al.  A Novel Identity-Based Signcryption Scheme in the Standard Model , 2017, Inf..

[52]  Abdul Waheed,et al.  A Note on Obtain Confidentiality or/ and Authenticity in Big Data by ID-Based Generalized Signcryption , 2017, IACR Cryptol. ePrint Arch..

[53]  Chunhua Jin,et al.  Practical Signcryption for Secure Communication of Wireless Sensor Networks , 2016, Wireless Personal Communications.

[54]  Ron Steinfeld,et al.  A Signcryption Scheme Based on Integer Factorization , 2000, ISW.

[55]  Ricardo Dahab,et al.  TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks , 2008, 2008 5th International Conference on Networked Sensing Systems.

[56]  Robert H. Deng,et al.  Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control , 2018, IEEE Internet of Things Journal.

[57]  Guomin Yang,et al.  Heterogeneous Signcryption with Key Privacy , 2011, Comput. J..

[58]  Ming Luo,et al.  An Enhanced Certificateless Signcryption in the Standard Model , 2017, Wireless Personal Communications.

[59]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[60]  Chiara Petrioli,et al.  AGREE: exploiting energy harvesting to support data-centric access control in WSNs , 2013, Ad Hoc Networks.

[61]  Xiaoyuan Yang,et al.  Attribute-Based Signcryption Scheme with Non-monotonic Access Structure , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[62]  Ashok Kumar Das,et al.  A novel and efficient user access control scheme for wireless body area sensor networks , 2014, J. King Saud Univ. Comput. Inf. Sci..

[63]  Aihan Yin,et al.  On security of a Certificateless Hybrid Signcryption Scheme , 2015, Wirel. Pers. Commun..

[64]  Sarah Underwood,et al.  Blockchain beyond bitcoin , 2016, Commun. ACM.

[65]  P. Ramya,et al.  Reliable Healthcare Monitoring System Using SPOC Framework , 2019 .

[66]  Brent Waters,et al.  Attribute-Based Encryption for Circuits from Multilinear Maps , 2012, CRYPTO.

[67]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[68]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[69]  Jingjing Zhao,et al.  Certificateless online/offline signcryption scheme , 2015, Secur. Commun. Networks.

[70]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[71]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[72]  Yi Mu,et al.  On the security of a certificateless signcryption scheme , 2013, 2014 IEEE Workshop on Electronics, Computer and Applications.

[73]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[74]  Aijun-J. Ge,et al.  Attribute-based Signature Scheme with Constant Size Signature ⋆ , 2012 .

[75]  Ye Tian,et al.  An Attribute-Based Encryption Scheme with Revocation for Fine-Grained Access Control in Wireless Body Area Networks , 2014, Int. J. Distributed Sens. Networks.

[76]  Yan Leng,et al.  Data Storage Mechanism Based on Blockchain with Privacy Protection in Wireless Body Area Network , 2019, Sensors.

[77]  Ming Luo,et al.  Certificateless Hybrid Signcryption Scheme with Known Session-Specific Temporary Information Security , 2017, Int. J. Netw. Secur..

[78]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[79]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[80]  Ingrid Moerman,et al.  A survey on wireless body area networks , 2011, Wirel. Networks.

[81]  Zhiguang Qin,et al.  Revocable and Scalable Certificateless Remote Authentication Protocol With Anonymity for Wireless Body Area Networks , 2015, IEEE Transactions on Information Forensics and Security.

[82]  Kyung Sup Kwak,et al.  Certificateless Remote Anonymous Authentication Schemes for WirelessBody Area Networks , 2014, IEEE Transactions on Parallel and Distributed Systems.

[83]  Xiaofeng Chen,et al.  Efficient online/offline signcryption without key exposure , 2013, Int. J. Grid Util. Comput..