在智能医疗场景中,病人需佩戴各种传感医疗设备,传感医疗设备会在检测过程中收集病人的心率、呼吸频率、脉搏等生理和医疗信息,并将这些医疗信息传输到云服务器,但日益增长的数据量在传输过程中必会带来额外的通信开销和传输时延,若发生数据窃取和窜改,将会造成难以控制的后果.除此之外,近年来量子计算技术飞速发展,基于经典公钥密码体系的公共网络基础设施的安全性面临巨大挑战,保障量子安全已具有现实意义.由此,提出了一个能够抵抗量子计算攻击并适用于智能医疗的基于身份认证密钥协商协议,避免部署公钥基础设施(public key infrastructure,PKI),并证明其在改进的ID-BJM模型下是安全的,其安全性可以归约到环上带误差学习(ring learning with errors,RLWE)问题的难解性.所提协议通过两轮信息交互实现了隐式认证,且可保护自身设备的身份信息,并可抵抗信号泄露攻击,保证在数据传输过程中的安全性,与其他相关的格上基于身份认证密钥协商协议方案相比,在安全性或执行效率方面更具优势.
Anonymous identity-based authenticated key agreement protocol for smart healthcare
In the smart healthcare scenario,patients need to wear a variety of sensing medical devices,which will collect the patient's heart rate,respiratory rate,pulse and other physiological and medical information during the detection process,and transmit this medical information to the cloud server.However,the increasing amount of data in the transmission process will inevitably bring additional communication cost and transmission delay.In case of data theft and tampering,the consequences will be difficult to control.In addition,with the rapid development of quantum computing technology in recent years,the securi-ty of public network infrastructure based on classical public key cryptography system faces great challenges,and ensuring quan-tum security has practical significance.Therefore,this paper proposed an identity-based key agreement protocol that could resist quantum computing attacks and was suitable for smart healthcare,avoided the deployment of PKI,and proved that it is secure under the improved ID-BJM model.The security could be reduced to the difficulty of the RLWE problem.The proposed protocol realized implicit authentication through two rounds of information interaction,protected the identity information of its own device,and could resist signal leakage attacks to ensure the security in the process of data transmission.Compared with other related on-lattice authentication key agreement protocol schemes,it has more advantages in security and execution efficiency.
万方数据
维普
