Page 76 - IJEEE-2022-Vol18-ISSUE-1
P. 76
72 | Hamed & Yassin
were compromised, according to the Protenus Breach as well as security analysis. Section 6 describes the
Barometer [1, 3-5]. performance results. Finally, section 7 denotes to the
As a result, security and privacy concerns must be addressed conclusion.
in order to prevent e-health data intrusions. To adequately
research how to protect e-healthcare systems, security II. PRIMITIVE TOOLS
challenges, and solutions must be recognized as referred to
previously. In more details, Electronic healthcare records A. Counter mode (CTR mode)
(EHRs) are a developing technology that plays an important
role in patient care. This is a medical service that allows Counter mode is also known as unsynchronized stream
patients to have medical appointments outside of hospitals, cipher mode, because the stream cipher is built from the
follow their health cases, review their medical tests, and do block cipher. Here we provide a self-contained description.
other medical tasks using their EHR system. Despite these To encrypt using CTR mode, first, choose a uniform value
benefits, studies in the literature highlight drawbacks ?????? ? {0,1}??. Then, by computing y?? := ????(ctr + i), where
associated with EHRs, which include disruptions to ?????? and ?? are integers and addition is modulo 2?? , a
protecting patient privacy and security. Supporting a system pseudorandom stream is formed. So, ???? ? ???? ? ???? is the
to authenticate patients in an electronic health record (EHR) ????h ciphertext block, and the ???? is transmitted as part of the
is a critical step for preventing various security risks from ciphertext once more. It's worth repeating that ?? doesn't have
gaining access to patients' identities and data. Existing to be invertible or even a permutation to be decrypted. The
authentication schemes continue to have security flaws. created stream may be trimmed to exactly the plaintext
Exchanging medical-related information or data between length. Preprocessing can be used to generate the
clients and servers exposes them to intrusion by attackers pseudorandom stream before the message is known, and the
since they can be transmitted across an unstable network [6- stateful variation of ?????? mode is secure, just like ??????
17]. mode, another "streamcipher" method. In contrast to the other
safe modes covered so far, the ?????? mode has the benefit of
In this paper, we present a secure scheme for being able to fully parallelize encryption and decryption
authenticating EHR patients and the Healthcare Center since all blocks of the pseudorandom stream may be
Server based on genuine member identities and verification calculated independently of one another. In contrast to ??????,
codes. To provide robust security while maintaining it is also possible to decipher the cipher text's ????h block using
satisfactory speed, the proposed work employs a lightweight just one ?? evaluation. If F is a pseudorandom function, then
crypto-hash function for the generation of One-Time ?????? mode is secure. ?????? mode is appealing because of
Passwords (OTP) and symmetric key encryption (Counter these qualities [18].
mode (CTR mode)). As a result, the major purpose of this
study is to conduct a strong authentication scheme to B. Crypto Hash Function
overcome issues in the previous works. Because current e-
healthcare systems often comprise of numerous components The process of turning a string of characters into a fixed-
(e.g., e-health data, medical devices, medical components length value or key that represents the original string is
(Ex. patients, doctors, employees), and cloud-health referred to as hashing. The hash function indexes the original
computing), there are several security risks faced these value or key and then accesses the data associated with that
components, and our solutions are focused on authentication value or key. These which are used in cryptography should
and privacy of patients represented the heart of healthcare be called "one-way hash functions" can use to figure out the
system. In addition, OTP-based authentication appears to be hash value for a given input. In the opposite way, it must be
one of the fastest-growing authentication technologies to impossible to find an input for a given value that has the same
prevents several malicious attacks such as MITM, Reply, hash value as that value (this is referred to as a one-way
Insider. The study demonstrate that the majority scheme of characteristic). The SHA-2 hash algorithm is used to encrypt
OTP-based authentication and key management solves the data such as passwords. SHA-2 is a fantastic technique to
problems associated with dynamic ID and password ensure the security of your data, but it takes a long time to
schemes, especially in healthcare systems. The proposed complete [19, 20].
scheme has good metrics like mutual authentication, user’s
anomaly, un-linkability. In practical side, the Scyther C.The One-Time Pad
security proof was used to demonstrate our scheme's high
security and resist malicious attacks. The proposed scheme In 1917, Vernam invented the one-time pad, a totally
has a good balances between the complexity of security and private encryption technique. There was no indication that
performance, can applied in healthcare system, and deals the proposal was absolutely hidden at the time Vernam
with real world data associated with the patient part. presented it; in fact, no one knew what perfect secrecy meant.
Shannon introduced the notion of complete secrecy and
The remainder of the article is arranged as follows: proved that the one-time pad delivers that degree of security
Section 2 describes the primitive tools. Section 3 shows the some 25 years later. Use of the pad just once The assumption
related work. Section 4 focused on the proposed scheme. behind the OTP is that the encryption key must be at least as
Section 5 includes formal analysis utilizing the Scyther tool lengthy as the plaintext message and comprised of really
random digits. Each letter of the plaintext is "added" to one
element from the OTP using modulo-addition. When the key
