Page 77 - IJEEE-2022-Vol18-ISSUE-1
P. 77
Hamed & Yassin | 73
is unknown, a cipher text is produced that has no relation to to address concerns that have arisen in the previous works.
the plaintext. At the receiving end, the same OTP is used to Because today's e-healthcare systems generally include
retrieve the original plaintext [21]. several components (e.g., e-health data, medical devices,
medical components, and cloud-health computing), security
III. RELATED WORKS threats and demands differ, and our solutions are centered on
patient authentication and privacy. Based on the foregoing
Several techniques have been presented to overcome the notions, we present an improved anonymous user
issues associated with cloud authentication and access authentication and key agreement approach for health
control. Currently, the practice of medicine applications has monitoring. In the following security analysis, we showed the
sparked an interest among researchers. One of the most security of our protocol using security analysis and the Syther
important topics addressed is the confidentiality of patient tool. The results of the performance comparison and
data, since the patient's data is private and confidential. efficiency analysis reveal that the proposed scheme provides
Similarly, the patient may wish to conceal their genuine a higher level of security while preserving computational
identity in order to preserve their privacy [4]. The authors of efficiency.
[22] covered numerous security needs, such as EHR storage
security, malicious code prevention, protected access rights IV. THE PROPOSED SCHEME
management, and other factors to secure the health
information system. However, they did not propose a feasible In this section, we present the strong healthcare
plan for a patient to move their EHR to a health information
system. We may envisage a scenario in which a hospital uses authentication scheme based on five phases: Setup,
just the aforementioned simple procedures to construct its
own health information system with no security mechanism. Registration, Login and Authentication, Healthcare, and key
Furthermore, under this method, it is not viable for each
patient to execute their own EHR exchange. In contrast, the management. Our work offers the healthcare scheme
authors of [4, 23-25] proposed that each patient's health
records might be portable and saved on a flash drive. This is permitting to six main elements: Cloud Healthcare Server
an interesting concept, but it is currently challenging to (??????), Key Generator Center (??????), Users (????), Patient (????),
execute. There are several security concerns to address, such Administrator (??????), and Doctor (????). The main goal of the
as portable device security and patient medical information current scheme is offered secure environment for exchanging
access privileges. More security methods, however, are components’ data of the proposed scheme. Additionally, this
required to address these types of security vulnerabilities. work has numerous benefits such as mutual authentication,
Furthermore, several patient authentication strategies for e-
health systems have been developed [26-30]. The systems in key management, password anonymity, as well as, can resist
[27, 28] were vulnerable to a user impersonation attack and
did not provide session key establishment with formal familiar malicious attacks such as insider, MITM, Reply,
security evidence. The authors of [3, 29] did not provide a
forward secrecy proof for the establishment of the session Impersonate, and other. The characters used in the current
key. For cloud-assisted wearable devices, Liu et al. [31]
advocated local and distant authentication. To achieve work are conversed in Table 1.
mutual authentication between wearable device and a TABLE 1
smartphone, the local authentication protocol employs a
hash-based selective disclosure method and a Chebyshev NOTATION USED IN THE PROSED SCHEM
chaotic map. Following local authentication, the cloud
performs remote authentication of the device using a yoking- Symbol Description
proof algorithm.
?????? Cloud Healthcare Server.
A mutual authentication procedure was developed in a
few investigations [32-34]. Based on Chebyshev chaotic ?????? Key Generator Center.
maps and Diffie–Hellman key exchange, Li et al. [35]
suggested a mutual authentication protocol and key ???? The user.
agreement technique. Only approved doctors and medical ???? Patient in the system.
personnel would have access to patients' health data acquired ?????? Administrator in the system.
by body sensors in the planned medical system. A digital
signature was also used to assure non-repudiation of the ???? Doctor in the system.
doctor's diagnosis. Cheng et al. [36] used blockchain to ? XOR operation.
bypass a mutual authentication scheme's reliance on a trusted
third party. MITM Man-In the middle attack.
CTR mode Counter mode.
As a result, the primary goal of this research is to develop
a robust authentication method based on cryptosystem tools ???????? Electronic healthcare record.
One-way hash function.
h(. ) Identity of patient ????.
Password of patient ????.
????????
???????? Verification code.
???? Shared key between ???? and ??????.
,????'',????' Output Feedback mode.
????????
??????
