Page 71 - IJEEE-2023-Vol19-ISSUE-1
P. 71
Fareed & Yassin | 67
V. SECURITY ANALYSIS authentication, resulting in speed and security in response
and privacy preservation.
This section uses the CK thread model to analyze the
proposed system security [13-18]. Then, we show how the • Attack resistance: We could argue that any attack is
proposed protocol improves privacy and security compared positive if an adversary locates any technique to run
to the related works. several malicious attacks, such as impersonation, Man-In-
The-Middle (MITM), and insider attacks [20]. Most of all,
There are types of security considerations that must be an impersonation attack has a direct relationship with
considered while designing a secure system. Therefore, a mutual authentication; the adversary needs a private key
particular function was used to assess the solution against ( 9:!"" ), then the decrypted based on [ A3B(! =
other available decentralized options. Results of the >CD(*$%%(REQ_EHR)]. So, the proposed system could
comparison are reported in Table II; furthermore, it can be prevent impersonation attacks. Additionally, the MITM
seen from the Table of benefits that our system provides attack works in the same manner as active eavesdropping;
identity anonymity and authentication and superior privacy when the 3<<& sends data to another 3<<, it encrypts
protection and communication security. the data with the public key of the receiving center.
• Scalability: Decentralized authentication requires Therefore, our proposed system resists MITM, dictionary,
impersonate, sniffing, hijacking, and eavesdropping
scalability as one of the most important security features. attacks because an adversary cannot access any benefits
Due to the time delay characteristics of decentralized from exchanged parameters between 3<<& 0P. 3<<'.
authentication, considerable resources and time are
consumed if 3<<1 complete patient authentication TABLE II
through transactions. In the system designed in this paper, PRIVACY AND SECURITY FEATURE COMPARISON.
3<<1 only needs to complete the corresponding public - [18] [19] [7] [8] [20] Proposed
keys on the 2>< during the healthcare phase, then search
the keys on the 2>< to complete the identity Mutual O O OO O O
authentication. For scalability requirements, this solution authentication O O XX X O
can be well adapted. Privacy - - OO O O
• Privacy preservation: Basic privacy protection refers to preservation
preserving data stored in 3<<1. Since all data stored is Scalability
encrypted, an attacker is unable to read it when he accesses
the system. Therefore, only public keys for 3<<1 are Communication O O OO O O
stored, in addition to the keys in the 2><. security X X XX X O
• Communication security: The data transmitted through Secure !"!#
the communication media is secure, because when the
3<<& sends a request to the 2><, the encrypted data is Attack resistance X X XX X O
under the 2><'1 public key. Additionally, when the
3<<& sends data to another 3<< , it encrypts the data VI. PERFORMANCE EVALUATION
with the public key of the receiving center.
• Mutual authentication: 3<<& is authenticated by • Computation Result
3<<' based on 97!"" , 9:!"" and crypto-hash
function, which is a message from 3<<& @- 3<<' vice There are three phases in the proposed protocol: The
versa. The 3<<& in the proposed system could initialization phase, registration phase, and ABAC phase.
authenticate only the legal 3<<' because an adversary With the proposed protocol, we will focus on the calculation
would need to use the private key (9:!""# ), then the needs of the DGDB phase, since this is the most commonly
received information is decrypted based on [A3B(! = utilized phase. To facilitate computation analysis, we define
>CD(*$%%# (REQ_EHR)]; if it is identical, then 3<<' is the computational requirements of a Schnorr Signcryption
a trusted party. 3<<' , after updating the received W5678, Schnorr verification W95678, respectively, and a one-
A3B(! requests the 97!""& from 2>< and resends way hash function as W:, but do not consider the overhead of
JAKA3B(! = AJ<(+$%%& (UPDATE (A3B(! )) to the exclusive-or operations as X? which requires a
3<<& . 3<<& received and computed JA3B(! = comparatively relatively low overhead than any other
>CD(*$%%& (U_EHR) if the result is actual, then 3<<& operations [21]. Table IV shows the computational overhead
can now be considered a trusted party. based on Table III.
• SecureMNMO: Decentralized data storage, as patients'
A3B1 are stored only in the 3<< where they are TABLE III
registered. Furthermore, all parties through which data is COMPUTATION COST RESULT.
exchanged are reliable, as explained in the mutual
Operation General Meaning Time
%&'()')*(&
$? Exclusive-OR operation
$( 0.005
$) Mathematical operation 0.08
$*+,-(2$) + 2$() One-way hash function 0.17
$.*+,-(1$) + 1$() Schnorr Signcryption 0.085
Schnorr Usigncryption