Page 78 - 2023-Vol19-Issue2
P. 78
74 | Hamed & Yassin
• Step3. Wi sends his login request < IDA' Wi , EH(Wi), EWi >
to CHSk.
• Step4. In the Cloud Healthcare server side, CHSk veri-
fies patient’s login request as follows.
(a) IDWi =? IDA' Wi ; if so, CHSk restores random num-
ber by decrypting ri' = DecSKWi (EWi ).
(b) CHSk computes PWA'W' i = H(H(PWWi ) ? ri' )) and
compares between EHWi =? gAPWWi'' hri' modN. If so,
he accepts; CHSk sends challenge as verification
code (VC) to Wi. Where, VC represents SMS
message that is sent via mobile communication
channel.
• Step5. As a result, Wi retrieves verification code (VC’)
via his mobile phone number and computes CHWi =
H(CertWi ?VC'). Then, he replies CHWi to CHSk.
• Step6. CHSk computes CHW' i = H(CertWi ? VC') and
compares between CHWi =? CHW' i . If so, CHSk accepts
the user’s login request and allows him to use the re-
sources and services od system based on his privileges.
Otherwise, he rejects the login phase (see Fig. 3).
2) User Side Fig. 3. Login and authentication phase of patient.
The Ui wishes to login system for checking EHRWi of patient
based on his role and privileges. The details of main steps are (b) CHSk computes PWA''Ui = H(H(PWUi ) ? ri')) and
viewed as follows: compares between E(H(Ui)) =? gPWA''Ui hri' modN.
If so, CHSk generates and encrypts verification
• Step1. Ui ? CHSk : IDU' i , EHUi , EUi . Ui performs the
following computations: code (VCUi )EUi = EncSKUi (VCUi ) and generates
Quick Response Code QRUi that contains encrypted
(a) Ui enters his IDUi , PWUi and then generates ran- verification code (VCUi ) (see Fig. 2. Then, CHSk
Hdo(mIDnUuim),bPeWr rA'iU?i =ZnH* .(FHin(PalWlyU, iU)i?corim),pruetsepseIcDtivA' Ueliy=. sends (QRUi ) to Ui. Where, VCUi represents SMS
message that is sent by CHSk via mobile commu-
(b) Ui encrypts EUi = nEcnScKSUKi U(iP(WriA)'Uui )si=nggPsWyAm'UimhreitmriocdN
key and EHUi = HE nication channel.
, • Step3 . Ui ? CHSk : CHUi . Upon receiving this infor-
mation in Step 2, Ui computes:
which is based on homomorphic encryption.
(c) Ui sends his login request < ID'AUi , EHUi , EUi > to (a) He works on reading (QRUi ) using QR & Barcode
CHSk as a first factor. Scanner. After scanning step, he will get (EUi )
and decrypts VCU' i = DecSKUi (EUi ).
• Step2. CHSk ? Ui : QRUi . CHSk verifies patient’s login
request as follows: VVCCUU'' ii
(b) He computes CHUi = H(CertUi ? ). After
that, Ui computes SKUi = SKUi ? . Then,
(a) CHSk checks IDUi =? IDA' Ui ; if the verification of
nIDumUib=?erIbDyA' Udieicsrysupcticnegssrfi'u=l, CDHecSSkKrUeis(tEoUrei )s.random computes ECertUi = EncSKU' i (CertUi ).
(c) He sends the tuple < ECertUi ,CHUi > to CHSk.
