Page 83 - 2023-Vol19-Issue2
P. 83

79 |                                                                                                        Hamed & Yassin

eavesdropping these parameters, the attacker will fail to enter                 • If the patient wishes to have medical treatments outside
the system.                                                                       of his healthcare center, the new institution CHSK' sends

• Ui sends (IDA' Ui , EH(Ui), EUi ) to CHSk.                                      (IDCHSK' , AEpk1) to HCA , where AEpk1 = AEncPUHCA
• CHSk sends QRU i to Ui.                                                         (CertWi ), IDAWi' , EAWi .

• Ui sends (ECertUi ,CHU itoCHSk).                                              • When HCA has received this message with IDCHSK' , it
                                                                                  can decrypt AEpk1 based on PrHCA to restore all pa-

Note: parameters are generated once for each admin’s                            rameters using (ADecPrHCAAEpk1). First, it can fetch
                                                                                tchoemrpaanrdeosmIDv'AaWliueanrdWi('I=DADWie?cSKrWWi (i'E),AWain)d.
login request. Accordingly, the proposed scheme is resistant                                                                                         Second, it
                                                                                                                                                     if they are
to eavesdropping.
                                                                                matched, it ensures from the authority of Wi and saves
Proposition 8. Our proposed scheme can withstand an
                                                                                the current parameters for usage in the next steps. Fi-
insider attack.
                                                                                nally, HCA sends (R, IDCHSk ) to CHSK' , where
    Proof. In our proposed scheme, when Ui wishes to reg-
ister with a cloud health server, he sends IDA' Ui , EH(Ui) in-                 R=  H  (HrW(ri'Wi'  CertWi    if Wi is registered
stead of IDUi , PWUi . Due to the utilization of the one-way                                        ? 0))   if Wi is not registered
hash function h(), it is difficult for the attacker to extract
                                                                                • CHSK' receives this message challenge, and it can ver-
the password of the user from the hashed value. In addi-                          ify the patient by comparing H(rWi ? CertWi ) with R.
                                                                                  When the above parameters are not valid, CHSK' notifies
tion, when the attacker wants to impersonate the valid user,                      the patient to register at a public healthcare center or

he needs to     forge a legal login request   parameter (IDA' Ui ,                checks his authority with his medical institution CHSk.
EH(Ui), EUi ),  in which IDA' Ui = H(IDUi ),  EHUi = HEncSKUi

(PWA'Ui ) = g(PWA'Ui )hri modN, EU i = EncSKUi (ri). However,                              V. PERFORMANCE ANALYSIS
the attacker will be unable to obtain the SKUi of the user and
                                                                                A. Computational Cost
will fail to forge such parameters.                                             The computational cost is used to calculate the proposed
                                                                                scheme’s temporal complexity. Table I compares the compu-
Proposition 9. Our proposed scheme provides key man-                            tational costs of the most significant similar schemes with that
                                                                                of our technique and compares our technique with other rele-
agement.                                                                        vant research. Table II compares important security features
                                                                                of the proposed approach with earlier efforts. Furthermore,
    Proof. The primary parties have agreed to produce a                         depending on [22], the processing times for the fundamen-
                                                                                tal functions are roughly as follows applying the following
shared key for each login request based on (SKUi , ri). When                    rules(see Fig. 10).
the patient successfully logs in, the primary parties (Ui,CHSk)
execute the following steps to implement this phase:

    • The user (Ui) computes SKUi = SKUi ? ri.

    • The (CHSk) side computes SKUi = SKUi ? ri'.

    Therefore, we notice that our work has key management
metric.

    Proposition 10. Our proposed scheme provides EHR
migration phase in secure manner.

    Proof. In this phase, the patient wishes to obtain medical
care in a given institution CHSK' , which will not necessarily
be the same institution that enrolled them earlier. In this paper
as following steps:

• Wi who possesses the secret factors can successfully
                   Hse(nIdDsW(iC),e(rItDWiA',WIiD='AWIiD, EAAWWi i?)
bring the factors                                                     to CHSk,
where rWi = ri ?                                                      rWi) and

the encrypted main parameter via his shared key EAWi =

EncSKWi (rWi).

• CHSk checks the CertWi with his index file; if it is found,                       Fig. 10. Computation cost comparison.
  Wi performs the main medical treatment in his institu-

  tion, the results report (RRWi ) should be added to the
  EHRWi by EHRUj directly.
   78   79   80   81   82   83   84   85   86   87   88