透過您的圖書館登入
IP:3.215.16.238
  • Journals

以屬性加密為基礎的輕量化雙向認證

A Lightweight mutual authentication based on Attribute-based Encryption

Abstracts


隨著物聯網(IoT)、5G與AI科技的發展,「智慧醫療」一詞其實就是將科技結合醫療,使得醫院開始在慢慢轉型,本研究以「智慧病房」為例,在於病房的布局上,讓所有連網的感測裝置與病患配對後,進行即時偵測,其中包含了量測病患血壓、脈搏、ECG…等相關生理訊號,然而部分數據屬於高度隱私,如果沒有透過好的加密與驗證機制,這些資料將有可能被洩漏出去或是被不正當的利用。本研究以屬性加密(Attribute-based Encryption)為主要架構,使用者可以選擇符合病患的屬性特徵以制定一些存取規則(Access policy),病患數據只能夠被某些符合其存取規則的特定使用者存取,其他無法滿足存取規則的使用者即使竊取到了數據,也因為透過加密而無法取得其明文內容。在完整驗證階段中以屬性加密為基礎,並在輕量化驗證階段,使用病患的生理數據與時間戳記作為seed,帶入PRNG產生隨機數,在這樣的情況下,僅有三方(病患、醫生、醫院Server)知道計算隨機數,使得有心人士就算竊取到了參數,也因為不知道隨機數該如何製作而無法完成驗證。並加入雜湊、XOR運算,使得整體加密與驗證更為完善。

Parallel abstracts


Recently, With the development of Internet of Things, 5G and AI, the term "smart medical" is actually the combination of technology and medical. Our study takes "smart wards" as an example, which lies in the layout of the wards On the above. After pairing all connected sensor devices with the patient, which includes the measurement of the patient's blood pressure, pulse, ECG... and other related physiological signals. However, some of the data is highly private. If there is no effective encryption and verification mechanism, these data may be leaked out or used improperly. Our study uses Attribute-based Encryption as the main framework. Users can choose to match the patient's attribute characteristics to formulate some access policies. Patient data can only be accessed by certain access rules. Access by a specific user. Even if other users steal the data, they cannot obtain the plaintext content through encryption. In complete verification phase, ABE is used as the basis, and in the lightweight verification phase, the patient's physiological data and timestamp are used as the seed, and the PRNG is used to generate random numbers. In this case, there are only three parties (patients, doctor, hospital server) know to calculate the random number, so that even if the others steal the parameter, they cannot complete the verification because they don't know how to make the random number. In addition, hash function and XOR operations are added to make the overall encryption and verification more complete.

References


Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., & Ayyash, M. (2015). Internet of things: A survey on enabling technologies, protocols, and applications. IEEE communications surveys & tutorials, 17(4), 2347-2376.
Mahmoud, R., Yousuf, T., Aloul, F., & Zualkernan, I. (2015, December). Internet of things (IoT) security: Current status, challenges and prospective measures. In 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) (pp. 336-341). IEEE.
Khemissa, H., & Tandjaoui, D. (2015, September). A Lightweight Authentication Scheme for E-health applications in the context of Internet of Things. In 2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies (pp. 90-95). IEEE.
Porambage, P., Schmitt, C., Kumar, P., Gurtov, A., & Ylianttila, M. (2014, April). Twophase authentication protocol for wireless sensor networks in distributed IoT applications. In 2014 IEEE Wireless Communications and Networking Conference (WCNC) (pp. 2728-2733). IEEE.
Shamir, A. (1984, August). Identity-based cryptosystems and signature schemes. In Workshop on the theory and application of cryptographic techniques (pp. 47-53). Springer, Berlin, Heidelberg.

Read-around