Secure authentication for remote patient monitoring withwireless medical sensor networks

There is broad consensus that remote health monitoring will benefit all stakeholders in the healthcare system and that it has the potential to save billions of dollars. Among the major concerns that are preventing the patients from widely adopting this technology are data privacy and security. Wireless Medical Sensor Networks (MSNs) are the building blocks for remote health monitoring systems. This paper helps to identify the most challenging security issues in the existing authentication protocols for remote patient monitoring and presents a lightweight public-key-based authentication protocol for MSNs. In MSNs, the nodes are classified into sensors that report measurements about the human body and actuators that receive commands from the medical staff and perform actions. Authenticating these commands is a critical security issue, as any alteration may lead to serious consequences. The proposed protocol is based on the Rabin authentication algorithm, which is modified in this paper to improve its signature signing process, making it suitable for delay-sensitive MSN applications. To prove the efficiency of the Rabin algorithm, we implemented the algorithm with different hardware settings using Tmote Sky motes and also programmed the algorithm on an FPGA to evaluate its design and performance. Furthermore, the proposed protocol is implemented and tested using the MIRACL (Multiprecision Integer and Rational Arithmetic C/C++) library. The results show that secure, direct, instant and authenticated commands can be delivered from the medical staff to the MSN nodes. © 2016 by the authors; licensee MDPI, Basel, Switzerland

A cost-effective identity-based signature scheme for vehicular ad hoc network using hyperelliptic curve cryptography

A Vehicular Ad Hoc Network (VANET) is a subset of the Mobile Ad Hoc Network (MANET) that allows vehicles to communicate with each other and with roadside stations to offer efficient and safe transportation. Furthermore, when VANET is used in connection with the Internet of Things (IoT) devices and sensors, it can help with traffic management and road safety by allowing vehicles to interact with one another at any time and from any location. Since VANET's event-driven communications are carried out via an open wireless channel, there are significant security concerns. In this paper, we use Hyperelliptic Curve Cryptography (HECC) to offer a cost-effective identity-based signature for secure communication over VANET. The proposed scheme does not need certificate management, and we found that it is more secure against a variety of cryptographic threats after conducting a thorough security analysis. In addition, comparisons of communication and computational costs are made, demonstrating that the proposed scheme is more efficient in both respects than existing schemes

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

Lightweight Encryption Based Security Package for Wireless Body Area Network

As the demand of individual health monitoring rose, Wireless Body Area Networks (WBAN) are becoming highly distinctive within health applications. Nowadays, WBAN is much easier to access then what it used to be. However, due to WBAN’s limitation, properly sophisticated security protocols do not exist. As WBAN devices deal with sensitive data and could be used as a threat to the owner of the data or their family, securing individual devices is highly important. Despite the importance in securing data, existing WBAN security methods are focused on providing light weight security methods. This led to most security methods for WBAN providing partial security protocols, which left many possibilities in compromising the system. This paper proposes full security protocol designed for wireless body area networks consisting of light weight data encryption, authentication, and re-keying methods. Encryption and authentication use a modified version of RSA Encryption called PSRSA, developed to be used within small systems such as WBAN. Authentication is performed by using encryption message authentication code (E-MAC) using PSRSA. Rekeying is performed with a method called tokening method. The experiment result and security analysis showed that the proposed approach is as light as the leading WBAN authentication method, ECC authentication, while preventing more attacks and providing smaller communication size which fulfills the highest NIST Authentication Assurance Level (AAL)