ABSTRACT
With the development of telecare medical information system (TMIS), doctors and patients are able to access useful medical services via 5G wireless communications without visiting the hospital in person. Unfortunately, TMIS should have the essential security properties, such as anonymity, mutual authentication, and privacy, since the patient’s data is transmitted via a public channel. Moreover, the sensing devices deployed in TMIS are resource-limited in terms of communication and computational costs. Thus, we design a physically secure privacy-preserving scheme using physical unclonable functions (PUF) in TMIS, called PUF-PSS to resolve the security requirements and efficiency of the existing related schemes. PUF-PSS prevents the security threats and also guarantees anonymity, key freshness, and authentication. We evaluate the security of PUF-PSS by performing formal and informal security analyses, including AVISPA implementation and ROR oracle model. We perform the test bed experiments utilizing well-known MIRACL based on a Raspberry PI 4 and compare the communication and computational costs of PUF-PSS with the previous schemes for TMIS. Consequently, PUF-PSS guarantees better efficiency and security than previous schemes and can be applied to TMIS environments.
ABSTRACT
With accelerated advances in various technologies, drones, better known as unmanned aerial vehicles (UAVs), are increasingly commonplace and consequently have a more pronounced impact on society. For example, Internet of Drones (IoD), a new communication paradigm offering fundamental navigation assistance and access to information, has widespread applications ranging from agricultural drones in farming to surveillance drones in the COVID-19 pandemic. The increasingly prominent role of IoD in our society also reinforces the importance of securing such systems against various data privacy and security threats. Operationally, it can be challenging to adopt conventional off-the-shelf security products in an IoD system due to the underpinning characteristics of drones (e.g., dynamic and open communication channel). Therefore, in this paper we propose a lightweight and privacy-preserving mutual authentication and key agreement protocol, hereafter referred to as PMAP. The latter uses physical unclonable function (PUF) and chaotic system to support mutual authentication and establish a secure session key between communication entities in the IoD system. To be specific, PMAP consists of two schemes, namely: PMAPD2Z (that mutually authenticates drone and Zone Service Provider (ZSP) and establishes secure session keys) and PMAPD2D (that mutually authenticates drones and establishes secure session keys). In addition, PMAP supports conditional privacy-preserving so that the genuine identity of drones can only be revealed by trusted ZSPs. We evaluate the security of PMAP using AVISPA, as well as provide formal and informal security analysis to show the resilience of PMAP against various security attacks. We also evaluate the performance of PMAP through extensive experiments and compare its performance with existing AKA and IBE-Lite schemes, whose findings show that PMAP achieves better performance in terms of computation cost, energy consumption, and communication overhead. IEEE
ABSTRACT
Nowadays, the Internet of Things (IoT) has an astonishingly societal impact in which healthcare services stand out. Amplified by the COVID-19 pandemic scenario, challenges include the development of authenticatable smart IoT devices with the ability to simultaneously track people and sense in real-time human body temperature aiming to infer a health condition in a contactless and remote way through user-friendly equipment such as a smartphone. Univocal smart labels based on quick response (QR) codes were designed and printed on medical substrates (protective masks and adhesive) using flexible organic-inorganic luminescent inks. Luminescence thermometry and physically unclonable functions (PUFs) are simultaneously combined allowing non-contact temperature detection, identification, and connection with the IoT environment through a smartphone. This is an intriguing example where luminescent inks based on organic-inorganic hybrids modified by lanthanide ions are used to fabricate a smart label that can sense temperature with remarkable figures of merit, including maximum thermal sensitivity of Sr=1.46 %K-1 and temperature uncertainty of dT=0.2 K, and accuracy, precision, and recall of 96.2%, 98.9%, and 85.7%, respectively. The methodology proposed is feasibly applied for the univocal identification and mobile optical temperature monitoring of individuals, allowing the control of the access to restricted areas and the information transfer to medical entities for post medical evaluation towards a new generation of mobile-assisted eHealth (mHealth). Author