Internet of Things (IoT) is playing a promising role in e-healthcare applications in the recent decades; nevertheless, security is one of the crucial challenges in the current field of study. Many healthcare devices (for instance, a sensor-augmented insulin pump and heart-rate sensor) collect a user’s real-time data (such as glucose level and heart rate) and send them to the cloud for proper analysis and diagnosis of the user. However, the real-time user’s data are vulnerable to various authentication attacks while sending through an insecure channel. Besides that, the attacks may further open scope for many other subsequent attacks. Existing security mechanisms concentrate on two-party mutual authentication. However, an IoT-enabled healthcare application involves multiple parties such as a patient, e-healthcare test-equipment, doctors, and cloud servers that requires multi-party authentication for secure communication. Moreover, the design and implementation of a lightweight security mechanism that fits into the resource constraint IoT-enabled healthcare devices are challenging. Therefore, this article proposes a lightweight, multi-party authentication and key-establishment protocol in IoT-based e-healthcare service access network to counter the attacks in resource constraint devices. The proposed multi-party protocol has used a lattice-based cryptographic construct such as Identity-Based Encryption (IBE) to acquire security, privacy, and efficiency. The study provided all-round analysis of the scheme, such as security, power consumption, and practical usage, in the following ways. The proposed scheme is tested by a formal security tool, Scyther, to testify the security properties of the protocol. In addition, security analysis for various attacks and comparison with other existing works are provided to show the robust security characteristics. Further, an experimental evaluation of the proposed scheme using IBE cryptographic construct is provided to validate the practical usage. The power consumption of the scheme is also computed and compared with existing works to evaluate its efficiency.

中文翻译：

---

基于物联网的电子医疗服务中的轻量级多方认证和密钥协商协议

近几十年来，物联网 (IoT) 在电子医疗保健应用中发挥着重要作用；然而，安全是当前研究领域的关键挑战之一。许多医疗保健设备（例如，传感器增强型胰岛素泵和心率传感器）收集用户的实时数据（例如葡萄糖水平和心率）并将其发送到云端，以便对用户进行适当的分析和诊断。然而，实时用户的数据在通过不安全的通道发送时容易受到各种身份验证攻击。除此之外，这些攻击可能会进一步扩大许多其他后续攻击的范围。现有的安全机制集中在两方相互认证。但是，支持物联网的医疗保健应用程序涉及多方，例如患者、电子医疗保健测试设备、医生、以及需要多方身份验证以进行安全通信的云服务器。此外，适合资源限制的支持物联网的医疗保健设备的轻量级安全机制的设计和实施具有挑战性。因此，本文在基于物联网的电子医疗服务接入网络中提出了一种轻量级的多方认证和密钥建立协议，以应对资源受限设备中的攻击。提议的多方协议使用了基于格的加密结构，例如基于身份的加密 (IBE) 来获得安全性、隐私性和效率。研究从以下几个方面对方案进行了全方位的分析，如安全性、功耗和实际使用。提议的方案通过正式的安全工具 Scyther 进行了测试，证明协议的安全属性。此外，还提供了针对各种攻击的安全性分析以及与其他现有工作的比较，以显示强大的安全特性。此外，还提供了使用 IBE 密码结构对所提出方案的实验评估，以验证实际使用情况。还计算了该方案的功耗，并与现有工作进行了比较，以评估其效率。