Electronic healthcare (e-health) systems have received renewed interest, particularly in the current COVID-19 pandemic (e.g., lockdowns and changes in hospital policies due to the pandemic). However, ensuring security of both data-at-rest and data-in-transit remains challenging to achieve, particularly since data is collected and sent from less insecure devices (e.g., patients’ wearable or home devices). While there have been a number of authentication schemes, such as those based on three-factor authentication, to provide authentication and privacy protection, a number of limitations associated with these schemes remain (e.g., (in)security or computationally expensive). In this study, we present a privacy-preserving three-factor authenticated key agreement scheme that is sufficiently lightweight for resource-constrained e-health systems. The proposed scheme enables both mutual authentication and session key negotiation in addition to privacy protection, with minimal computational cost. The security of the proposed scheme is demonstrated in the Real-or-Random model. Experiments using Raspberry Pi show that the proposed scheme achieves reduced computational cost (of up to 89.9% in comparison to three other related schemes).

中文翻译：

---

基于物联网的电子医疗系统的隐私保护快速三因素身份验证和密钥协议


电子医疗保健 (e-health) 系统重新引起了人们的兴趣，特别是在当前的 COVID-19 大流行中（例如，由于大流行而导致的医院政策的封锁和变化）。然而，确保静态数据和传输中数据的安全性仍然具有挑战性，特别是因为数据是从不太不安全的设备（例如患者的可穿戴设备或家用设备）收集和发送的。虽然已经存在多种认证方案，例如基于三因素认证的方案来提供认证和隐私保护，但与这些方案相关联的许多限制仍然存在（例如，安全性或计算成本昂贵）。在本研究中，我们提出了一种保护隐私的三因素认证密钥协商方案，该方案对于资源受限的电子医疗系统来说足够轻量级。所提出的方案除了隐私保护之外还能够以最小的计算成本实现相互认证和会话密钥协商。所提出方案的安全性在真实或随机模型中得到证明。使用 Raspberry Pi 进行的实验表明，所提出的方案降低了计算成本（与其他三个相关方案相比，计算成本降低高达 89.9%）。