An Efficient and Secure Revocation-Enabled Attribute-Based Access Control for eHealth in Smart Society

The ever-growing ecosystem of the Internet of Things (IoT) integrating with the ever-evolving wireless communication technology paves the way for adopting new applications in a smart society. The core concept of smart society emphasizes utilizing information and communication technology (ICT) infrastructure to improve every aspect of life. Among the variety of smart services, eHealth is at the forefront of these promises. eHealth is rapidly gaining popularity to overcome the insufficient healthcare services and provide patient-centric treatment for the rising aging population with chronic diseases. Keeping in view the sensitivity of medical data, this interfacing between healthcare and technology has raised many security concerns. Among the many contemporary solutions, attribute-based encryption (ABE) is the dominant technology because of its inherent support for one-to-many transfer and fine-grained access control mechanisms to confidential medical data. ABE uses costly bilinear pairing operations, which are too heavy for eHealth’s tiny wireless body area network (WBAN) devices despite its proper functionality. We present an efficient and secure ABE architecture with outsourcing intense encryption and decryption operations in this work. For practical realization, our scheme uses elliptic curve scalar point multiplication as the underlying technology of ABE instead of costly pairing operations. In addition, it provides support for attribute/users revocation and verifiability of outsourced medical data. Using the selective-set security model, the proposed scheme is secure under the elliptic curve decisional Diffie–Hellman (ECDDH) assumption. The performance assessment and top-ranked value via the help of fuzzy logic’s evaluation based on distance from average solution (EDAS) method show that the proposed scheme is efficient and suitable for access control in eHealth smart societies.

A Batch Authentication Design to Protect Conditional Privacy in Internet of Vehicles

Internet of vehicles (IoV), a novel technology, holds paramount importance within the transportation domain due to its ability to increase traffic efficiency and safety. Information privacy is of vital importance in IoV when sharing information among vehicles. However, due to the openness of the communication network, information sharing is vulnerable to potential attacks, such as impersonation, modification, side-channel and replay attacks, and so on. In order to resolve the aforementioned problem, we present a conditional privacy-preserving batch authentication (CPPBA) scheme based on elliptic curve cryptography (ECC). The proposed scheme avoids the certificate management problem, conducing to efficiency improvement. When a message is transmitted by a vehicle, its pseudo identity rather than the real identity is also broadcasted along with the shared message, which protects the privacy of the vehicle’s identity. But this privacy is conditional because TA and only the TA can reveal the real identity of the vehicle by tracing. The proposed scheme is batch verifiable, which reduces the computation costs. In addition, our scheme does not involve bilinear pairing operations and does not use the map-to-point hash function, thus making the verification process more effective. An exhaustive efficiency comparison has been carried to show that the proposed CPPBA scheme has lower computation, communication, and storage overheads than the state-of-the-art ones. A relatively comprehensive security analysis has also been carried, which not only shows that the signature design in the CPPBA scheme is unforgeable under the random oracle model but also illustrates that the CPPBA scheme is resistant to various potential attacks. The security is also verified by a popular automated simulation tool, that is, AVISPA.

Broadcast Proxy Reencryption Based on Certificateless Public Key Cryptography for Secure Data Sharing

Broadcast proxy reencryption (BPRE), which combines broadcast encryption (BE) and proxy reencryption (PRE), is a technology used for the redistribution of data uploaded on the cloud to multiple users. BPRE reencrypts data encrypted by the distributor and then uploads it to the cloud into a ciphertext that at a later stage targets multiple recipients. As a result of this, flexible data sharing is possible for multiple recipients. However, various inefficiencies and vulnerabilities of the BE, such as the recipient anonymity problem and the key escrow problem, also creep into BPRE. Our aim in this study was to address this problem of the existing BPRE technology. The partial key verification problem that appeared in the process of solving the key escrow problem was solved, and the computational efficiency was improved by not using bilinear pairing, which requires a lot of computation time.

A characterization of alternating links in thickened surfaces

We use an extension of Gordon–Litherland pairing to thickened surfaces to give a topological characterization of alternating links in thickened surfaces. If $\Sigma$ is a closed oriented surface and $F$ is a compact unoriented surface in $\Sigma \times I$ , then the Gordon–Litherland pairing defines a symmetric bilinear pairing on the first homology of $F$ . A compact surface in $\Sigma \times I$ is called definite if its Gordon–Litherland pairing is a definite form. We prove that a link $L$ in a thickened surface is non-split, alternating, and of minimal genus if and only if it bounds two definite surfaces of opposite sign.

Privacy-Preserving Scheme in the Blockchain Based on Group Signature with Multiple Managers

Group signature can provide the privacy-preserving authentication mechanism for the blockchain. In the traditional blockchain privacy-preserving scheme based on the group signature, there is only one group manager to revoke the anonymity. Thus, the traditional scheme will have single point of failure and key escrow problems. To solve these problems, we propose a privacy-preserving scheme in the blockchain based on the group signature with multiple managers. Our scheme is constructed based on bilinear pairing and the technique of distributed key generation. Finally, we analyze the application of the proposed scheme in the field of blockchain-based provable data possession (PDP), as well as the correctness and security of the scheme.

A Lightweight Proxy Re-Encryption Approach with Certificate-Based and Incremental Cryptography for Fog-Enabled E-Healthcare

Cloud computing aims to provide reliable, customized, and quality of service (QoS) guaranteed dynamic computing environments for end-users. However, there are applications such as e-health and emergency response monitoring that require quick response and low latency. Delays caused by transferring data over the cloud can seriously affect the performance and reliability of real-time applications. Before outsourcing e-health care data to the cloud, the user needs to perform encryption on these sensitive data to ensure its confidentiality. Conventionally, any modification to the user data requires encrypting the entire data and calculating the hash of the data from scratch. This data modification mechanism increases communication and computation costs over the cloud. The distributed environment of fog computing is used to overcome the limitations of cloud computing. This paper proposed a certificate-based incremental proxy re-encryption scheme (CB-PReS) for e-health data sharing in fog computing. The proposed scheme improves the file modification operations, i.e., updation, deletion, and insertion. The proposed scheme is tested on the iFogSim simulator. The iFogSim simulator facilitates the development of models for fog and IoT environments, and it also measures the impact of resource management techniques regarding network congestion and latency. Experiments depict that the proposed scheme is better than the existing schemes based on expensive bilinear pairing and elliptic curve techniques. The proposed scheme shows significant improvement in key generation and file modification time.