RESUMO
The emerging Internet of Things (IoTs) and cloud technologies spark dramatic growth in efficiency and productivity for the conventional e-health sector. However, the extensive applications of the communication network also expose the sensitive medical data to the unprecedented cyber threats. To protect the data privacy in IoTs-based e-health cloud environments, we propose an adaptively secure data sharing scheme with traceability and equality test (T-ABEET). The T-ABEET not only allows flexible access control to the massive data but also provides the functionality of traitor tracing to identity the users who leak their decryption keys. Meanwhile, through carrying out the equality test, the target ciphertext can be retrieved efficiently without revealing anything about the plaintext. Particularly, distinct from previous traceable ABE works, the tracing cost in our T-ABEET scheme keeps constant even with the increasing number of users. Also, by introducing the multi-authority mechanism, our T-ABEET can avoid the inherent key escrow problem of ABE. Furthermore, our T-ABEET is demonstrated adaptively secure under subgroup decision assumption. Finally, performance comparison reveals that our T-ABEET has superior practicality, efficiency, and security in cloud-enabled e-health systems.
RESUMO
A security protocol for wireless transmission is essential to defend sensitive information from malicious enemies by providing a variety of facilities such as privacy of the user's information, secure session key, associated authentication, and user-repeal facility when a person's authorizations are suddenly disclosed. Singh et al. proposed an improved user authentication and key agreement system for wireless sensor networks (WSNs). Authors are sure that their protocol is secure from various attacks. Here, we find several security pitfalls in their scheme, such as an offline password-guessing attack, failure to protect the session key, and a man-in-the-middle attack. To remove the identified pitfalls found in Singh et al.'s scheme, we design an enhanced authentication scheme for WSNs tailored for IoT. We prove the reliability of our proposed protocol using the real or random (RoR) model. We also evaluate the proposed scheme with the associated schemes and show its superior efficacy as compared to its counterparts.
