A Smart Card-Based Two-Factor Mutual Authentication Scheme for Efficient Deployment of an IoT-Based Telecare Medical Information System.

The integration of the Internet of Things (IoT) and the telecare medical information system (TMIS) enables patients to receive timely and convenient healthcare services regardless of their location or time zone. Since the Internet serves as the key hub for connection and data sharing, its open nature presents security and privacy concerns and should be considered when integrating this technology into the current global healthcare system. Cybercriminals target the TMIS because it holds a lot of sensitive patient data, including medical records, personal information, and financial information. As a result, when developing a trustworthy TMIS, strict security procedures are required to deal with these concerns. Several researchers have proposed smart card-based mutual authentication methods to prevent such security attacks, indicating that this will be the preferred method for TMIS security with the IoT. In the existing literature, such methods are typically developed using computationally expensive procedures, such as bilinear pairing, elliptic curve operations, etc., which are unsuitable for biomedical devices with limited resources. Using the concept of hyperelliptic curve cryptography (HECC), we propose a new solution: a smart card-based two-factor mutual authentication scheme. In this new scheme, HECC's finest properties, such as compact parameters and key sizes, are utilized to enhance the real-time performance of an IoT-based TMIS system. The results of a security analysis indicate that the newly contributed scheme is resistant to a wide variety of cryptographic attacks. A comparison of computation and communication costs demonstrates that the proposed scheme is more cost-effective than existing schemes.

An Efficient and Conditional Privacy-Preserving Heterogeneous Signcryption Scheme for the Internet of Drones.

The Internet of Drones (IoD) is a network for drones that utilizes the existing Internet of Things (IoT) infrastructure to facilitate mission fulfilment through real-time data transfer and navigation services. IoD deployments, on the other hand, are often conducted in public wireless settings, which raises serious security and privacy concerns. A key source of these security and privacy concerns is the fact that drones often connect with one another through an unprotected wireless channel. Second, limits on the central processing unit (CPU), sensor, storage, and battery capacity make the execution of complicated cryptographic methods onboard a drone impossible. Signcryption is a promising method for overcoming these computational and security limitations. Additionally, in an IoD setting, drones and the ground station (GS) may employ various cryptosystems in a particular region. In this article, we offer a heterogeneous signcryption scheme with a conditional privacy-preservation option. In the proposed scheme, identity-based cryptography (IBC) was used by drones, while the public key infrastructure (PKI) belonged to the GS. The proposed scheme was constructed by using the hyperelliptic curve cryptosystem (HECC), and its security robustness was evaluated using the random oracle model (ROM). In addition, the proposed scheme was compared to the relevant existing schemes in terms of computation and communication costs. The results indicated that the proposed scheme was both efficient and secure, thereby proving its feasibility.

Enabling Secure Communication in Wireless Body Area Networks with Heterogeneous Authentication Scheme.

Thanks to the widespread availability of Fifth Generation (5G) wireless connectivity, it is now possible to provide preventative or proactive healthcare services from any location and at any time. As a result of this technological improvement, Wireless Body Area Networks (WBANs) have emerged as a new study of research in the field of healthcare in recent years. WBANs, on the one hand, intend to gather and monitor data from the human body and its surroundings; on the other hand, biomedical devices and sensors interact through an open wireless channel, making them exposed to a range of cyber threats. However, WBANs are a heterogeneous-based system; heterogeneous cryptography is necessary, in which the transmitter and receiver can employ different types of public key cryptography. This article proposes an improved and efficient heterogeneous authentication scheme with a conditional privacy-preserving strategy that provides secure communication in WBANs. In the proposed scheme, we employed certificateless cryptography on the client side and Identity-Based Cryptography on the receiver side. The proposed scheme employs Hyperelliptic Curve Cryptography (HECC), a more advanced variation of Elliptic Curve Cryptography (ECC). HECC achieves the same level of security with a smaller key size and a more efficient approach than its counterpart methods. The proposed scheme not only meets the security and privacy standards of WBANs but also enhances efficiency in terms of computation and communication costs, according to the findings of the security and performance analysis.

A Conditional Privacy Preserving Generalized Ring Signcryption Scheme for Micro Aerial Vehicles.

Micro Aerial Vehicles (MAVs) are a type of UAV that are both small and fully autonomous, making them ideal for both civilian and military applications. Modern MAVs can hover and navigate while carrying several sensors, operate over long distances, and send data to a portable base station. Despite their many benefits, MAVs often encounter obstacles due to limitations in the embedded system (such as memory, processing power, energy, etc.). Due to these obstacles and the use of open wireless communication channels, MAVs are vulnerable to a variety of cyber-physical attacks. Consequently, MAVs cannot execute complex cryptographic algorithms due to their limited computing power. In light of these considerations, this article proposes a conditional privacy-preserving generalized ring signcryption scheme for MAVs using an identity-based cryptosystem. Elliptic Curve Cryptography (ECC), with a key size of 160 bits, is used in the proposed scheme. The proposed scheme's security robustness has been analyzed using the Random Oracle Model (ROM), a formal security evaluation method. The proposed scheme is also compared in terms of computation cost, communication cost and memory overhead against relevant existing schemes. The total computation cost of the proposed scheme is 7.76 ms, which is 8.14%, 5.20%, and 11.40% schemes. The results show that the proposed scheme is both efficient and secure, proving its viability.

An Efficient and Provable Secure Certificate-Based Combined Signature, Encryption and Signcryption Scheme for Internet of Things (IoT) in Mobile Health (M-Health) System.

Mobile health (M-Health) system is the remote form of Wireless Body Area Networks (WBAN), which can be used for collecting patient's health data in real-time with mobile devices, and storing it to the network servers. The data can be accessed by doctors to monitor, diagnosed and treat patients through a variety of techniques and technologies. The main advantage of the M-Health system is the ease of time-independent communication from physically distant places that enhances the quality of healthcare services at a reduced cost. Furthermore, to provide faster access to the treatment of patients, an M-Health system can be integrated with the internet of things (IoT) to offer preventive or proactive healthcare services by connecting devices and persons. However, its equally great drawback lies in transmitting and receiving the health information wirelessly through an open wireless medium that offers different security and privacy violation threats. We aim to address such a deficiency, and thus a new scheme called an efficient and provable secure certificate-based combined signature, encryption and signcryption (CBCSES) scheme, has been proposed in this article. The scheme not only obtains encryption and signcryption but also provides encryption or signature model alone when needed. To show the effectiveness of the proposed scheme, detailed security analyses, i.e. indistinguishable under adaptive chosen-ciphertext attacks (IND-CBCSES-CCA) and unforgeable under adaptive chosen message attacks (EUF-CBCSES-CMA), and the comparisons with relevant existing schemes are carried out. The results obtained authenticate the superiority of our scheme in terms of both computation and communication costs with enhanced security.

An Online-Offline Certificateless Signature Scheme for Internet of Health Things.

The Internet of Health Things (IoHT) is an extended breed of the Internet of Things (IoT), which plays an important role in the remote sharing of data from various physical processes such as patient monitoring, treatment progress, observation, and consultation. The key benefit of the IoHT platform is the ease of time-independent interaction from geographically distant locations by offering preventive or proactive healthcare services at a lower cost. The communication, integration, computation, and interoperability in IoHT are provided by various low-power biomedical sensors equipped with limited computational capabilities. Therefore, conventional cryptographic solutions are not feasible for the majority of IoHT applications. In addition, executing computing-intensive tasks will lead to a slow response time that can deteriorate the performance of IoHT. We strive to resolve such a deficiency, and thus a new scheme has been proposed in this article, called an online-offline signature scheme in certificateless settings. The scheme divides the signing part into two phases, i.e., online and offline. In the absence of a message, the offline phase performs computationally intensive tasks, while lighter computations are executed in the online phase when there is a message. Security analyses and comparisons with the respective existing schemes are carried out to show the feasibility of the proposed scheme. The results obtained authenticate that the proposed scheme offers enhanced security with lower computational and communication costs.