Research On Authentication And Key Agreement Protocol Of Smart Medical In Multi-Server Environment

New generation information technologies such as 5G,artificial intelligence,edge computing and blockchain are flourishing to empower the Smart Medical industry,which has broken the constraints of time and space among patients,doctors and medical institutions and realized medical services such as the remote healthcare,online monitoring and diagnosis,and preventive healthcare.In the face of the sudden COVID-19 epidemic,China has taken comprehensive and active prevention to control that in time.That reflects the importance of the informatization and intelligence in national major public health and medical health.In smart medical applications,due to the sensitivity and fragility of health information,limited terminal resources,dynamic changes in network topology and other characteristics,the system is faced with many security threats and privacy disclosure risks.With the increase of user amount and the diversification of service requirements in the smart medical system,security and privacy issues in multi-server environment will become more prominent.Therefore,research on security and privacy protection in smart medical scenarios will be an important basis for ensuring the rapid development of Smart Medical.In order to ensure the security and privacy protection in smart medical system,this thesis takes the identity authentication and key agreement mechanism(AKA)that works as the first threshold to ensure information security as the research object.Starting with the practical demand of ensuring functionality,improving performance and efficiency,fully considering limited terminal resources,users switch among multiple servers and the inherent properties of the scenario and using cryptography,blockchain and broadcast authentication as technological means,it studies the security authentication and key agreement mechanism in smart medical scenarios,especially in multi-server environments.In this thesis,the authentication and key agreement mechanism suitable for resource-constrained scenarios is first studied with the focus on how to reduce the computing overhead of the client and achieve conditional privacy protection,which provides a technical basis for authentication in multi-server environment.Next,the switching authentication and key agreement mechanism in multi-server environment is studied,focusing on the authentication cost and security of user authentication between multiple servers,which provides theoretical support for efficient switching authentication between multiple servers.Finally,the adaptive authentication and key agreement mechanism in multi-server environment is studied,focusing on the consistency and real-time of authentication to ensure that the authentication cost does not increase linearly with the increase of the number of servers to be authenticated.The research in this thesis will provide efficient and feasible solutions for data security and privacy protection in smart medical.The main research contents and contributions of this thesis are summarized as follows:(1)For the limited computing,storage and communication capabilities of Internet of Things devices and conditional privacy protection requirements,this thesis proposes a conditional privacy protection authentication and key agreement scheme with transferable computing tasks in smart medical scenarios.First,partial computational tasks on the Internet of Things terminal are transferred to the resource-rich server,which effectively solves the bottleneck problem brought by constrained resources of the terminal.Second,the authentication and key agreement is achieved without an online registration authority,not only reducing the system’s over-dependence on registration authority effectively but also improving the authentication efficiency.In addition,the scheme realizes conditional privacy protection,which can protect the user’s identity and other private information,but also be able to detect and track malicious users in time.Finally,the security and performance analysis show that this scheme can meet the security requirements of smart medical system,resist various common attacks,and has higher authentication efficiency than other related schemes.(2)In terms of the problem that the cost of user authentication increases linearly with the number of servers in smart medical system under multi-server environment,this thesis proposes a blockchain-assisted secure switching authentication and key agreement scheme.In this thesis,the user only needs to register once to flexibly select the appropriate server for authentication while the authenticated server can assist the subsequent authentication,which effectively reduces the communication and computing costs of the user.Utilizing the blockchain technology and the strong anonymous mechanism,strict privacy protection is realized thus any entity,including the server itself,cannot obtain the user’s real identity.Experimental results show that the scheme can meet the security requirements and has advantages in computing and communication costs.(3)Aiming at the problems of high cost,low efficiency and low expansibility of traditional authentication schemes in multi-server environment,this thesis studies the adaptive switching authentication and key agreement protocol for multi-server environment to ensure the consistency and real-time switching authentication of users in multi-server environment.Specifically,the user can authenticate with other servers with simple operations after completing initial authentication,which improves authentication efficiency and ensures real-time authentication.By introducing the broadcast mechanism,this scheme avoids the complicated process of service provider selection,effectively reducing the computing cost on the user side.In addition,based on the certificateless public key cryptosystem,this scheme not only solves the complex certificate management problem,but also overcomes the key escrow issue.