Research On Privacy Preserving Authentication Protocols In Healthcare Wireless Body Area Networks

With the continuous development of China's economy and living standards,the urbanization of our country enters the stage of high speed development,in which population aging is particularly prominent.The latest census shows that the population of the elderly in China is close to 300 million,and the related medical care has become a hot issue of social concern.As a result of the continuous development of wireless network technology and sensor technology,wireless body area network monitoring has come into being.The improvement of service quality of wireless body area network monitoring has important research value and practical significance.The wireless body area network is composed of various sensor nodes and personal smart devices.By deploying sensors around human body or on human body,we can collect physiological information of human body.Then,we can send the collected physiological information to the remote telemedicine terminal by personal smart device for diagnostic analysis.The application of wireless body area network in the medical field can not only enable patients to enjoy fast and professional medical diagnosis at home,but also well relieve the difficulty of medical treatment.Due to the privacy related information of patients are transmit in wireless body area network,and the wireless body area network is public,so we need to consider that how to protect user data confidentiality in the authentication mechanism.The patient sends the collected physiological information to the remote telemedicine terminal through the wireless network and then the remote telemedicine terminal firstly needs to authenticate the patient's identity and after that make a diagnosis based on received physiological information.At the same time,the telemedicine terminal only needs to provide professional medical services,and does not need to know the patient's privacy information,such as identity information,location and so on.Therefore,in the authentication mechanism of healthcare wireless body area network,it is necessary to consider certain security requirements,such as identity authentication,the protection of the patient's privacy information and so on.This thesis focuses on the study of privacy protection authentication protocol in healthcare wireless body area networks,the main work is reflected in the following two aspects:(1)This thesis proposes a traceable certificate less anonymous authentication protocol.First,the protocol uses certificateless online/offline signature to reduce user side overhead and improve the timeliness of signature.Then the user identity is calculated by using the primary key of third party.When a medical dispute occurs,a semi-trusted third party can track and reveal the true identity of the user by using its primary key.At the same time,batch authentication technology is used to improve the efficiency of remote Medicalcare provider verifying and the limitation for authention process.The proposed protocol can not only protect user data privacy,but also protect identity privacy.Finally,under the random oracle model,it is proved that the proposed scheme can resist the attack of the two kinds of adversaries.Simulation experiments show that our protocol can reduce the computation cost of users while meeting the security requirements.(2)This thesis combines elliptic curve cryptography and certificateless signature technology to propose a revocable certificate free anonymous authentication protocol,which can not only protect the user's data privacy,but also protect the identity privacy.Firstlly,the time key is adopted in the protocol.The complete key of the users and remote medicalcare provider are divided into three separate parts:the selected random number,the partial private key of the third party and the time key related to the time,which reduces the user's calculation cost in the revocation process.Then certificateless signature technology is used to complete mutual authentication,which reduces the computation cost of users and telemedicine terminals.Finally,under the random oracle model,we prove that our scheme can resist the attack of the three kinds of adversaries through detailed security proofs.Simulation experiments show that our protocol can reduce the computation and storage cost of users while meeting the security requirements.