CN107231230B - Cross-domain dynamic anonymous authentication group key management method and system based on diseases - Google Patents
Cross-domain dynamic anonymous authentication group key management method and system based on diseases Download PDFInfo
- Publication number
- CN107231230B CN107231230B CN201710397579.3A CN201710397579A CN107231230B CN 107231230 B CN107231230 B CN 107231230B CN 201710397579 A CN201710397579 A CN 201710397579A CN 107231230 B CN107231230 B CN 107231230B
- Authority
- CN
- China
- Prior art keywords
- key
- patient
- group
- kgc
- public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Medical Informatics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Pharmaceuticals Containing Other Organic And Inorganic Compounds (AREA)
- Medical Treatment And Welfare Office Work (AREA)
Abstract
The invention provides a disease-based cross-domain dynamic anonymous authentication group key management method and system, patients can be diagnosed and treated by different medical institutions, and the system allows a group of patients from different medical fields to generate a group session key, so that safe group communication is established. The system supports patient anonymity and traceability, hiding the patient's identity in an anonymous identity (pseudonym), only designated institutions can recover their true identity. Cross-domain group key protocol guarantees: authenticated patients from different medical institutions and having the same condition may generate a secure group key. The patient establishes secure group communication by using the key, thereby protecting the privacy information of the patient in the electronic medical social system. The system also supports dynamic group management, and when group members change, the system generates a new group session key.
Description
Technical Field
The invention relates to a dynamic anonymous authentication group key management method and system based on symptoms in a cross-domain electronic medical social system.
Background
The electronic medical system realizes a novel universal calculation mode suitable for high-quality medical care through electronized medical data processing. Patient condition can be monitored by collecting patient vital signs and other medical data through electronic medical devices or miniature sensors. In medical systems, medical personnel are required to provide patients with specialized disease and condition diagnoses. On the other hand, these patients are also intentionally communicated with other patients having the same condition. They wish to establish a communication group based on the disease state to communicate information about the disease, share treatment experience and expert advice. They can chat among the communication groups, talk about their real-time disease status, and encourage each other to combat the disease.
In view of the sensitivity of medical information, the privacy of the patient should be protected by the system. It is necessary to establish a secure group information exchange system. Such a system can be easily set up if the patients can negotiate out a group key through a real meeting. However, the fact that they have to stay in the hospital to receive treatment does not allow a chance to meet in reality, and only communication via the internet is possible. We should design a secure group key management scheme (GKM) to protect group sessions. On the other hand, patients with the same condition are likely to be from medical institutions in different cities or different countries. Some patients with rare diseases may have difficulty finding patients with similar conditions even in the same city. To enhance international medical assistance, we should establish a secure group session system across medical domains.
In a secure cohort system, patient anonymity and mutual authentication are crucial. Anonymity can protect the true identity of the patient and avoid unnecessary disclosure and discrimination of personal information. The user identity authentication can prevent the system from being subjected to masquerading attack. One way to achieve patient authentication is a digital signature mechanism. The public key of the user is managed by a Public Key Infrastructure (PKI). In a PKI system, a Certificate Authority (CA) is responsible for distributing, storing, verifying, and revoking certificates, thereby incurring high management costs. Another way to design an authentication algorithm is the identity-based public key cryptosystem (ID-PKC), where each user has an identity and all user keys are generated by a Key Generation Center (KGC). Since KGC keeps the keys of all users, once KGC storage server is hacked, the identity-based cryptosystem is at risk. Certificateless cryptographic systems may solve the key escrow problem because in such systems the KGC only knows the partial key (partial secret key) of the user.
To achieve flexible patient management, the system should revoke the patient's key after the patient has recovered from the disease. Furthermore, the condition-based group communication system should be dynamic. On the one hand, patients can freely join or leave the system without revealing the privacy of the group session. In addition, in a case of a disorder-based authenticated group key protocol, disorder information should be embedded in the group session key so that patients with different disorders cannot join the group for communication. Meanwhile, in the information interaction process, it is required to ensure that the symptoms of the patient cannot be revealed to other patients not belonging to the group or to an attacker who eavesdrops.
In addition to functional requirements, efficiency is also an important factor in weighing the cross-domain group key management system. Most patients in a hospital cannot join a group chat using an electronic device with powerful computing capabilities, such as a laptop or desktop computer. They often lie in the hospital bed and chat with others using a cell phone or tablet, which devices have limited computing and memory capabilities. However, most of the existing group key agreement protocols (GKA) rely on bilinear pairwise operations with large computational overhead and hash computation mapping to points, and these schemes requiring large computational effort are not suitable for the e-medical social system.
Key management and other security methods (e.g., encryption, signing, etc.) are equally important. Group Key Management (GKM) has been studied more extensively in group communications. In 2010, Srinivasa et al propose a secure GKM scheme suitable for a multicast network, which combines a logical key tree structure and the Chinese remainder theorem to carry out scheme design. Drira et al designed a group key management scheme for mobile ad hoc networks that was based on a trust-oriented clustering approach. In the scheme, the trust information is taken as a clustering basis related to key management. Harn and Lin propose a broadcast GKM scheme based on secret sharing and prove that the scheme is secure. However, Liu et al demonstrate that the solution of Harness is vulnerable to internal attacks. Chen et al proposeA group key management scheme based on one-way proxy re-encryption is presented. Nabbel et al constructs an attribute-based group key management scheme that manages group keys based on the attributes of the group members. In their solution, only users that satisfy certain access control policy attributes can obtain a group key. Jiang et al propose a self-healing group key management scheme, and a self-healing method with revocation and collusion resistance capabilities. Sun et al[17]Two collusion attack resistant GKM schemes are provided, which are respectively based on a repeated unidirectional function tree and a node unidirectional function tree. In 2017, Chen et al designed a management scheme with dynamic group keys, which is based on a key tree structure.
The group key agreement protocol (GKA) is a core technology for generating group session keys. 2013, Cheng et al[22]A fault-tolerant GKA protocol based on a binary tree structure is provided, which supports dynamic operation of participant joining or leaving. Yang et al propose a GKA scheme for an identity-based broadcast encryption (IBBE) mechanism for mobile ad hoc networks. In this scheme, when the administrator knows the identities of the group members, the group session key can be generated without message interaction, however it does not provide a user authentication mechanism. Later, Cheng et al designed a bilinear pairing based authentication GKA scheme. Xu et al propose an asymmetric GKA scheme for identity hiding authentication based on short signatures. Lv et al propose a certificateless GKA scheme. 2015, Sun et al[27]A verifiable authentication GKA protocol is provided for a mobile environment. Ranjani et al propose the identity-based GKA protocol to resist both active and passive attacks, which is constructed based on bilinear pairs. Tan et al propose an identity-based GKA scheme without bilinear pairings.
Disclosure of Invention
Aiming at the problems that cross-domain secure group communication is not realized, group establishment based on disease matching cannot be supported, and efficiency is low in the conventional group key agreement scheme, the invention provides a dynamic anonymous authentication group key management scheme based on disease in a cross-domain electronic medical social system.
In order to achieve the purpose, the invention adopts the following technical scheme: a cross-domain dynamic anonymous authentication group key management method based on diseases comprises the following steps: s1: establishing a key generation center KGC; s2: the KGC firstly checks whether the MI of the medical institution has relevant medical qualification, and then generates a partial key for the MI; s3: MI is responsible for diagnosis and treatment of the patient and generates a partial key for the patient; s4: patients from different medical institutions securely generate group session keys.
The invention also provides a disease-based cross-domain dynamic anonymous authentication group key management system, which comprises a key generation center KGC, wherein the key generation center KGC is responsible for generating a main public key/private key pair and is trusted by all entities, and a part of public key/private key pairs are generated for registered medical institutions, so that the problem of key escrow is avoided; a medical institution MI which needs to be registered with the KGC; the medical institution selects the secret value and generates public information of the secret value; in order to obtain a part of public key/private key pairs, the MI submits the generated public information to the KGC; the MI is responsible for managing and diagnosing patients within its medical field and generating partial public/private key pairs for the patients, thereby avoiding key escrow problems; and a patient PT which registers with the medical institution, selects the secret value and generates public information of the secret value, and in order to obtain a partial public key/private key pair, the PT submits the public information corresponding to the secret value to the MI.
Compared with the prior art, the invention has the following advantages:
(1) cross-domain authenticated key management and disorder matching functions: in the scheme, after the patients from different medical domains are subjected to identity authentication, the system can generate a group session key for the patients with the same disease symptoms, and the patients can establish a disease symptom-based security group by using the key and share the disease symptom-related information through group communication.
(2) Anonymity and traceability: because the information of the medical institution and the disease information of the patient are sensitive, the invention ensures that the real identities of the medical institution and the patient cannot be recovered from the anonymous identities by the outside world, and realizes the anonymity of the medical institution and the patient. In order to prevent the medical institution and the patient from malicious behaviors, the key generation center KGC can recover the true identity of the medical institution, and the true identity of the patient can be recovered by the registered medical institution, so that traceability of the medical institution and the patient is realized.
(3) Safety: the scheme utilizes perfect forward security (perfect forward security) to protect the privacy of information, and even if an attacker can defend a group member, the attacker cannot deduce the previous session key. The scheme can also resist various active attacks: masquerading attacks, tampering attacks, replay attacks, and the like.
(4) Time-controlled user revocation: in order to simplify the user management process, the scheme provides a time-based automatic user revocation mechanism. Once the set expiration date has passed, the patient's public/private key pair will automatically expire.
Drawings
FIG. 1 is a system framework diagram according to an embodiment of the present invention.
Fig. 2 is a flow chart of medical institution registration in an embodiment of the present invention.
Fig. 3 is a patient registration flow chart.
Fig. 4 is a flowchart of group key agreement.
Detailed Description
The invention is further explained below with reference to the figures and the specific embodiments.
Aiming at the problems that cross-domain secure group communication is not realized, group establishment based on symptom matching cannot be supported, efficiency is low and the like in the conventional group key agreement scheme, the invention designs a dynamic anonymous authentication group key management method based on symptoms in a cross-domain electronic medical social system. Which comprises the following steps: s1: establishing a key generation center KGC; s2: the KGC firstly checks whether the MI of the medical institution has relevant medical qualification, and then generates a partial key for the MI; s3: MI is responsible for diagnosis and treatment of the patient and generates a partial key for the patient; s4: patients from different medical institutions securely generate group session keys.
FIG. 1 is a system framework of the present invention. The system includes three types of entities: key Generation Center (KGC), Medical Institution (MI) and Patient (PT) wherein the Key Generation Center (KGC): responsible for generating the master public/private key pair and trusted by all entities. It generates a partial public/private key pair for the registered medical institution, thereby avoiding the key escrow problem. Medical Institution (MI): registration with the KGC is required. The medical institution selects the secret value and generates public information of the secret value. To obtain part of the public/private key pair, the MI submits the generated public information to the KGC. The MI is responsible for managing and diagnosing patients within its medical field and generating partial public/private key pairs for the patients, thereby avoiding key escrow problems. Patient (PT): registering with the medical institution. The patient selects the secret value and generates public information of the secret value. To obtain part of the public/private key pair, the PT submits public information corresponding to the secret value to the MI. The Key Generation Center (KGC) is at the top level, responsible for managing the Medical Institution (MI). The KGC first checks whether the MI has the relevant medical qualifications and then generates a partial key for the MI. The MI is at the second level of the system, responsible for diagnosis and treatment of the patient, and generating the patient's partial key. The bottom layer of the system is patients with different diseases and conditions. Patients from different medical institutions (cross-domain) can securely generate group session keys.
The invention realizes anonymous identity verification of patients based on disease matching: in order to establish a secure group key, all participating patients must be authenticated anonymously; the true identity of the patient cannot be revealed to other patients; all patients in the same cohort must have the same condition; plaintext information about the disease cannot be revealed during the authentication process.
The invention can support dynamic patient and cohort management: the system provides a time-controlled patient withdrawal mechanism. Based on the estimated treatment time, the system assigns the validity period of the key to each patient and embeds it implicitly in the patient's partial key. Once the validity time has elapsed, the user's key is automatically revoked. In addition, the group key management system allows patients to dynamically join or leave groups. When the group members change, the system generates a new group session key. The electronic medical social system provides a convenient way for patients to share treatment experience and communicate medical information. The patients of the system can be diagnosed and treated by different medical institutions, and the system allows a group of patients from different medical fields to generate a group session key, thereby establishing secure group communication. The system supports patient anonymity and traceability, hiding the patient's identity in an anonymous identity (pseudonym), only designated institutions can recover their true identity. Cross-domain group key protocol guarantees: authenticated patients from different medical institutions and having the same condition may generate a secure group key. The patient establishes secure group communication by using the key, thereby protecting the privacy information of the patient in the electronic medical social system. The system also supports dynamic group management, and when group members change, the system generates a new group session key.
The KGC establishment in S1 comprises the following steps:
s11 with safety parameter kappa ∈ Z+As input, the algorithm outputs security parameters and a system master public/private key pair;
s12: selecting prime numbers p, q of kappa bits and elliptic curve E/FqThe generated elliptic curve has a generator P;
s13: selecting
Representing the set 1,2, …, P-1, calculating PpubxP, the system master private key MSK x, and the master public key MPK (P, P)pub);
S14: selecting a secure symmetric encryption/decryption pair SEnc/SDec with symmetric key space
And collusion resistant hash function
And
in one embodiment of the present invention, the elliptic curve is defined as follows: q is a prime number, FqIs a finite field, E/F, characterized by a prime numberqIs FqElliptic curve of (1) and defined as E/Fq={(x,y)|y2=x3+ ax + bmod }; from FqWherein the elements a, b are randomly selected and △ -4 a is satisfied3+72b2Not equal to 0 modq. The elliptic curve group G includes E/FqThe upper point and a special point O, O is called the infinity point G { (x, y): x, y ∈ Fq,(x,y)∈E/FqU { O }; the addition operation on group G is defined as follows: let P, Q be two points on G, l be a straight line connecting the two points, l and an elliptic curve E/FqIntersecting with a third point R ', point R is the point of symmetry of R' about the x-axis, then R ═ P + Q, and the scalar multiplication on G is defined as:
in an embodiment of the present invention, S2 medical institution registration main flow chart is shown in fig. 3, which includes the following steps:
when in use
When applying for joining the system as the ith medical institution, it first registers with the KGC. KGC checks after receiving registration request
Whether it is a medical institution with relevant qualifications. If not, the KGC will reject the request. If so, KGC and
interaction generation
A public/private key pair. The key generation process is certificateless in order to avoid key escrow problems.
1. Setting a secret value: medical institution
(identity is
) Selecting random numbers
Computing
Will be provided with
As a secret value, will be transmitted over a secure channel
Sent to the KGC.
2. Partial key extraction: with the primary private key MSK of KGC,
of
And a common value
As input, algorithm output
The anonymous identity of (a) and a partial private key. KGC selects random numbers
Computing
The anonymous identity of (c):
KGC selects random numbers
Computing
KGC calculation
Partial keys over secure channels
Is sent to
Receive from
After, medical institution
Verification equation
Whether or not this is true. If the equation holds, the key
The method is effective; otherwise, this is not true.
3. Setting a private key: medical institution
Handle
As a private key and stored secretly.
4. Setting a public key: medical institution
Handle
As a public key and is disclosed in the system.
To be in medical institutions
Registration, patient
Firstly, firstly
And (6) checking. On the basis of the result of the diagnosis,
is aware of
Suffering from a disease state
And
interaction generation
A public/private key pair. The key generation process avoids the key escrow problem. Based on the predicted treatment time, the KGC determines the validity period of the user's public/private key pair
Settings are made, for example "20170501 vs 20171201". When the time exceeds
The patient's key automatically expires.
S3: the MI is responsible for diagnosis and treatment of a patient and generates a partial key of the patient, and the method specifically comprises the following steps:
1. setting a secret value: patient's health
(identity)
) Selecting random numbers
Computing
Then the
Handle
As a secret value and is held by a secure channel
Is sent to
2. Partial key extraction: to be provided with
Is a key of
Of
And public value
As input, algorithm output
Anonymous identity and partial key.
Selecting random numbers
Computing
The identity of (c):
·
selecting random numbers
Computing
·
Computing
Partial keys over secure channels
Is sent to
Upon receipt of
Then, the patient
Verification equation
Whether or not this is true. If the equation holds, the key
The method is effective; otherwise, this is not true.
3. Setting a private key: patient's health
Handle
As the private key, the private key is stored secretly.
4. Setting a public key: patient's health
Handle
As the public key, it is disclosed in the system.
S4 group key agreement, the main flowchart is shown in fig. 4, which includes the following steps:
suppose a patient
And
to establish a secure, disorder-based group communication to ensure the security of the disease discussion-related information, they first need to generate a group session key. Suppose that
Is a patient with strong computing power, U0The middle patients are less computationally powerful. The interaction of the group key protocol is performed as follows.
And (1).
Sending
For U0,
Sending
To give
Receiving information
After that, the air conditioner is started to work,
selecting random numbers
And calculate
Wherein
Then, the user can use the device to perform the operation,
handle
Is sent to
Wherein i is more than or equal to 1 and less than or equal to n.
If the equation holds, then ensure
Has been authenticated, and
and
suffer from the same conditions. Assume a validated set of patients as
Is provided with
Then the
Selecting random numbers
And calculate
Wherein the content of the first and second substances,
then, the user can use the device to perform the operation,
handle
Is sent to
If Authi,0=Auth0,iThen ensure
Has been authenticated, and
and
suffer from the same conditions. Then the
Computing session keys
A new patient joins the cohort comprising the steps of:
assume a set of patients with a low computational power U0'={PTn+1,...,PTmTo join a group, the group members generate a new session key as follows.
Then, the user can use the device to perform the operation,
selecting random numbers
Computing
Wherein
Then, the user can use the device to perform the operation,
handle
Is sent to
If Auth'i,0=Auth'0,iThen ensure
Has been authenticated, and
and
suffer from the same conditions. Then, the user can use the device to perform the operation,
computing session keys
The patient exit from the cohort includes the following steps:
assume a set of patients with a low computational power U0”={PTj+1,...,PTnWanting to leave, the group members generate a new session key as follows.
Order to
Then, the user can use the device to perform the operation,
selecting random numbers
And calculate
Then, the user can use the device to perform the operation,
handle
Is sent to
Receive from
Coming from
Then, each patient
Computing
Wherein
If Auth'i,0=Auth”0,iThen, then
Calculating a session key:
the above are preferred embodiments of the present invention, and all changes made according to the technical scheme of the present invention that produce functional effects do not exceed the scope of the technical scheme of the present invention belong to the protection scope of the present invention.
Claims (6)
1. A cross-domain dynamic anonymous authentication group key management method based on diseases is characterized by comprising the following steps:
s1: establishing a key generation center KGC;
s2: the KGC firstly checks whether the MI of the medical institution has relevant medical qualification, and then generates a partial key for the MI;
s3: MI is responsible for diagnosis and treatment of the patient and generates a partial key for the patient;
s4: patients from different medical institutions securely generate a group session key;
s2 includes the following steps:
s21: is provided with
Is the ith medical institution when
When the system is applied to join the system as the ith medical institution, registering the system with the KGC; KGC checks after receiving registration request
If not, the KGC will reject the request, if so, go to step S22;
s22: medical institution
Its identity is
Selecting random numbers
Calculating a common value
Will be provided with
As a secret value, will be transmitted over a secure channel
Sending to KGC; p is a generator;
s23: with the primary private key MSK of KGC,
of
And a common value
As input, algorithm output
The KGC selects a random number
Computing
The anonymous identity of (c):
KGC selects random numbers
Calculating parameters
And parameters
KGC calculation
Partial keys over secure channels
Is sent to
Receive from
After, medical institution
Verification equation
If true, if the equation is true, then the key
The method is effective; otherwise, the method is not true;
s24: setting a private key: medical institution
Handle
As private key and stored secretly;
s25: setting a public key: medical institution
Handle
As a public key and is disclosed in the system;
s3 includes the steps of:
s31: setting a secret value: patient's health
Its identity is
Selecting random numbers
Calculating parameters
Then the
Handle
As a secret value and is held by a secure channel
To the ith medical institution
P is a generator;
s32: partial key extraction: to be provided with
Is a key of
Of
And public value
As input, algorithm output
Anonymous identity ofAnd a partial key,
selecting random numbers
Computing
The anonymous identity of (c):
selecting random numbers
VT is the effective period, SP is the symptom set, calculate
Computing
Partial keys over secure channels
Is sent to
Is receiving
Then, the patient
Verification equation
If true, the key is generated if the equation is true
The method is effective; otherwise, the method is not true;
s33, setting a private key: patient's health
Handle
As a private key, the private key is stored secretly;
s34: setting a public key: patient's health
Handle
As a public key, published in the system;
s4 group key negotiation, which includes the steps of:
when the patient is suffering from
And
to establish a disorder-based secure group communication, a group session key needs to be generated; wherein
Is a patient with strong computing power, U0The middle patient is less computationally powerful; the interaction of the group key protocol is performed as follows;
and (1).
Sending
For U0,
Sending
To give
Receiving information
After that, the air conditioner is started to work,
selecting random numbers
And calculate
Wherein
Then, the user can use the device to perform the operation,
handle
Is sent to
Wherein i is more than or equal to 1 and less than or equal to n;
step 2. from other patients
Is received by
Then, the patient
Verification equation
Is established, wherein
If equationIf it is, ensure
Has been authenticated, and
and
suffer from the same conditions; if the verified patient set is
Is provided with
Then the
Selecting random numbers
And calculate
Wherein the content of the first and second substances,
then, the user can use the device to perform the operation,
handle
Is sent to
Step 3. receive
Coming from
Then, each patient
Computing
Wherein
If Authi,0=Auth0,iThen ensure
Has been authenticated, and
and
suffering from the same condition, then
Computing session keys
S1 includes the steps of:
s11 with safety parameter kappa ∈ Z+As input, outputting security parameters and a system master public/private key pair;
s12: selecting prime numbers p, q of kappa bits and elliptic curve E/FqThe generated elliptic curve has a generator P;
s13: selecting random numbers
Wherein the content of the first and second substances,
representing a set {1,2, L, P-1}, calculating a public parameter PpubSystem master private key MSKX, the master public key MPK (P, P)pub);
S14: selecting secure symmetric encryption/decryption pairs SEnc/SDec with symmetric key space K and collusion resistant hash function H0{0,1 }. → K and Hi:
S15: KGC issues common parameters (SEnc, SDec, H)0,H1,...,H6) And the master public key MPK, and the master private key MSK is secretly stored by the KGC.
2. The method of claim 1, wherein the method comprises: the elliptic curve in S12 is defined as follows: q is a prime number, FqIs a finite field, E/F, characterized by a prime numberqIs FqElliptic curve of (1) and defined as E/Fq={(x,y)|y2=x3+ ax + bmod }; from FqWherein the elements a, b are randomly selected and Δ ═ 4a is satisfied3+72b2Not equal to 0 modq; the elliptic curve group G includes E/FqThe upper point and a special point O, O is called the infinity point G { (x, y): x, y ∈ Fq,(x,y)∈E/Fq∪ { O }, wherein the addition of the group G is defined as if P, Q are two points on G, l is a straight line connecting the two points, l and an elliptic curve E/FqIntersecting with a third point R ', point R is the point of symmetry of R' about the x-axis, then R ═ P + Q, and the scalar multiplication on G is defined as:
3. the method of claim 1, wherein the method comprises: in order to at the ith medical institution
Registration, patient
Firstly, firstly
Carrying out inspection; on the basis of the result of the diagnosis,
is aware of
Suffering from a disease state
And
interaction generation
A public/private key pair of; based on the predicted treatment time, the KGC determines the validity period of the user's public/private key pair
Make settings when time exceeds
The patient's key automatically expires; wherein SP ═ S (SP)1,SP2,..) is a collection of disorders.
4. The method of claim 1, wherein the method comprises: when a group of patients with low computing power is collected
When a group member wants to join the group, the group member generates a new session key according to the following steps:
s51: patient's health
Sending
For U', the patient
Will be provided with
Is sent to
Receive from
Then, the patient
Selecting
And calculate
Then sends it to
S52: receiving the patient
Coming from
After that, the air conditioner is started to work,
authentication according to methods in group key agreement
When these patients are both authenticated and have the same condition, order
S53:
Selecting random numbers
Computing
Wherein
Then, the user can use the device to perform the operation,
handle
Is sent to
S54: receiving the patient
Coming from
Then, each patient
Computing
Wherein
If Auth'i,0=Auth'0,iThen ensure
Has been authenticated, and
and
(ii) suffer from the same;
S55:
computing session keys
5. The method of claim 1, wherein the method comprises: when a group of patients with low computing power is collected U0”={PTj+1,...,PTnWhen wanting to leave, the group members generate a new session key as follows:
S61:
order to
S62:
Selecting random numbers
And calculating:
S63:
handle
Is sent to
Receive from
Coming from
Then, each patient
Computing
Wherein
If Auth'i,0=Auth”0,iThen, then
Calculating a session key:
6. the system for managing the cross-domain dynamic anonymous authentication group key based on the diseases is characterized in that: the key generation center KGC is responsible for generating a main public key/private key pair, is trusted by all entities and generates a part of public key/private key pairs for a registered medical institution, so that the problem of key escrow is avoided;
a medical institution MI which needs to be registered with the KGC; the medical institution selects the secret value and generates public information of the secret value; in order to obtain a part of public key/private key pairs, the MI submits the generated public information to the KGC; the MI is responsible for managing and diagnosing patients within its medical field and generating partial public/private key pairs for the patients, thereby avoiding key escrow problems;
and a patient PT, the patient PT registering with the medical institution, the patient selecting the secret value and generating public information of the secret value, the PT submitting the public information corresponding to the secret value to the MI in order to obtain part of public key/private key pairs;
the MI is responsible for diagnosis and treatment of a patient and generates a partial key of the patient, and the method specifically comprises the following steps:
1. setting a secret value: patient's health
Its identity is
Selecting random numbers
Computing
Then the
Handle
As a secret value and is held by a secure channel
Is sent to
2. Partial key extraction: to be provided with
Is a key of
Of
And public value
As input, algorithm output
An anonymous identity and a partial key;
selecting random numbers
Computing
The identity of (c):
·
selecting random numbers
Computing
·
Computing
Partial keys over secure channels
Is sent to
Upon receipt of
Then, the patient
Verification equation
Whether the result is true or not; if the equation holds, the key
The method is effective; otherwise, the method is not true;
3. setting a private key: patient's health
Handle
As a private key, the private key is stored secretly;
4. setting a public key: patient's health
Handle
As a public key, published in the system;
group key negotiation, the main flow comprises the following steps:
when the patient is suffering from
And
to establish a secure, disorder-based group communication to ensure the security of the disease discussion-related information, they first need to generate a group session key; if it is
Is a patient with strong computing power, U0The middle patient is less computationally powerful; the interaction of the group key protocol is performed as follows;
and (1).
Sending
For U0,
Sending
To give
Receiving information
After that, the air conditioner is started to work,
selecting random numbers
And calculate
Wherein
Then, the user can use the device to perform the operation,
handle
Is sent to
Wherein i is more than or equal to 1 and less than or equal to n;
step 2. from other patients
Is received by
Then, the patient
Verification equation
Is established, wherein
If the equation holds, then ensure
Has been authenticated, and
and
if the patients with the same disease are proved to be in the group
Is provided with
Then the
Selecting random numbers
And calculate
Wherein the content of the first and second substances,
then, the user can use the device to perform the operation,
handle
Is sent to
Step 3. receive
Coming from
Then, each patient
Computing
Wherein
If Authi,0=Auth0,iThen ensure
Has been authenticated, and
and
suffer from the same conditions; then the
Computing session keys
S2 the medical institution registration main flow includes the following steps:
using the following steps in a disorder-based cross-domain dynamic anonymous authentication group key management method as claimed in claim 1
S11 with safety parameter kappa ∈ Z+As input, outputting security parameters and a system master public/private key pair;
s12: selecting prime numbers p, q of kappa bits and elliptic curve E/FqThe generated elliptic curve has a generator P;
s13: selecting random numbers
Wherein the content of the first and second substances,
representing a set {1,2, L, P-1}, calculating a public parameter PpubxP, the system master private key MSK x, and the master public key MPK (P, P)pub);
S14: selecting secure symmetric encryption/decryption pairs SEnc/SDec with symmetric key space K and collusion resistant hash function H0{0,1 }. → K and Hi:
S15: KGC issues common parameters (SEnc, SDec, H)0,H1,...,H6) And a master public key MPK, the master private key MSK is stored by KGC secret
When in use
When the system is applied to join as the ith medical institution, the system is registered with the KGC firstly; KGC checks after receiving registration request
Whether it is a medical institution with relevant qualifications; if not, the KGC will reject the request; if so, KGC and
interaction generation
A public/private key pair of; the key generation process is certificateless;
1. setting a secret value: medical institution
Its identity is
Selecting random numbers
Computing
Will be provided with
As a secret value, will be transmitted over a secure channel
Sending to KGC;
2. partial key extraction: with the primary private key MSK of KGC,
of
And a common value
As input, algorithm output
An anonymous identity of and a partial private key; KGC selects random numbers
Computing
The anonymous identity of (c):
KGC selects random numbers
Computing
KGC calculation
Partial keys over secure channels
Is sent to
Receive from
After, medical institution
Verification equation
Whether the result is true or not; if the equation holds, the key
The method is effective;otherwise, the method is not true;
3. setting a private key: medical institution
Handle
As private key and stored secretly;
4. setting a public key: medical institution
Handle
As a public key and is disclosed in the system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710397579.3A CN107231230B (en) | 2017-05-31 | 2017-05-31 | Cross-domain dynamic anonymous authentication group key management method and system based on diseases |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710397579.3A CN107231230B (en) | 2017-05-31 | 2017-05-31 | Cross-domain dynamic anonymous authentication group key management method and system based on diseases |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107231230A CN107231230A (en) | 2017-10-03 |
| CN107231230B true CN107231230B (en) | 2020-09-01 |
Family
ID=59933491
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710397579.3A Active CN107231230B (en) | 2017-05-31 | 2017-05-31 | Cross-domain dynamic anonymous authentication group key management method and system based on diseases |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107231230B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111783136A (en) * | 2020-06-17 | 2020-10-16 | 联想(北京)有限公司 | Data protection method, device, equipment and storage medium |
| CN113329019B (en) * | 2021-05-28 | 2022-08-16 | 南京邮电大学 | Privacy-protecting infectious disease close contact person identity tracking method |
| CN114157474B (en) * | 2021-11-30 | 2024-02-23 | 杭州趣链科技有限公司 | Online health information acquisition method with anonymity and untraceability |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101277513B (en) * | 2007-03-27 | 2011-07-20 | 厦门致晟科技有限公司 | Method for ciphering wireless mobile terminal communication |
| US8707046B2 (en) * | 2011-05-03 | 2014-04-22 | Intel Corporation | Method of anonymous entity authentication using group-based anonymous signatures |
| CN102420810A (en) * | 2011-09-28 | 2012-04-18 | 盛乐信息技术(上海)有限公司 | Network file system and method based on certificate-free public key infrastructure |
| CN102624530B (en) * | 2012-03-14 | 2014-08-20 | 西安电子科技大学 | Certificate-free remote anonymous authentication method for wireless body area network |
| CN103618593B (en) * | 2013-11-19 | 2017-04-12 | 南京信息工程大学 | Enhanced sensor safe attachment and key management method in body area network |
| CN105743641B (en) * | 2016-04-01 | 2018-11-16 | 西安电子科技大学 | It is a kind of can explicit authentication public key multi-receiver label decryption method |
-
2017
- 2017-05-31 CN CN201710397579.3A patent/CN107231230B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN107231230A (en) | 2017-10-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Feng et al. | Blockchain-based cross-domain authentication for intelligent 5G-enabled internet of drones | |
| Yang et al. | Cross-domain dynamic anonymous authenticated group key management with symptom-matching for e-health social system | |
| Son et al. | Design of secure authentication protocol for cloud-assisted telecare medical information system using blockchain | |
| Zhang et al. | Efficient ID-based public auditing for the outsourced data in cloud storage | |
| Li et al. | Cost-effective and anonymous access control for wireless body area networks | |
| Islam et al. | Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems | |
| Tsai et al. | Secure anonymous key distribution scheme for smart grid | |
| Mandt et al. | Certificateless authenticated two-party key agreement protocols | |
| Qikun et al. | A dynamic and cross-domain authentication asymmetric group key agreement in telemedicine application | |
| CN112954675B (en) | Multi-gateway authentication method, system, storage medium, computer device and terminal | |
| Islam | Provably secure dynamic identity-based three-factor password authentication scheme using extended chaotic maps | |
| Li et al. | AEP-PPA: An anonymous, efficient and provably-secure privacy-preserving authentication protocol for mobile services in smart cities | |
| Omala et al. | Provably secure heterogeneous access control scheme for wireless body area network | |
| Omala et al. | An efficient remote authentication scheme for wireless body area network | |
| CN105959269A (en) | ID-based authenticated dynamic group key agreement method | |
| CN107947913A (en) | The anonymous authentication method and system of a kind of identity-based | |
| Ma et al. | Distributed access control with adaptive privacy preserving property for wireless sensor networks | |
| Wang et al. | A dual privacy-preservation scheme for cloud-based eHealth systems | |
| CN107231230B (en) | Cross-domain dynamic anonymous authentication group key management method and system based on diseases | |
| Jain et al. | A Comparison Based Approach on Mutual Authentication and Key Agreement Using DNA Cryptography | |
| Wen et al. | A new secret handshake scheme with multi-symptom intersection for mobile healthcare social networks | |
| Roy et al. | A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment | |
| Zhai et al. | A multi-server biometric authentication scheme based on extended chaotic map for telecare medical information system | |
| Zhang et al. | Blockchain-based mutual authentication protocol with privacy protection in telemedicine | |
| Zhu et al. | Provably Secure Multi-server Privacy-Protection System Based on Chebyshev Chaotic Maps without Using Symmetric Cryptography. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |