CN108401010A - A kind of intelligent medical rescue skills and system based on car networking - Google Patents
A kind of intelligent medical rescue skills and system based on car networking Download PDFInfo
- Publication number
- CN108401010A CN108401010A CN201810049133.6A CN201810049133A CN108401010A CN 108401010 A CN108401010 A CN 108401010A CN 201810049133 A CN201810049133 A CN 201810049133A CN 108401010 A CN108401010 A CN 108401010A
- Authority
- CN
- China
- Prior art keywords
- user
- vehicle
- car networking
- message
- broadcast
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H80/00—ICT specially adapted for facilitating communication between medical practitioners or patients, e.g. for collaborative diagnosis, therapy or health monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
The invention belongs to transmission control procedures, such as data link level control procedure technical field, disclose a kind of intelligent medical rescue skills and system based on car networking, and the intelligent medical rescue skills based on car networking include:Aggregate signature is used between user and trusted third party;User's vehicle match, authoritative institution after receiving information carry out that the matching in the case of privacy can be protected with the vehicle registered in oneself data;Authoritative institution to vehicle with broadcast encryption scheme by sending the request for needing to rescue.It is verified by way of aggregate signature between patient and authoritative institution;Authoritative institution is matched under the case where not revealing patient privacy with registration vehicle by matching algorithm;Authoritative institution notifies registered vehicle to be rescued by way of broadcast enciphering.The present invention is based on cryptography exploitations, allow user that can receive detection anywhere or anytime, and can be succoured in clutch, while ensureing the personal secrets of user.
Description
Technical field
The invention belongs to transmission control procedures, such as data link level control procedure technical field more particularly to one kind to be based on
The intelligent medical rescue skills and system of car networking.
Background technology
Currently, the prior art commonly used in the trade is such:As the improvement of people's living standards, people are to high-quality medical treatment
The demand of resource is more and more urgent.Currently, numerous, unbalanced and ring strained relations of medical resource distribution of China human mortality etc. one
The reason of series encounters many difficulties and inconvenience when many patients are seen a doctor.With technology of Internet of things and the communication technology
Development, portable medical initially enters everybody visual field.People can not stay in ward, can not have nurse to accompany, can be certainly
It is the fine vision of people by comfortable life, so just needing to establish a kind of new medical model, detection can be collected, happens suddenly feelings
Emergency measure under condition, scheduling ambulance are rescued etc..Need to ensure the safety, complete of people's information in this process
Property, availability, authenticity etc., it is necessary to the rapidity for ensureing information transmission, cannot be because of the delay of information, and lead to crisis feelings
Condition occurs.Existing salvage system is carried out only on the road of ambulance rescue using signal lamp, with road management department
Cooperate to shorten the time of rescue, but the present situation of ambulance lazy weight can not be solved, it cannot be guaranteed that the safety of patient information
Property.
In conclusion problem of the existing technology is:MeshPreceding various medical service provider system functions are relatively incomplete, rescue
Vehicle lazy weight is protected, the safety of patient information cannot be guaranteed that information transfer rate is unhappy.
Solve the difficulty and meaning of above-mentioned technical problem:WhenBefore, China human mortality is numerous, medical resource distribution is unbalanced and
The a series of reasons such as one ring strained relations encounter many difficulties and inconvenience when many patients are seen a doctor.
Invention content
In view of the problems of the existing technology, the intelligent medical rescue skills that the present invention provides a kind of based on car networking and
System.
It is described based on car networking the invention is realized in this way a kind of intelligent medical rescue skills based on car networking
Intelligent medical rescue skills include:Aggregate signature is used between user and trusted third party;User's vehicle match, authoritative institution connect
After receiving information carry out that the matching in the case of privacy can be protected with the vehicle registered in oneself data;Authoritative institution passes through to broadcast
Encipherment scheme sends the request for needing to rescue to vehicle.
Further, the aggregate signature specifically includes:
(1) aggregate signature scheme:
G1And G2It is two cyclic groups of Prime Orders P;
g1And g2It is G respectively1And G2Generator;
ψ is G1To G2Computable isomorphism, ψ (g1)=g2;
E is a computable bilinear map e:G1×G2→GT;
(2) bilinearity aggregate signature allows different message MiSignature, the signature δ of each user are created on ∈ { 0,1 }iIt is
G2An element;Basic parameter is basic group G1,G2, their respective generators are g1,g2, from G1To G2Isomorphism ψ can be calculated,
And there is target group GTBilinear map e:G1×G2→GT。
The aggregate signature further specifically includes:
Key generates:For user, a random number is selectedAnd it calculatesThe public key of user is ν
∈G1, the key of user is x ∈ ZP;
Signature:Using the public key ν of user, message M ∈ { 0,1 } *, h ← h is calculated(M), wherein h ∈ G2, δ ← hx, signature is δ
∈G2;
Verification:Using the public key of user, message M and signature δ calculate h ← h(M);If e (g1, δ) and=e (ν, h) establishments,
Then receive;
Polymerization:Gateway receives each user message, and index an i, ranging from K=are distributed for each user | U |, Mei Geyong
Family uiThe message M that ∈ U are selected at itiSignature δ is provided on ∈ { 0,1 } *i∈G2, calculateThe signature of polymerization is δ ∈
G2;
Comprehensive verification:Trusted third party receives gateway and is sent to its message, and including aggregate signature δ, user's disappears
Cease the good public keys ν of Mii, calculateIfIt sets up, is then verified;
Correctness Analysis:
Further, user's vehicle match specifically includes:
Step 1, authoritative institution according to user is desired and region vehicle number determine a matching degree th, when
The matching degree I of user A and vehicle Ba·IbWhen >=th, that is, the phase knowledge and magnanimity for representing A and B are relatively high, can carry out pick-up operation,
With degree Ia·IbWhen≤th, illustrate that A and B phase knowledge and magnanimity are relatively low, which cannot be rescued;
Step 2, user A execute following operation:
(1) two Big primes α and β are randomly choosed, | α |=256bit, β > (n+1) α2;
(2) K=0 is enabled, a random number (c is selected1,c2...,cn), it enables
(3) for all ai∈Ia, all randomly choose a random number γi, and calculate ki=γi·β-ci;
Work as aiWhen=1, Ci=α+ci+γiβ, K=K+ki, work as aiWhen=0, Ci=ci+γiβ, K=K+ki;For Ia
In all elements be carried out this operation, enable (β, K) maintain secrecy, finally obtain (α, C1,C2,C3,...,Cn), and send it to
Authoritative institution;
Step 3, each vehicle B need authority to be registered, and corresponding authoritative institution has all vehicles
Characteristic attribute Ib;
Step 4, for all bi∈Ib, the following operation of authoritative institution's execution:
Work as biWhen=1,
Work as biWhen=0,
It calculatesWith calculate E=D+Kmod β, E withIt is identical, then by determining disease
The position of people and vehicle, the desired value and E of patient ask rescue message to determine to need to send to which vehicle.
Further, the broadcast enciphering specifically includes:
System parameter setting algorithm:Security parameter is ζ, G3For a q rank addition cyclic group, G4For a q rank multiplication loop
Group, p=2q+1, wherein p, q are Big prime, e:G3×G3→G4It is (G3,G4) on computable bilinear map, p is crowd G3
One generate member, random selectionAs main system private key msk, it is Q=SP, g to calculate Your Majesty's key mpk3=e (P, P),
The optional integer a of CA meets 0 < a < p-1, enables g4=-a2, a can destroy or maintain secrecy, then select pi=2qi+1,i∈{1,
2, n }, meet p < pi, by theorem it is found that g4For piThe public primitive element of (i ∈ { 1,2, n }), CA selections
The hash function that three safety can collideK is symmetrical
Cipher key sets, SNFor the set of all users, N=1,2, and n }, main private key s is preserved by CA, open parameter params:
{ζ,G3,G4,e,q,P,Q,g3,g4,p,SN,pi,K,H1,H2,H3};
User key generating algorithm:By User IDiOperation, User IDiRandomly choose xi3,As its private key SKi
=(SKi3,SKi4), it calculatesPKi4=xi4P, User IDiPublic key PKi=(PKi3,PKi4), private key by
User oneself preserves, and public key discloses;
Certificate generates algorithm:It is run by the centers CA, for User IDiIdentity information and corresponding public key PKi, CA selections
Time parameter τ, first calculates hi=H1(τ||IDi||PKi), then calculate User IDiCertificateIt is logical
It crosses overt channel and is sent to IDi;
Encryption Algorithm:It is run by broadcaster, broadcast enciphering algorithm is symmetrical by a key encapsulation algorithm and safety
Encryption Algorithm is realized jointly;
Decipherment algorithm:By User IDi(IDi∈ S) operation, after receiving broadcast ciphertext C, User IDiWith its private key SKi, card
BookFor income, the corresponding message ms of input C or invalid flag ⊥.
Further, the Encryption Algorithm specifically includes:
Step 1, broadcaster select the set for needing to broadcast
Step 2, for IDi∈ S, broadcaster calculate h successivelyi=H1(τ||IDi||PKi),
Step 3, broadcaster randomly choose r,It calculates (Hdr, k):K ∈ K,It can be calculated according to Chinese remainder theoremWhereinMi=MSpi, MiYi≡ 1,For message m, with symmetrical
Encryption Algorithm E generates ciphertext C0=Ek(m);
Step 4, broadcaster pass through disclosed broadcast channel broadcasts message C=(Hdr, S, C0)。
Further, the decipherment algorithm specifically includes:
Step 1, User IDi∈ S are calculated
Step 2 calculates
Step 3 calculates
Step 4 verifies H3Whether (σ ', k') is equal to H3(σ, k) is calculated if equal with the decryption in symmetric encryption scheme
Method D returns to m=D'k(C0), otherwise return to ⊥.
Further, the validated user in the broadcast set of the broadcast enciphering restores the correct broadcast ciphertext received
Locate corresponding broadcast message:
(1) User IDi∈ S are calculated after receiving broadcast ciphertext:
(2) user according toIt calculates;
(3) according to σ ' andSymmetric key can be recoveredIf H3(σ ', k')=H3(σ, k),
Ciphertext m=D' can correctly be recovered by the decipherment algorithm D of symmetric encryption schemek(C0), otherwise export ⊥.
Another object of the present invention is to provide a kind of intelligent medical rescue skills based on car networking based on vehicle
The intelligent medical salvage system of networking, the intelligent medical salvage system based on car networking include:
Intelligent wearable device, the physiological health index for acquiring and obtaining user, and mobile phone end is transmitted to by bluetooth
End;
Mobile phone terminal is connected with intelligent wearable device, the information being sent to for receiving intelligent wearable device, and with
The threshold information of oneself storage is compared;
Authoritative institution receives the information of mobile phone terminal, and determines the case where shunting;
Ambulance and registration vehicle determine ambulance rescue or registration vehicle rescue by receiving the information of authoritative institution.
Further, in the mobile phone terminal, a threshold value is stored, whether this threshold value decides will receive
Personal health situation is sent to authoritative institution, is then sent more than threshold value, otherwise then continues to receive.
In conclusion advantages of the present invention and good effect are:The present invention is added using aggregate signature, matching algorithm and broadcast
These three close modes can carry out rescue safely and fast to form a system, and the quick of user may be implemented in aggregate signature
Certification saves authenticated time, is conducive to quickly be rescued;User need not send disease when sending information to authoritative institution
Detail, be conducive to protect patient privacy;Pass through the broadcast enciphering based on certificate between authoritative institution and registration vehicle
Mode, registration vehicle may be implemented dynamically to be added and exit, and increase flexibility.
The present invention realizes that acquisition user's data of physiological index and monitoring data, mobile phone terminal carry out first time threshold value and compare,
The burden at authoritative institution end is reduced, in the way of aggregate signature quickly sign between mobile phone terminal and authoritative institution and recognize
Card, can allow patient information to be faster reflected to authoritative institution, authoritative institution is enable to be handled in time, avoid because of information
The generation for the case where being delayed and causing to rescue not in time;For the safety of patient information, PPSPC is used in patient and between shunting
Matching algorithm ensures, in the case where not revealing patient privacy, quickly to be matched;Between authoritative institution and registered vehicle
Transmission message is carried out by the way of the broadcast enciphering based on certificate, because there are many registration vehicle is possible, if one by one
Transmission, this may result in rescue not in time, therefore, by the way of broadcast enciphering, and use the broadcast based on certificate
Cipher mode is conducive to being dynamically added and exiting for user, increases flexibility.
Description of the drawings
Fig. 1 is the intelligent medical rescue skills flow chart provided in an embodiment of the present invention based on car networking.
Fig. 2 is the intelligent medical salvage system structural schematic diagram provided in an embodiment of the present invention based on car networking;
In figure:1, intelligent wearable device;2, mobile phone terminal;3, authoritative institution;4, ambulance and registration vehicle.
Fig. 3 is the health monitoring systems schematic diagram in portable medical provided in an embodiment of the present invention.
Fig. 4 is the intelligent medical rescue skills implementation flow chart provided in an embodiment of the present invention based on car networking.
It is the protocol procedures figure of aggregate signature that Fig. 5, which is provided in an embodiment of the present invention,.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to embodiments, to the present invention
It is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to
Limit the present invention.
Intelligent medical, using state-of-the-art technology of Internet of things, is realized by making health account area medical information platform
Interaction between patient and medical worker, medical institutions, Medical Devices, progressively reaches informationization.Medical row in the near future
Industry will incorporate the high-tech such as more artificial intelligences, sensing technology, and medical services is made to move towards the intelligence of real meaning, push medical treatment
The prosperity and development of cause.Car networking can be completed certainly by devices, vehicles such as GPS, RFID, sensor, camera image processing
The acquisition of body environment and status information;By Internet technology, all vehicles can be by the various information Transmission Convergences of itself
To central processing unit;By computer technology, the information of a large amount of vehicles can be analyzed and processed, to calculate different vehicle
Best route, report without delay road conditions and arrange signal lamp cycle.Aggregate signature can carry out the signature authentication of multiple users, with
Achieve the purpose that rapid authentication.Since patient is more, if each patient is authenticated, not only waste of resource in this way, but also
Certification speed is slower, therefore with the method for aggregate signature.Broadcast enciphering is one-to-many cipher mode, because to notify to register
When vehicle is rescued, if each vehicle is notified, make the inefficient of transmission, so by the way of broadcast enciphering,
Using the broadcast enciphering based on certificate by the way of, can be conducive to dynamically be added and exit, increase flexibility.
As shown in Figure 1, the intelligent medical rescue skills provided in an embodiment of the present invention based on car networking include the following steps:
S101:Aggregate signature is used between user and trusted third party, is effectively increased efficiency, is allowed patient can in time
Doctor is reduced because information cannot timely feedback the harm brought;
S102:User's vehicle match, authoritative institution can protect after taking information with the vehicle progress registered in oneself data
Protect the matching in the case of privacy;
S103:Authoritative institution to vehicle with broadcast encryption scheme by sending the request for needing to rescue.
As shown in Fig. 2, the intelligent medical salvage system provided in an embodiment of the present invention based on car networking includes:
Intelligent wearable device 1, the physiological health index for acquiring and obtaining user, and mobile phone end is transmitted to by bluetooth
End 2.
Mobile phone terminal 2 is connected with intelligent wearable device 1, the information being sent to for receiving intelligent wearable device, and
It is compared, is determined in next step with the threshold information of oneself storage;
A bridge beam action plays in authoritative institution 3, receives the information of mobile phone terminal 2, and determine the case where shunting.
Ambulance and registration vehicle 4 determine that ambulance rescue or registration vehicle are rescued by receiving the information of authoritative institution 3
It helps.
In mobile phone terminal 2, store a threshold value, this threshold value decide whether the personal health feelings that will be received
Condition is sent to authoritative institution, is then sent more than threshold value, otherwise then continues to receive.
The application principle of the present invention is further described below in conjunction with the accompanying drawings.
1, bilinear map
G1And G2It is two q rank addition cyclic groups, GTIt is q rank multiplicative cyclic groups, q is Big prime, P1And P2It is crowd G respectively1、
G2Two generate member, bilinear map e:e:G1×G2→GTHas following three property:
Bilinearity:To arbitrary P ∈ G1,Q∈G2,a,b∈Zq, there is e (aP, bQ)=e (P, Q)ab。
Non-degeneracy:e(P1,P2)≠1(GTMiddle identical element).
Computability:E can be calculated effectively.
If G1And G2Identical, which is known as symmetrical bilinear map, if G1And G2It is different then be known as asymmetric double
Linear Mapping, this uses symmetrical bilinear map.
Theorem:If p=2q+1, and p and q is two big odd primes, for integer a, if 0 < a < p-1, then-a2
For the quadratic non-residue of mould p, while it being also the primitive element of mould p.
2, judge Diffie-Hellman problems
G is a generation member of q rank multiplicative cyclic groups in finite field, and q is Big prime, it is known that (g, ga,gb, T), a,Wherein a, b are unknown, judge whether T is equal to gab.
If DDH difficult problems assume whether can judge T with the advantage that can not ignore there is no probabilistic polynomial time algorithm
Equal to gab, then claim in finite field, DDH problems are difficult to resolve.
As shown in figs 2-4,
Referring to FIG. 1, FIG. 2 and FIG. 3, the intelligent medical rescue skills provided in an embodiment of the present invention based on car networking is specific
Process is as follows:
In system model, it is contemplated that an authoritative institution (TA) trusty, one group of medical user Ui=(U1,
U2,···,Un), one group of vehicle Wl=(W1,W2,···,Wm), TA is the powerful entity positioned at health care center, mainly
It is responsible for the transfer of the management and breakdown lorry of entire medical health system, such as initializes system, is equipped with body sensing appropriate
Device node and critical material are to medical user, the registration etc. of vehicle.Each medical user is required for being equipped with personal wireless sensing
Device network and smart mobile phone can periodically collect personal physical condition, and be reported to medical centre, to reach better
Care treatment effect.It is different with the patient in family or hospital bed, the medical user U in model is mobile.
1, the aggregate signature stage
Aggregate signature scheme is used between user and trusted third party, can be effectively increased efficiency, be made patient timely
It sees a doctor, reduces because information cannot timely feedback the harm brought.
(1) aggregate signature scheme:
G1And G2It is two cyclic groups of Prime Orders P;
g1And g2It is G respectively1And G2Generator;
ψ is G1To G2Computable isomorphism, ψ (g1)=g2;
E is a computable bilinear map e:G1×G2→GT。
The security model of definition is as follows:
In view of one group of user, there are one signature keys to (PK by each user u ∈ Uu,SKu).It is desirable that polymerization one
The signature of a little users.Each userIt can be in the message M of ownuIt is upper to generate a signature δu.Then these are signed
Single condensate δ is formed by gateway.Be not user or fly-by-night third party in U can access user public keys,
Message and signature, but any private key cannot be accessed, the result of this polymerization is exactly aggregate signature δ, length and any single label
The length of name is identical, this polymerization has the following properties that:The verifier of given p and the identity of involved each side and they
Respective message believes that each user endorsed its corresponding message.
(2) bilinearity aggregate signature
The aggregate signature scheme allows different message MiSignature, the signature δ of each user are created on ∈ { 0,1 }iIt is G2's
One element.System basic parameter is basic group G1,G2, their respective generators are g1,g2, from G1To G2Isomorphism ψ can be calculated,
And there is target group GTBilinear map e:G1×G2→GT。
The program includes five algorithms:Key generates, and signs, verification, polymerization and comprehensive verification.
Key generates:For user, a random number is selectedAnd it calculatesThe public key of user is ν
∈G1, the key of user is x ∈ ZP。
Signature:Using the public key ν of user, message M ∈ { 0,1 } *, h ← h is calculated(M), wherein h ∈ G2, δ ← hx, signature is δ
∈G2。
Verification:Using the public key of user, message M and signature δ calculate h ← h(M);If e (g1, δ) and=e (ν, h) establishments,
Then receive.
Polymerization:Gateway receives each user message, and index an i, ranging from K=are distributed for each user | U |, Mei Geyong
Family uiThe message M that ∈ U are selected at itiSignature δ is provided on ∈ { 0,1 } *i∈G2.It calculatesThe signature of polymerization is δ ∈
G2。
Comprehensive verification:Trusted third party receives gateway and is sent to its message, and including aggregate signature δ, user's disappears
Cease the good public keys ν of Mii.It calculatesIfIt sets up, is then verified.
Correctness Analysis
2, user's vehicle match stage
Authoritative institution takes after these information carry out to protect privacy in oneself data with the vehicle registered in the case of
Matching, the matching algorithm used are as follows:
PPSPC requires user to gather their characteristic attribute to indicate with the vector that 0,1 character string forms, it is assumed that deposits
In a characteristic attribute matching files vector set I.The binary representation of each element characteristic attribute file in I,
The user or the vehicle are indicated when the element in I is 1, and there are this characteristic attributes, are to indicate that this feature is not present for 0, false
If there are a characteristic set (insomnia, hypertension, diabetes, pharyngitis), then the user A is insomnia and diabetic, then
His characteristic attribute configuration file is Ia=(1,0,1,0), similarly vehicle B is that have that hypertension and diabetes can be rescued, then
The characteristic attribute file of vehicle B is Ib=(0,1,0,1).Assume that A and B respectively has n characteristic attribute, the spy of A in this scheme
Sign attribute is expressed as vector set and closes Ia=(a1,a2,···,an), similarly the characteristic attribute of B indicates Ib=(b1,b2,···,
bn), user A and user B pass through firstValue determine mutual matching degree, but due to worrying privacy
Leakage does not calculate I directlya·Ib, can determine that user carries out in the case where privacy leakage does not occur using PPSPC schemes
Match.
Step 1:Authoritative institution according to user is desired and region vehicle number determine a matching degree th, when with
The matching degree I of family A and vehicle Ba·IbWhen >=th, that is, the phase knowledge and magnanimity for representing A and B are relatively high, can carry out pick-up operation.Matching
Spend Ia·IbWhen≤th, illustrate that A and B phase knowledge and magnanimity are relatively low, which cannot be rescued.
Step 2:User A executes following operation
(1) two Big primes α and β are randomly choosed, | α |=256bit, β > (n+1) α2。
(2) K=0 is enabled, a random number (c is selected1,c2...,cn), it enables
(3) for all ai∈Ia, all randomly choose a random number γi, and calculate ki=γi·β-ci
Work as aiWhen=1, Ci=α+ci+γiβ, K=K+ki, work as aiWhen=0, Ci=ci+γiβ, K=K+ki.For Ia
In all elements be carried out this operation, enable (β, K) maintain secrecy, finally obtain (α, C1,C2,C3,...,Cn), and send it to
Authoritative institution.
Step 3:Each vehicle B needs authority to be registered, and corresponding authoritative institution has all vehicles
Characteristic attribute Ib。
Step 4:For all bi∈Ib, the following operation of authoritative institution's execution
Work as biWhen=1,
Work as biWhen=0,
First two steps have been executed, have been calculatedWith calculate E=D+Kmod β, E withIt is identical.So
Afterwards by determining that the position of patient and vehicle, the desired value and E of patient disappear to determine to need to send request to which vehicle and rescue
Breath.
3, the broadcast enciphering stage
Authoritative institution sends the request for needing to rescue by following broadcast encryption scheme to vehicle.
The broadcast encryption scheme is made of five algorithms:
System parameter setting algorithm:The centers algorithm CA are run, and the security parameter of system is ζ, G3It is followed for a q rank addition
Ring group, G4For a q rank multiplicative cyclic group, p=2q+1, wherein p, q is Big prime, e:G3×G3→G4It is (G3,G4) on can
The bilinear map of calculating, p are crowd G3One generate member, random selectionAs main system private key msk, Your Majesty is calculated
Key mpk is Q=SP, g3The optional integer a of=e (P, P), CA meets 0 < a < p-1, enables g4=-a2(a can be destroyed or be protected
It is close), then select pi=2qi+ 1, i ∈ 1,2, and n }, meet p < pi, by theorem it is found that g4For pi(i∈{1,2,···,
N }) public primitive element, CA selects the hash function that can collide of three safety
K is symmetric key set, SNFor the set of all users, N=1,2, and n }, main private key s is preserved by CA, open parameter
params:{ζ,G3,G4,e,q,P,Q,g3,g4,p,SN,pi,K,H1,H2,H3}。
User key generating algorithm:The algorithm is by User IDiOperation, User IDiRandomly choose xi3,As its private
Key SKi=(SKi3,SKi4), it calculatesPKi4=xi4P, User IDiPublic key PKi=(PKi3,PKi4), it is private
Key is preserved by user oneself, and public key discloses.
Certificate generates algorithm:The algorithm is run by the centers CA, for User IDiIdentity information and corresponding public key PKi,
CA selects time parameter τ, first calculates hi=H1(τ||IDi||PKi), then calculate User IDiCertificateIt is sent to ID by overt channeli。
Encryption Algorithm:The algorithm is run by broadcaster, and broadcast enciphering algorithm is by a key encapsulation algorithm and a safety
Symmetric encipherment algorithm realize jointly:
Step 1 broadcaster selects the set for needing to broadcast
Step 2 is for IDi∈ S, broadcaster calculate h successivelyi=H1(τ||IDi||PKi),
Step 3 broadcaster randomly chooses r,It calculates (Hdr, k):K ∈ K,It can be calculated according to Chinese remainder theoremWhereinMi=MSpi, MiYi≡ 1,For message m, with symmetrical
Encryption Algorithm E generates ciphertext C0=Ek(m)。
Step 4 broadcaster passes through disclosed broadcast channel broadcasts message C=(Hdr, S, C0).
Decipherment algorithm:The algorithm is by User IDi(IDi∈ S) operation, after receiving broadcast ciphertext C, User IDiWith its private key
SKi, certificateFor income, calculates according to the following steps, recently enter the corresponding message ms of C or invalid flag ⊥:
Step 1 User IDi∈ S are calculated
Step 2 calculates
Step 3 calculates
Step 4 verifies H3Whether (σ ', k') is equal to H3(σ, k), if equal, with the decipherment algorithm D in symmetric encryption scheme
Return to m=D'k(C0), otherwise return to ⊥.
Only need one-time pad encryption, system can be to g the message program of broadcast1=e (P, P) is pre-processed, and is added
There is no need to carry out bilinear operation in close algorithm, a bilinear operation is only done in decipherment algorithm, improves computational efficiency.
Being dynamically added and exiting for vehicle may be implemented in the present invention, when there is new user that system is added, as long as the user selects
Select key xi3,And open public key, it is desirable that pi> p and never occurred, there is no need to change other users in system
Public, private key.Due to the public key in the new user of encrypting stageIt is not engaged in broadcast set public keyGeneration, therefore new user uses message before Chinese remainder theorem decryption:When cancelling
Not when user, as long as its public key is deleted, the public affairs of other users, private key in system are also had no need to change, for the use cancelled
For family, because not using the public key of revocation user in encrypting stageGenerate broadcast set public keySo revocation user can not use Chinese remainder theorem to the broadcast message after revocation
It is decrypted.
Correctness Analysis
The present invention broadcast set in validated user can will at the correct broadcast ciphertext recovery that received it is corresponding extensively
Broadcast message:
(1) User IDi∈ S are calculated after receiving broadcast ciphertext:
(2) user according toIt calculates:
(3) according to σ ' andSymmetric key can be recoveredIf H3(σ ', k')=H3(σ, k),
Ciphertext m=D' can correctly be recovered by the decipherment algorithm D of symmetric encryption schemek(C0), otherwise export ⊥.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all essences in the present invention
All any modification, equivalent and improvement etc., should all be included in the protection scope of the present invention made by within refreshing and principle.
Claims (10)
1. a kind of intelligent medical rescue skills based on car networking, which is characterized in that the intelligent medical based on car networking is rescued
Aid method includes:Aggregate signature is used between user and trusted third party;User's vehicle match, after authoritative institution receives information
It carries out that the matching in the case of privacy can be protected with the vehicle registered in oneself data;Authoritative institution with broadcast encryption scheme by being given
Vehicle sends the request for needing to rescue.
2. the intelligent medical rescue skills based on car networking as described in claim 1, which is characterized in that the aggregate signature tool
Body includes:
(1) aggregate signature scheme:
G1And G2It is two cyclic groups of Prime Orders P;
g1And g2It is G respectively1And G2Generator;
ψ is G1To G2Computable isomorphism, ψ (g1)=g2;
E is a computable bilinear map e:G1×G2→GT;
(2) bilinearity aggregate signature allows different message MiSignature, the signature δ of each user are created on ∈ { 0,1 }iIt is G2's
One element;Basic parameter is basic group G1,G2, their respective generators are g1,g2, from G1To G2Isomorphism ψ can be calculated, and
With target group GTBilinear map e:G1×G2→GT。
3. the intelligent medical rescue skills based on car networking as claimed in claim 2, which is characterized in that the aggregate signature into
One step specifically includes:
Key generates:For user, a random number is selectedAnd it calculatesThe public key of user is ν ∈ G1,
The key of user is x ∈ ZP;
Signature:Use the public key ν of user, message M ∈ { 0,1 }*, calculate h ← h(M), wherein h ∈ G2, δ ← hx, signature is δ ∈ G2;
Verification:Using the public key of user, message M and signature δ calculate h ← h(M);If e (g1, δ) and=e (ν, h) establishments, then it connects
By;
Polymerization:Gateway receives each user message, and index an i, ranging from K=are distributed for each user | U |, each user ui
The message M that ∈ U are selected at iti∈{0,1}*Upper offer signature δi∈G2, calculateThe signature of polymerization is δ ∈ G2;
Comprehensive verification:Trusted third party receives gateway and is sent to its message, including aggregate signature δ, the message Mi of user
Good public keys νi, calculateIfIt sets up, is then verified;
Correctness Analysis:
4. the intelligent medical rescue skills based on car networking as described in claim 1, which is characterized in that user's vehicle
With specifically including:
Step 1, authoritative institution according to user is desired and region vehicle number determine a matching degree th, as user A
With the matching degree I of vehicle Ba·IbWhen >=th, that is, the phase knowledge and magnanimity for representing A and B are relatively high, can carry out pick-up operation, matching degree
Ia·IbWhen≤th, illustrate that A and B phase knowledge and magnanimity are relatively low, which cannot be rescued;
Step 2, user A execute following operation:
(1) two Big primes α and β are randomly choosed, | α |=256bit, β > (n+1) α2;
(2) K=0 is enabled, a random number (c is selected1,c2...,cn), it enables
(3) for all ai∈Ia, all randomly choose a random number γi, and calculate ki=γi·β-ci;
Work as aiWhen=1, Ci=α+ci+γiβ, K=K+ki, work as aiWhen=0, Ci=ci+γiβ, K=K+ki;For IaIn
All elements are carried out this operation, enable (β, K) to maintain secrecy, finally obtain (α, C1,C2,C3,...,Cn), and send it to authority
Mechanism;
Step 3, each vehicle B need authority to be registered, and corresponding authoritative institution has the feature of all vehicles
Attribute Ib;
Step 4, for all bi∈Ib, the following operation of authoritative institution's execution:
Work as biWhen=1,
Work as biWhen=0,
It calculatesWith calculate E=D+Kmod β, E withIt is identical, then by determine patient and
The position of vehicle, the desired value and E of patient ask rescue message to determine to need to send to which vehicle.
5. the intelligent medical rescue skills based on car networking as described in claim 1, which is characterized in that the broadcast enciphering tool
Body includes:
System parameter setting algorithm:Security parameter is ζ, G3For a q rank addition cyclic group, G4For a q rank multiplicative cyclic group, p
=2q+1, wherein p, q are Big prime, e:G3×G3→G4It is (G3,G4) on computable bilinear map, p is crowd G3One
A generation member, random selectionAs main system private key msk, it is Q=SP, g to calculate Your Majesty's key mpk3=e (P, P), CA appoint
An integer a is selected, meets 0 < a < p-1, enables g4=-a2, a can destroy or maintain secrecy, then select pi=2qi+ 1, i ∈ { 1,2 ..., n },
Meet p < pi, by theorem it is found that g4For piThe public primitive element of (i ∈ { 1,2 ..., n }), CA select three safety that can collide
Hash functionK is symmetric key set, SNFor institute
There are the set of user, N={ 1,2 ..., n }, main private key s to be preserved by CA, open parameter params:{ζ,G3,G4,e,q,P,Q,g3,
g4,p,SN,pi,K,H1,H2,H3};
User key generating algorithm:By User IDiOperation, User IDiRandom selectionAs its private key SKi=
(SKi3,SKi4), it calculatesPKi4=xi4P, User IDiPublic key PKi=(PKi3,PKi4), private key by with
Family oneself preserves, and public key discloses;
Certificate generates algorithm:It is run by the centers CA, for User IDiIdentity information and corresponding public key PKi, the CA selection times
Parameter τ, first calculates hi=H1(τ||IDi||PKi), then calculate User IDiCertificatePass through public affairs
It opens channel and is sent to IDi;
Encryption Algorithm:Run by broadcaster, broadcast enciphering algorithm by a key encapsulation algorithm and a safety symmetric cryptography
Algorithm is realized jointly;
Decipherment algorithm:By User IDi(IDi∈ S) operation, after receiving broadcast ciphertext C, User IDiWith its private key SKi, certificateFor income, the corresponding message ms of input C or invalid flag ⊥.
6. the intelligent medical rescue skills based on car networking as claimed in claim 5, which is characterized in that the Encryption Algorithm tool
Body includes:
Step 1, broadcaster select the set for needing to broadcast
Step 2, for IDi∈ S, broadcaster calculate h successivelyi=H1(τ||IDi||PKi),
Step 3, broadcaster randomly choose r,It calculates (Hdr, k):K ∈ K,It can be calculated according to Chinese remainder theoremWhereinMiYi≡ 1,For message m, with pair
Encryption Algorithm E is claimed to generate ciphertext C0=Ek(m);
Step 4, broadcaster pass through disclosed broadcast channel broadcasts message C=(Hdr, S, C0)。
7. the intelligent medical rescue skills based on car networking as claimed in claim 5, which is characterized in that the decipherment algorithm tool
Body includes:
Step 1, User IDi∈ S are calculated
Step 2 calculates
Step 3 calculates
Step 4 verifies H3Whether (σ ', k') is equal to H3(σ, k) is returned if equal with the decipherment algorithm D in symmetric encryption scheme
Return m=D'k(C0), otherwise return to ⊥.
8. the intelligent medical rescue skills based on car networking as described in claim 1, which is characterized in that the broadcast enciphering
Validated user in broadcast set is by corresponding broadcast message at the correct broadcast ciphertext recovery received:
(1) User IDi∈ S are calculated after receiving broadcast ciphertext:
(2) user according toIt calculates;
(3) according to σ ' andSymmetric key can be recoveredIf H3(σ ', k')=H3(σ, k), by symmetrical
The decipherment algorithm D of encipherment scheme can correctly recover ciphertext m=D'k(C0), otherwise export ⊥.
9. a kind of intelligent medical based on car networking of the intelligent medical rescue skills based on car networking as described in claim 1 is rescued
Auxiliary system, which is characterized in that the intelligent medical salvage system based on car networking includes:
Intelligent wearable device, the physiological health index for acquiring and obtaining user, and mobile phone terminal is transmitted to by bluetooth;
Mobile phone terminal is connected with intelligent wearable device, the information being sent to for receiving intelligent wearable device, and and oneself
The threshold information of storage is compared;
Authoritative institution receives the information of mobile phone terminal, and determines the case where shunting;
Ambulance and registration vehicle determine ambulance rescue or registration vehicle rescue by receiving the information of authoritative institution.
10. the intelligent medical salvage system based on car networking as claimed in claim 9, which is characterized in that the mobile phone is whole
In end, a threshold value is stored, this threshold value decides whether the personal health situation received is sent to authoritative machine
Structure, then sends more than threshold value, otherwise then continues to receive.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810049133.6A CN108401010B (en) | 2018-01-18 | 2018-01-18 | Intelligent medical rescue method and system based on Internet of vehicles |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810049133.6A CN108401010B (en) | 2018-01-18 | 2018-01-18 | Intelligent medical rescue method and system based on Internet of vehicles |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108401010A true CN108401010A (en) | 2018-08-14 |
CN108401010B CN108401010B (en) | 2021-05-14 |
Family
ID=63094751
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810049133.6A Active CN108401010B (en) | 2018-01-18 | 2018-01-18 | Intelligent medical rescue method and system based on Internet of vehicles |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108401010B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109802956A (en) * | 2019-01-02 | 2019-05-24 | 西安邮电大学 | Vehicle-mounted net anonymous authentication system and method based on ring signatures, vehicle communication platform |
CN113709096A (en) * | 2021-06-24 | 2021-11-26 | 北京农业信息技术研究中心 | Livestock asset management identity authentication method and system |
CN113747425A (en) * | 2021-11-04 | 2021-12-03 | 晨越建设项目管理集团股份有限公司 | RFID label anonymous authentication and key agreement method based on smart city security system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103746810A (en) * | 2013-12-27 | 2014-04-23 | 西安邮电大学 | Anonymous sign-cryption method from certificate public key system to identity public key system |
US20150052352A1 (en) * | 2013-06-23 | 2015-02-19 | Shlomi Dolev | Certificating vehicle public key with vehicle attributes |
CN105763558A (en) * | 2016-01-20 | 2016-07-13 | 华东师范大学 | Distributed aggregation authentication method having privacy protection function for vehicle-mounted self-organizing network |
CN105847235A (en) * | 2016-03-14 | 2016-08-10 | 安徽大学 | Identity based efficient anonymous batch authentication method in IOV (Internet of Vehicles) environment |
CN107242854A (en) * | 2017-05-27 | 2017-10-13 | 西安邮电大学 | A kind of intelligent medical system based on secure communication |
-
2018
- 2018-01-18 CN CN201810049133.6A patent/CN108401010B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150052352A1 (en) * | 2013-06-23 | 2015-02-19 | Shlomi Dolev | Certificating vehicle public key with vehicle attributes |
CN103746810A (en) * | 2013-12-27 | 2014-04-23 | 西安邮电大学 | Anonymous sign-cryption method from certificate public key system to identity public key system |
CN105763558A (en) * | 2016-01-20 | 2016-07-13 | 华东师范大学 | Distributed aggregation authentication method having privacy protection function for vehicle-mounted self-organizing network |
CN105847235A (en) * | 2016-03-14 | 2016-08-10 | 安徽大学 | Identity based efficient anonymous batch authentication method in IOV (Internet of Vehicles) environment |
CN107242854A (en) * | 2017-05-27 | 2017-10-13 | 西安邮电大学 | A kind of intelligent medical system based on secure communication |
Non-Patent Citations (3)
Title |
---|
CHENGZHE LAI等: "SPGS: a secure and privacy-preserving group setup framework for platoon-based vehicular cyber-physical systems", 《SECURITY AND COMMUNICATION NETWORKS》 * |
HUEI-RU TSENG: "A Secure and Privacy-Preserving Communication Protocol for V2G Networks", 《IEEE》 * |
RONG JIANG: "A Secure Communication Protocol with Privacy-Preserving Monitoring and Controllable Linkability for V2G", 《IEEE》 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109802956A (en) * | 2019-01-02 | 2019-05-24 | 西安邮电大学 | Vehicle-mounted net anonymous authentication system and method based on ring signatures, vehicle communication platform |
CN109802956B (en) * | 2019-01-02 | 2021-09-10 | 西安邮电大学 | Anonymous vehicle-mounted network authentication system and method based on ring signature and vehicle communication platform |
CN113709096A (en) * | 2021-06-24 | 2021-11-26 | 北京农业信息技术研究中心 | Livestock asset management identity authentication method and system |
CN113709096B (en) * | 2021-06-24 | 2023-08-04 | 北京农业信息技术研究中心 | Livestock asset management identity authentication method and system |
CN113747425A (en) * | 2021-11-04 | 2021-12-03 | 晨越建设项目管理集团股份有限公司 | RFID label anonymous authentication and key agreement method based on smart city security system |
CN113747425B (en) * | 2021-11-04 | 2022-02-18 | 晨越建设项目管理集团股份有限公司 | RFID label anonymous authentication and key agreement method based on smart city security system |
Also Published As
Publication number | Publication date |
---|---|
CN108401010B (en) | 2021-05-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Srivastava et al. | A light and secure healthcare blockchain for iot medical devices | |
Khan et al. | A secure framework for authentication and encryption using improved ECC for IoT-based medical sensor data | |
Liu et al. | Secure sharing of personal health records in cloud computing: Ciphertext-policy attribute-based signcryption | |
Zhang et al. | PHDA: A priority based health data aggregation with privacy preservation for cloud assisted WBANs | |
Zhou et al. | PSMPA: Patient self-controllable and multi-level privacy-preserving cooperative authentication in distributedm-healthcare cloud computing system | |
Omala et al. | Provably secure heterogeneous access control scheme for wireless body area network | |
Alzahrani | Secure and efficient cloud-based IoT authenticated key agreement scheme for e-health wireless sensor networks | |
Xu et al. | A novel proxy-oriented public auditing scheme for cloud-based medical cyber physical systems | |
CN106789082A (en) | Cloud storage medical data based on wireless body area network is in batches from auditing method | |
CN110752024B (en) | Online medical diagnosis service system based on privacy protection | |
CN108401010A (en) | A kind of intelligent medical rescue skills and system based on car networking | |
CN107635018A (en) | Support the cross-domain medical cloud storage system of urgent access control and safe duplicate removal | |
CN105978918A (en) | Bilinear identity authentication method suitable for wireless body area network communication access | |
Chang et al. | Secure medical data management with privacy-preservation and authentication properties in smart healthcare system | |
Layouni et al. | Privacy-preserving telemonitoring for ehealth | |
Xu et al. | Cryptoanalysis on a cloud-centric Internet-of-medical-things-enabled smart healthcare system | |
Kumar et al. | Cryptanalysis of secure ECC-based three factor mutual authentication protocol for telecare medical information system | |
Olakanmi et al. | Secure and privacy-preserving referral framework for e-health system | |
Chatterjee et al. | A lightweight block cipher technique for IoT based E-healthcare system security | |
CN109687961A (en) | Anti- quantum calculation block chain method of commerce and system based on pool of symmetric keys route device | |
CN116522366B (en) | Multiparty data processing method suitable for big data, storage medium and product | |
Zhang et al. | Efficient obfuscation for encrypted identity-based signatures in wireless body area networks | |
Le et al. | Public key cryptography-based security scheme for wireless sensor networks in healthcare | |
CN112910629B (en) | Anonymous identity authentication method for patients and doctors under wireless body area network | |
Tiwari et al. | Physiological value based privacy preservation of patient’s data using elliptic curve cryptography |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |