TY - GEN
T1 - Leakage-Resilient and Lightweight Authenticated Key Exchange for E-Health
AU - Zeng, Wenjun
AU - Zhang, Jie
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/3
Y1 - 2020/3
N2 - E-Health applications generally involve human users' privacy information such as identity and medical data. To protect these data, authenticated key exchange (AKE) protocols are provided as an underlying security mechanism in many communication techniques for E-Health application. For example, the international communication standard for wireless body area network (WBAN), i.e. IEEE S02.15.6, provides a number of AKE protocols for different E-Health scenarios; the Bluetooth specification 5.0 also defines four AKE protocols applicable in different applications of E-Health. However, all of these AKE protocols in use cannot resist to the emerging side-channel attacks (also known as leakage attacks). This paper thereby aims to enhance security and privacy in E-Health by designing an AKE protocol which can resist side-channel attacks. In particular, a leakage-resilient AKE protocol is proposed by combining the blinding technique with the Elliptic Curve Diffie-Hellman key exchange protocol (ECDH). In addition, to make the protocol friendlier to capability-limited nodes such as medical devices which are widely used in E-Health applications, we transfer some time-consuming computations from a limited node to its communicating partner which is generally more powerful. We also realize a prototype and carry out a series of experiments to study its performance. The proposed AKE protocol has stronger security and higher efficiency than similar protocols in IEEE 802.15.6 and Bluetooth 5.0.
AB - E-Health applications generally involve human users' privacy information such as identity and medical data. To protect these data, authenticated key exchange (AKE) protocols are provided as an underlying security mechanism in many communication techniques for E-Health application. For example, the international communication standard for wireless body area network (WBAN), i.e. IEEE S02.15.6, provides a number of AKE protocols for different E-Health scenarios; the Bluetooth specification 5.0 also defines four AKE protocols applicable in different applications of E-Health. However, all of these AKE protocols in use cannot resist to the emerging side-channel attacks (also known as leakage attacks). This paper thereby aims to enhance security and privacy in E-Health by designing an AKE protocol which can resist side-channel attacks. In particular, a leakage-resilient AKE protocol is proposed by combining the blinding technique with the Elliptic Curve Diffie-Hellman key exchange protocol (ECDH). In addition, to make the protocol friendlier to capability-limited nodes such as medical devices which are widely used in E-Health applications, we transfer some time-consuming computations from a limited node to its communicating partner which is generally more powerful. We also realize a prototype and carry out a series of experiments to study its performance. The proposed AKE protocol has stronger security and higher efficiency than similar protocols in IEEE 802.15.6 and Bluetooth 5.0.
KW - authenticated key exchange
KW - e-health
KW - leakage-resilience
KW - side-channel attacks
KW - wireless body area network
UR - http://www.scopus.com/inward/record.url?scp=85085041818&partnerID=8YFLogxK
U2 - 10.1109/ICIM49319.2020.244691
DO - 10.1109/ICIM49319.2020.244691
M3 - Conference Proceeding
AN - SCOPUS:85085041818
T3 - 2020 6th IEEE International Conference on Information Management, ICIM 2020
SP - 162
EP - 166
BT - 2020 6th IEEE International Conference on Information Management, ICIM 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 6th IEEE International Conference on Information Management, ICIM 2020
Y2 - 27 March 2020 through 29 March 2020
ER -