Authenticated Data Sharing With Privacy Protection and Batch Verification for Healthcare IoT

Abstract

The healthcare Internet of Things (IoT) is rapidly becoming an invaluable tool in the healthcare industry. However, sharing data in healthcare IoT raises many security and privacy concerns, such as how to ensure data integrity, source authentication, and data privacy. Redactable signature schemes ( <inline-formula><tex-math notation="LaTeX">${{\sf RSS}}$</tex-math></inline-formula> s) could be a feasible solution to address this question because it allows a signature holder to independently delete the privacy-sensitive part of the authenticated data without invalidating the respective signature. This flexible data sharing mechanism not only protects data privacy but also saves bandwidth. However, the state-of-the-art <inline-formula><tex-math notation="LaTeX">${{\sf RSS}}$</tex-math></inline-formula> s suffer from either the costly public key management problem or the secret key escrow problem. Another drawback of these schemes lies in their computation and communication overheads and hence are quite expensive for constrained devices. To address these challenging issues, in this work, we first propose the notion of certificateless <inline-formula><tex-math notation="LaTeX">${{\sf RSS}}$</tex-math></inline-formula> . We then provide an efficient instantiation of our scheme and prove its security under cryptographic assumptions. Our construction supports batch verification and redaction control, which further saves bandwidth and enhances the security of shared data by preventing the dishonest holder from arbitrarily editing data. Moreover, the comparison analysis of theory and experiment with more recent works shows the practicability of our design.