CDAKA: A Provably-Secure Heterogeneous Cross-Domain Authenticated Key Agreement Protocol with Symptoms-Matching in TMIS.

Abstract

Telecare Medical Information System (TMIS) provides the flexible and convenient e-health care. It helps the patients to gain health monitoring information and provides patients to share their experience wirelessly. Traditional authentication and key agreement (AKA) protocols in TMIS are mostly considered in same-domain environment. However, future generation network may integrate various of wireless mesh networks under various domain. What's more, patients heterogeneous cross-domain service has become an inevitable trend. However, there is still no heterogeneous cross-domain authenticated protocol between PKI-domain and IBC-domain in TMIS. In this paper, we propose a heterogeneous cross-domain AKA protocol with symptoms-matching in TMIS (short for CDAKA). It not only keeps good security features, but also truly provides patients' anonymity to protect sensitive information from illegal interception. It still provides patients in two different domains to share their experience, broaden their understanding of illness by using their mobile device freely. Besides, it can realize AKA with extremely low computing cost and communication cost. What's more, it is proved to be secure against known possible attacks under the Elliptic Curve Computable Diffie-Hellman problem (ECDHP) assumption in the random oracle model. Hence, these features make CDAKA protocol very suitable for mobile application scenarios, where resource is severely constrained and security is particularly concerned.