ETAP: Energy-Efficient and Traceable Authentication Protocol in Mobile Medical Cloud Architecture

Abstract

Medical cloud blends medical treatment, cloud computing, and cloud storage together via the Internet to achieve stakeholders’ benefits (healthcare center, patient, doctor, and cloud server). It also enables bunch of shared computing-storage resources to end users at anytime and anywhere. Due to the complexity and openness of the Internet, assorted challenges are there. Hence, security and privacy are the dominant concerns. Therefore, a strong privacy protection authentication protocol is desired. Very recently, Cheng et al. proposed a cloud-based authentication protocol and claimed that their protocol was against mentioned weaknesses in their paper. However, the analysis shows that Cheng et al. ’s protocol is insecure against message confidentiality and patient’s anonymity. Then, a novel energy-efficient and traceable authentication protocol (ETAP) is proposed. The ETAP not only mitigates the weaknesses, but has other advantages. First, the ETAP realizes authentication with extremely low computational cost between stakeholders. Second, the ETAP can enable patients to enjoy the remote services with privacy protection. Finally, the ETAP is proven to be safe against passive and active attacks under the elliptic curve discrete logarithm problem assumption in random oracle model. Hence, these features make the ETAP very suitable for computation-limited mobile devices (such as smartphone and PAD) compared with other related existing protocols.