The mobile-health system, also known as the wireless body area network for remote patient monitoring, is a system used to remotely monitor the human body’s health status parameters in real time. The generalized signcryption can realize encryption, signature, and signcryption with only one key pair and one algorithm. To address the communication security requirement for the mobile-health system, Zhang et al. recently proposed a lightweight secure data transmission protocol for the mobile-health system, which uses a certificateless generalized signcryption scheme. However, Zhang et al.’s certificateless generalized signcryption scheme is insecure. In this article, we propose an improved certificateless generalized signcryption scheme and then give a rigorous security proof of it. The confidentiality of our improved scheme can be reduced to the computational Diffie–Hellman problem, and the unforgeability, the Elliptic Curve Discrete Logarithm problem. Performance evaluation shows that our scheme has only slightly increased computational and communicational costs compared with the original scheme, but it is more efficient than other certificateless generalized signcryption schemes existing at present. What is more, it is also an efficient scheme compared with those ones protecting the mobile-health system. Based on our scheme, the same lightweight secure data transmission protocol for the mobile-health system can also be constructed, just like the one based on the original scheme.
Read full abstract