Security analysis of a large-scale concurrent data anonymous batch verification scheme for mobile healthcare crowd sensing
As an important application of the Internet of Things (IoT) technologies, mobile healthcare crowd sensing (MHCS) still has challenging issues, such as privacy protection and efficiency. Quite recently in IEEE Internet of Things Journal (DOI: 10.1109/JIOT.2018.2828463), Liu et al. proposed a large-sc...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/4152 https://ink.library.smu.edu.sg/context/sis_research/article/5156/viewcontent/Security_analysis_mobile_healthcare_2018_av.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| Summary: | As an important application of the Internet of Things (IoT) technologies, mobile healthcare crowd sensing (MHCS) still has challenging issues, such as privacy protection and efficiency. Quite recently in IEEE Internet of Things Journal (DOI: 10.1109/JIOT.2018.2828463), Liu et al. proposed a large-scale concurrent data anonymous batch verification scheme for mobile healthcare crowd sensing, claiming to provide batch authentication, non-repudiation, and anonymity. However, after a close look at the scheme, we point out that the scheme suffers two types of signature forgery attacks and hence fails to achieve the claimed security properties. In addition, a reasonable and rigorous probability analysis indicates that the security reduction from the security of the scheme to the hardness of the Computational Diffie-Hellman (CDH) problem is invalid. We hope that similar design flaws can be avoided in future design of anonymous batch verification schemes for mobile healthcare crowd sensing. |
|---|