Alexandria Engineering Journal (Apr 2025)
A privacy-preserving and energy efficient authentication protocol for the cloud-based e-healthcare system
Abstract
The transmission of patient-sensitive information to the cloud server has significantly revolutionized conventional/traditional healthcare systems. As in the traditional healthcare system, the patients mainly depend on doctors' expertise, accepting every piece of advice without asking any questions. While the e-healthcare system can empower patients to self-manage their health-related features, growing life and increasing physician productivity because they receive all requisite information electronically for diagnosis. The e-transmission from embedded sensors/wearables inside the patient's body towards the cloud server is performed in a hostile environment; an attacker can easily forge and create hurdles for the system. Also, patient-sensitive records are transmitted through a resource-limited and low-latency network, susceptible to numerous threats, including identity spoofing, insider threats, and eavesdropping. Among these, privacy is a leading challenge from the perspectives of both patient and physician. However, if all the involved entities become securely authenticated, it, in turn, guarantees the privacy and security of the whole e-healthcare system. Therefore, this article proposes a privacy-preserving and robust authentication protocol utilizing Elliptic Curve Cryptography (ECC), Secure Hash Algorithm-256 (SHA-256), and XoR operations. The robustness of the proposed protocol has been scrutinized via a well-known Real-Or-Random (RoR) model and through ProVerif simulation, whereas the performance evaluation has been conducted by measuring computation, communication, and storage costs. Upon comparing the proposed protocol with prior works in terms of performance metrics and security functionalities, it has been demonstrated that the proposed scheme is 62 % better in energy consumption, 53 % better in communication cost, and 93 % better in computation cost against its competitors. So, it is recommended for practical implementation in the e-healthcare system.
