Computer Science

Computer Science ›› 2026, Vol. 53 ›› Issue (4): 454-468.doi: 10.11896/jsjkx.250100087

• Information Security • Previous Articles    

Smart Medical Secure Authentication Protocol for Cloud and Fog Leakage Resistance

YANG Xin, GUO Yimin   

  1. School of Information Engineering, Zhongnan University of Economics and Law, Wuhan 430073, China
  • Received:2025-01-14 Revised:2025-03-11 Online:2026-04-15 Published:2026-04-08
  • About author:YANG Xin,born in 2001,postgraduate,is a student member of CCF(No.Z1262G).Her main research interests include identity authentication and key agreement.
    GUO Yimin,born in 1992.Ph.D,asso-ciate professor,master’s supervisor,is a member of CCF(No.K7779S).Her main research interests include passwords,authentication protocol and modern cryptography.
  • Supported by:
    National Natural Science Foundation of China(62102453),Hubei Provincial Natural Science Foundation(2025AFC108),Project of Humanities and Social Sciences Research Project of Chinese Ministry of Education(22YJCZH217) and Fundamental Research Funds for the Central Universities of Zhongnan University of Economics and Law(202451416).

PDF (PC)

82

Abstract: While smart healthcare enhances the convenience of people’s lives,it also poses significant challenges for the secure transmission of massive medical data in open wireless network communication environments.These data are susceptible to various internal and external attacks during transmission.To ensure timely and effective medical data transmission,the cloud-fog architecture,widely adopted in smart healthcare for network communication,significantly shortens the communication distance between the cloud and terminal devices through the effective extension of cloud computing by fog computing,thereby effectively mitigating network latency and jitter issues caused by excessive distance.However,most existing authentication and communication schemes based on the cloud-fog architecture adopt a centralized architecture of single-cloud,multiple-fogs and multiple-devices,which is prone to the risk of single-point failure.More seriously,these schemes often assume that the cloud is completely trustworthy,whereas in reality,cloud servers also face the risk of internal attacks,enabling attackers to compute session keys during the identity authentication and key agreement phase,leading to the leakage of communication data privacy and severely impacting communication security.In response to these communication security challenges,this paper proposes a secure authentication and key agreement protocol for smart healthcare that is resistant to cloud-fog compromise attacks.Leveraging blockchain technology to ensure the security of protocol data,this protocol can withstand various known attacks while also resisting cloud-fog leakage attacks.The semantic security of the proposed protocol is demonstrated using the extended Random Oracle Model.A heuristic security analysis method is employed to show that the proposed protocol satisfies all eight security properties.Additionally,the security of the proposed protocol is verified using the AVISPA security analysis tool.Performance analysis indicates that,compared with existing related protocols,the proposed protocol has lower communication overhead,lower computational cost,lower energy consumption,and stronger resistance to security attacks.

Key words: Smart healthcare, Cloud and fog compromise attack, Fog computing, Authentication, Blockchain

CLC Number: 

  • TP393
[1]WANG W M,HUANG H P,XIAO F,et al.Computation-transferable Authenticated Key Agreement Protocol for Smart Healthcare[J].Journal of Systems Architecture,2021,118:102215.
[2]XU Z S,XU J B,LI D K.A Token-based Authentication and Key Agreement Protocol for Cloud Computing[C]//2021 IEEE 6th International Conference on Smart Cloud(SmartCloud).Piscataway,NJ:IEEE,2021:38-43.
[3]MOOKHERJI S,ODELU V,PRASATH R,et al.Fog-basedSingle Sign-on Authentication Protocol for Electronic Healthcare Applications[J].IEEE Internet of Things Journal,2023,10(12):10983-10996.
[4]HAYYOLALAM V,ALOQAILY M,ÖZKASAP Ö,et al.Edge-assisted Solutions for IoT-based Connected Healthcare Systems:A Literature Review[J].IEEE Internet of Things Journal,2021,9(12):9419-9443.
[5]KE C B,ZHU Z J,XIAO F,et al.SDN-based Privacy and Functional Authentication Scheme for Fog Nodes of Smart Healthcare[J].IEEE Internet of Things Journal,2022,9(18):17989-18001.
[6]GUO Y M,ZHANG Z F,GUO Y J.Secfhome:Secure Remote Authentication in Fog-enabled Smart Home Environment[J].Computer Networks,2022,207:108818.
[7]GUO Y M,GUO Y J.FogHA:An Efficient Handover Authenti-cation for Mobile Devices in Fog Computing[J].Computers & Security,2021,108:102358.
[8]BONOMI F,MILITO R,ZHU J,et al.Fog Computing and Its Role in the Internet of Things[C]//Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing.New York:ACM,2012:13-16.
[9]SHI W S,CAO J,ZHANG Q,et al.Edge Computing:Vision and Challenges[J].IEEE Internet of Things Journal,2016,3(5):637-646.
[10]GUO Y M,ZHANG Z F,GUO Y J,et al.BSRA:Blockchain-based Secure Remote Authentication Scheme for the Fog-enabled Internet of Things[J].IEEE Internet of Things Journal,2024,11(2):3348-3361.
[11]GUO Y M,ZHANG Z F,GUO Y J.Fog-centric Authenticated Key Agreement Scheme without Trusted Parties[J].IEEE Systems Journal,2020,15(4):5057-5066.
[12]AMANLOU S,HASAN M K,BAKAR K A A.Lightweight and Secure Authentication Scheme for IoT Network Based on Publish-subscribe Fog Computing Model[J].Computer Networks,2021,199:108465.
[13]XU Z S,LIANG W,LI K,et al.A Blockchain-based Roadside Unit-assisted Authentication and Key Agreement Protocol for Internet of Vehicles[J].Journal of Parallel and Distributed Computing,2021,149:29-39.
[14]LI X C,YIN X C.Blockchain-based Group Key Agreement Protocol for Vehicular Ad Hoc Networks[J].Computer Communications,2022,183:107-120.
[15]CHATTARAJ D,BERA B,DAS A K,et al.Block-clap:Blockchain-assisted Certificateless Key Agreement Protocol for Internet of Vehicles in Smart Transportation[J].IEEE Transactions on Vehicular Technology,2021,70(8):8092-8107.
[16]LI J Y,QIAO Z Q,PENG J L.Asymmetric Group Key Agreement Protocol Based on Blockchain and Attribute for Industrial Internet of Things[J].IEEE Transactions on Industrial Informatics,2022,18(11):8326-8335.
[17]ARMANDO A,BASIN D,BOICHUT Y,et al.The AVISPATool for the Automated Validation of Internet Security Protocols and Applications[C]//Computer Aided Verification:17th International Conference.Berlin:Springer,2005:281-285.
[18]IBRAHIM M H.Octopus:An Edge-fog Mutual Authentication Scheme[J].International Journal of Network Security,2016,18(6):1089-1101.
[19]SRINIVAS J,DAS A K,KUMAR N,et al.Cloud Centric Authentication for Wearable Healthcare Monitoring System[J].IEEE Transactions on Dependable and Secure Computing,2018,17(5):942-956.
[20]WAZID M,DAS A K,KUMAR N,et al.Design of Secure Key Management and User Authentication Scheme for Fog Computing Services[J].Future Generation Computer Systems,2019,91:475-492.
[21]GUO Y M,ZHANG Z F,GUO Y J.Anonymous Authenticated Key Agreement and Group Proof Protocol for Wearable Computing[J].IEEE Transactions on Mobile Computing,2021,21(8):2718-2731.
[22]GUO Y M,GUO Y J.CS-LAKA:A Lightweight Authenticated Key Agreement Protocol with Critical Security Properties for IoT Environments[J].IEEE Transactions on Services Computing,2023,16(6):4102-4114.
[23]JIA X Y,HE D B,KUMAR N,et al.Authenticated Key Agreement Scheme for Fog-driven IoT Healthcare System[J].Wireless Networks,2019,25(8):4737-4750.
[24]MA M M,HE D B,WANG H Q,et al.An Efficient and Provably Secure Authenticated Key Agreement Protocol for Fog-based Vehicular Ad-hoc Networks[J].IEEE Internet of Things Journal,2019,6(5):8065-8075.
[25]LI X H,CHEN T,CHENG Q F,et al.An Efficient and Authenticated Key Establishment Scheme Based on Fog Computing for Healthcare System[J].Frontiers of Computer Science,2022,16:1-12.
[26]SHEN J,YANG H J,WANG A X,et al.Lightweight Authentication and Matrix-based Key Agreement Scheme for Healthcare in Fog Computing[J].Peer-to-Peer Networking and Applications,2019,12:924-933.
[27]KALARIA R,KAYES A S M,RAHAYU W,et al.A Secure Mutual Authentication Approach to Fog Computing Environment[J].Computers & Security,2021,111:102483.
[28]YAO H L,YAN Q.Cryptographic Analysis and Design ofAnonymous Authentication Protocol for Internet of Vehicles Va-lue added Service[J].Journal of Computer Research and Deve-lopment,2022,59(2):12.
[29]MA Y,SHI W,LI X,et al.Provable Secure Authentication Key Agreement for Wireless Body Area Networks[J].Frontiers of Computer Science,2024,18(5):185811.
[30]WANG Y,LIU Y.RC2PAS:Revocable Certificateless Condi-tional Privacy-preserving Authentication Scheme in WBANs[J].IEEE Systems Journal,2022,16(4):5675-5685.
[31]XIE X W,WU B,HOU B T.BEPHAP:A Blockchain-based Efficient Privacy-preserving Handover Authentication Protocol with Key Agreement for Internet of Vehicles[J].Journal of Systems Architecture,2023,138:102869.
[32]YU S,LEE J,SUTRALA A K,et al.LAKA-UAV:Lightweight Authentication and Key Agreement Scheme for Cloud-assisted Unmanned Aerial Vehicle Using Blockchain in Flying Ad-hoc Networks[J].Computer Networks,2023,224:109612.
[33]DONG J,XU G,MA C,et al.Blockchain-Based Certificate-Free Cross-Domain Authentication Mechanism for Industrial Internet[J].IEEE Internet of Things Journal,2024,11(2):3316-3330.
[34]WEI S J,LI S S,WANG J H.A Cross-domain Authentication Protocol by Identity-based Cryptography on Consortium Blockchain[J].Chinese Journal of Computers,2021,44(5):908-920.
[35]SHAO X W,GUO Y J.A Blockchain-based Authentication Protocol for Telemedicine[J].Journal of Cryptologic Researchs,2023,10(2):397-414.
[36]ZHENG Z B,XIE S A,DAI H N,et al.Blockchain Challenges and Opportunities:A Survey[J].International Journal of Web and Grid Services,2018,14(4):352-375.
[37]DOLEV D,YAO A.On the Security of Public Key Protocols[J].IEEE Transactions on Information Theory,1983,29(2):198-208.
[38]CANETTI R,KRAWCZYK H.Universally Composable No-tions of Key Exchange and Secure Channels[C]//Advances in Cryptology-EUROCRYPT 2002:International Conference on the Theory and Applications of Cryptographic Techniques.Berlin:Springer,2002:337-351.
[39]MESSERGES T S,DABBISH E A,SLOAN R H.Examining Smart-card Security Under the Threat of Power Analysis Attacks[J].IEEE Transactions on Computers,2002,51(5):541-552.
[40]WANG D,WANG P.Two Birds with One Stone:Two-factor Authentication with Security Beyond Conventional Bound[J].IEEE Transactions on Dependable and Secure Computing,2016,15(4):708-722.
[41]SHIHAB S,ALTAWY R.Lightweight Authentication Scheme for Healthcare with Robustness to Desynchronization Attacks[J].IEEE Internet of Things Journal,2023,10(20):18140-18153.
[42]WANG Q X,WANG D,CHENG C,et al.Quantum2FA:Efficient Quantum-resistant Two-factor Authentication Scheme for Mobile Devices[J].IEEE Transactions on Dependable and Secure Computing,2021,20(1):193-208.
[43]YANG H,GUO Y J,GUO Y M.Blockchain-based Cloud-fog Collaborative Smart Home Authentication Scheme[J].Compu-ter Networks,2024,242:110240.
[44]WANG D,HE D B,WANG P,et al.Anonymous Two-factorAuthentication in Distributed Systems:Certain Goals are Beyond Attainment[J].IEEE Transactions on Dependable and Secure Computing,2014,12(4):428-442.
[45]PARK K S,LEE J Y,DAS A K,et al.BPPS:Blockchain-enabled privacy-preserving scheme for demand-response management in smart grid environments[J].IEEE Transactions on Dependable and Secure Computing,2022,20(2):1719-1729.
[46]ZHANG S W,YAN Z W,LIANG W,et al.BAKA:Biometric authentication and key agreement scheme based on fuzzy extractor for wireless body area networks[J].IEEE Internet of Things Journal,2024,11(3):5118-5128.
[47]ARMANDO A,BASIN D,BOICHUT Y,et al.The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications[C]//Computer Aided Verification:17th International Conference.Berlin:Springer,2005:281-285.
[48]CHEVALIER Y,COMPAGNA L,CUELLAR J,et al.A High Level Protocol Specification Language for Industrial Security-sensitive Protocols[C]//Workshop on Specification and Automated Processing of Security Requirements(SAPS’2004).Austrian Computer Society,2004:13.
[49]FAN Q,CHEN J H,DEBORAH L J,et al.A Secure and Efficient Authentication and Data Sharing Scheme for Internet of Things Based on Blockchain[J].Journal of Systems Architecture,2021,117:102112.
[50]HEWA T,BRAEKEN A,LIYANAGE M,et al.Fog computing and blockchain-based security service architecture for 5G industrial IoT-enabled cloud manufacturing[J].IEEE Transactions on Industrial Informatics,2022,18(10):7174-7185.
[51]HUANG Y T,CHEN T S,WANG S D.Authenticated KeyAgreement Scheme for Fog Computing in A Health-care Environment[J].IEEE Access,2023,11:46871-46881.
[52]YADAV A K,MISRA M,PANDEY P K,et al.An EAP-based Mutual Authentication Protocol for WLAN-connected IoT Devices[J].IEEE Transactions on Industrial Informatics,2022,19(2):1343-1355.
[53]XU Z S,LI X,XU J B,et al.A Secure and Computationally Efficient Authentication and Key Agreement Scheme for Internet of Vehicles[J].Computers and Electrical Engineering,2021,95:107409.
[54]CAO J,MA M D,FU Y L,et al.CPPHA:Capability-based Privacy-protection Handover Authentication Mechanism for SDN-based 5G HetNets[J].IEEE Transactions on Dependable and Secure Computing,2019,18(3):1182-1195.
[55]MA R H,CAO J,FENG D G,et al.FTGPHA:Fixed-trajectory Group Pre-handover Authentication Mechanism for Mobile Relays in 5G High-speed Rail Networks[J].IEEE Transactions on Vehicular Technology,2019,69(2):2126-2140.
[1] PAN Yanyang, YANG Binhao, JI Qingge. PBFT Consensus Algorithm Based on Bayesian Theory [J]. Computer Science, 2026, 53(1): 331-340.
[2] SI Xuege, JIA Hongyong, LI Weixian, ZENG Junjie , MEN Ruirui. Software-defined Perimeter Anonymous Authentication Scheme Based on Verifiable Credentials [J]. Computer Science, 2026, 53(1): 363-370.
[3] ZHOU Tao, DU Yongping, XIE Runfeng, HAN Honggui. Vulnerability Detection Method Based on Deep Fusion of Multi-dimensional Features from Heterogeneous Contract Graphs [J]. Computer Science, 2025, 52(9): 368-375.
[4] FENG Yimeng, FENG Yan, XIE Sijiang, ZHANG Qing. Proxy-based Bidirectional Coin Mixing Mechanism of Blockchain [J]. Computer Science, 2025, 52(8): 385-392.
[5] LI Jiangxu, CHEN Zemao, ZHANG Liqiang. Lightweight Authentication and Key Agreement Protocol for Cloud-assisted Smart Home Communication [J]. Computer Science, 2025, 52(7): 342-352.
[6] ZHAO Chanchan, WEI Xiaomin, SHI Bao, LYU Fei, LIU Libin, ZHANG Ziyang. Edge Computing Based Approach for Node Trust Evaluation in Blockchain Networks [J]. Computer Science, 2025, 52(6A): 240600153-8.
[7] WANG Qiuli, REN Zhiyu, WU Xiangyu, GUAN Qiuguo, WANG Haichao. Blockchain-based Internet of Things Traceable and Anonymous Cross-domain AuthenticationScheme [J]. Computer Science, 2025, 52(5): 337-344.
[8] WANG Pu, GAO Zhanyun, WANG Zhenfei, SONG Zheli. BDBFT:A Consensus Protocol Based on Reputation Prediction Model for IoT Scenario [J]. Computer Science, 2025, 52(5): 366-374.
[9] YANG Fan, SUN Yi, LIN Wei, GAO Qi. Blockchain-based Highly Trusted Query Verification Scheme for Streaming Data [J]. Computer Science, 2025, 52(4): 352-361.
[10] JIAO Jian, CHEN Ruixiang, HE Qiang, QU Kaiyang, ZHANG Ziyi. Study on Smart Contract Vulnerability Repair Based on T5 Model [J]. Computer Science, 2025, 52(4): 362-368.
[11] DU Likuan, LIU Chen, WANG Junlu, SONG Baoyan. Self-learning Star Chain Space Adaptive Allocation Method [J]. Computer Science, 2025, 52(3): 359-365.
[12] SU Xinzhong, XU Youyun. Lightweight Secure Authentication and Key Update Scheme for 5G Urban Transportation [J]. Computer Science, 2025, 52(12): 331-338.
[13] JIANG Lingyun, LIU Guanhao, YANG Jinglin, XU Jia. P-DAG:An Efficient and Secure Blockchain System Based on Parallel Chain [J]. Computer Science, 2025, 52(11A): 241000174-6.
[14] CAO Yongsheng. Optimal Scheduling Algorithm for Electric Vehicle Charging and Discharging in Q-Learning Based Consortium Blockchain Framework [J]. Computer Science, 2025, 52(11A): 241200015-5.
[15] CHEN Hongwei, YUE Meng. Lightweight Aeronautical Broadband Communications System Security Authentication Protocol [J]. Computer Science, 2025, 52(11A): 241200183-7.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.