Research On Blockchain-based Smart Healthcare Authentication Protocols

With emerging technologies such as the Internet of Things and cloud computing,smart healthcare is gradually building a patient-centered medical information management and service system to achieve medical information interconnection,collaboration and sharing,scientific diagnosis and other functions.The blockchain has the characteristics of decentralization,tamper-proof and common maintenance.The combination of blockchain and smart healthcare can improve the informatization level of medical services.On the one hand,blockchain realizes decentralized storage and sharing of medical data,which improves the security and transparency of data.On the other hand,blockchain can optimize the allocation and utilization of medical resources,realize efficient collaboration of medical services,and improve service quality and efficiency.However,smart healthcare also faces many risks and challenges that threaten the security of medical systems and the physical and mental health of patients.The first is the various attacks against healthcare systems,the consequences of which are mainly illegal access and privacy leakage.The second is the difficulty of tracing and fixing responsibility for malicious behaviors of participants.In addition,the introduction of blockchain has increased the risk of data leakage while improving the quality of services.Therefore,it is of great significance to research the corresponding solution strategies to address the above challenges for the development of smart healthcare.This thesis makes the following contributions to achieve this goal.(1)To address the many security threats in the traditional healthcare model and the limitation of communication range to local servers.This thesis proposes a cross-cluster authentication and key negotiation protocol based on blockchain that is applicable to the telemedicine scenario.With the decentralization and sharing of blockchain,the protocol can satisfy both the communication between doctors and patients in the same cluster(hospital)and the authentication and communication across clusters.In addition,the protocol applies encryption and dynamic anonymization strategies to protect the privacy of doctors and patients over the public channel and the blockchain.Meanwhile,the protocol encrypts users’ real identities in dynamic pseudo-identities,and combines them with the tamper-resistance of the blockchain,the protocol achieves traceability of malicious behavior.The conclusion of formal and non-formal proofs shows that the protocol can resist various known attacks.(2)How to achieve convenient cross-hospital transfer of patients and corresponding access control of electronic medical records without compromising privacy is a pressing challenge in smart healthcare.In this thesis,we design a blockchain-based model for cross-hospital handover authentication and electronic medical record access control,and propose a feasible protocol based on this model.In the proposed protocol,the shared nature of blockchain enables efficient and privacy-preserving handover authentication of patients without re-registration.In addition,this thesis designs a strategy based on blockchain to link blocks containing medical records in a hidden chain structure,called a medical record chain,for retrieving patients’ electronic medical records and authentication records.The blocks in the medical record chain are encrypted and unlinkable without obtaining the patient’s authorization key.The patient’s authentication and medical records are also protected by using a dynamic anonymization policy to protect privacy.The proof of the random oracle model demonstrates the security of the protocol.(3)Online Joint diagnosis can alleviate the pressure of uneven distribution of medical resources in the presence of limited local medical conditions.How to make each participant accountable for his or her actions while compressing the cost of verification is a challenge.In this thesis,we design a blockchain-based multi-doctor authentication and joint diagnosis signature aggregation protocol.In this protocol,doctors authenticate each other via blockchain and negotiate a common session key to establish group communication.After jointly negotiating a diagnosis report for a patient,all doctors sign the report individually and eventually form an aggregated signature.In the above process,the patient’s privacy is protected.In addition,the semantic security of the authentication process and the unforgeability of the signatures are formally demonstrated separately.The mimetic tests and comparative analysis show that the overhead of signatures is at a lower level in the proposed protocol.The protocol promotes secure collaboration and scientific diagnosis in smart healthcare.Based on a survey of the available literature on the subject,research on relevant protocols for smart healthcare is still in its infancy.There is still lack of secure,specific,and privacy-protecting authentication protocols to achieve goals such as cross-domain communication,handover authentication,medical record access control,and joint consultation in smart healthcare.The protocols proposed in this thesis are important for enhancing the security of smart healthcare.