PGASH: Provable group-based authentication scheme for Internet of Healthcare Things

Electronic healthcare based on medical sensors is now developing to incorporate a significant amount of the Internet of Things (IoT) to communicate between sensors and intended recipients. The key requirements in this domain are to exchange messages safely and to provide confidentiality during communication. Designing and implementing an authentication strategy is essential for resolving security concerns, but it is also challenging to work with constrained computing and processing resources during group communication. Standard one-to-one authentication models do not consider the scalability of resource-limited nodes, which is a vital factor to deal with. However, group authentication presents a unique concept for IoT nodes that verify group members concurrently. The conventional group authentication methods based on the IoT are vulnerable to security risks and cannot defend against attacks like replay attacks, forgery attacks, or unauthorized key distribution by the group manager. In this paper, we propose a dynamic and provable group authentication scheme (GAS) based on a secret sharing scheme that can withstand the dishonest behavior of group managers. We introduced a key updating scenario with a provable group authentication model for dynamic node leaving and joining. Our system complies with the requirements for secrecy and accuracy, and based on security analysis, it is resistant to attacks, as mentioned earlier. Performance analysis and security proof show that our approach performs well in terms of computation cost for group members while maintaining security.