LAAC: Lightweight Lattice-Based Authentication and Access Control Protocol for E-Health Systems in IoT Environments

Over the past few years, the Internet of Things (IoT) has played a crucial role in designing e-health systems. An IoT-enabled e-health system allows different entities to examine a patient's health condition anywhere and anytime. However, the deployment of e-health systems in an IoT environment faces various security and privacy challenges. The authentication of participating entities, the confidentiality of information transferred through an insecure channel, and access control are essential issues to be resolved. To settle these challenges, we found many authentication protocols for e-health systems based on the discrete logarithm and integer factorization problems. However, quantum attacks expose all these protocols. In this article, we propose a lattice-based authentication and access control (LAAC) protocol for IoT-enabled e-health systems to mitigate the quantum attacks. We prove that LAAC is robust with the hardness assumption of the inhomogeneous small integer solution problem. Moreover, we provide provable security analysis of LAAC. Besides, performance evaluation shows it is reasonable to execute LAAC in an IoT device.