MBPA: A Medibchain-Based Privacy-Preserving Mutual Authentication in TMIS for Mobile Medical Cloud Architecture

Telecare Medical Information System (TMIS) integrates various types of mobile devices and communication technologies to upgrade the traditional face-to-face medical treatment model to intelligent one, which can provide the flexible and convenient e-health care. Due to the complexity and openness of Internet, e-health care data is grabbing the interest of cyber attackers. Hence, security and privacy are still our dominant concerns. Fortunately, blockchain technology leverages decentralized or distributed process to ensure data security. A MediBchain-based privacy-preserving mutual authentication for mobile medical cloud architecture (abbreviated to MBPA) is proposed in this paper. MBPA scheme not only mitigates the weaknesses of existing ones, but has other advantages. First, MBPA scheme supports patients anonymity and traceability since the patients identity is hidden in two dynamic anonyms and a static anonym and only the trusted center can recover his/her real identity. Second, each MediBchain node shares a secret value, which realizes authentication with extremely low computional cost between terminals and MediBchain nodes. Finally, MBPA scheme is proven safely against passive and active attacks under elliptic curve computational Diffie-Hellman problem (ECDHP) assumption in random oracle model. Hence, these features make MBPA scheme very suitable for computation-limited mobile devices compared with other related existing schemes.