A secure framework for authentication and encryption for IoT based medical sensor data. The security is provided with substitution-caser cipher along with improved ECC.
8th International Conference on Soft Computing, Mathematics and Control (SMC ...
A secure framework for authentication and encryption using improved ECC for IoT based medical sensor data
1. A Secure Framework for
Authentication and
Encryption Using Improved ECC for
IoT-Based Medical Sensor Data
BY: GAUTHAM SK
SUBJECT: INFORMATION AND NETWORK SECURITY
GUIDED BY: ANJAN K KOUNDINYA (ASSOCIATE PROFESSOR)
3. PROPOSED METHODOLOGY
It consist of two phases:
1. AUTHENTICATION
a) REGISTRATION
b) LOGIN
c) VERIFICATION
2. DATA SECURITY
a) SUBSTITUTION CAESAR CIPHER
b) IMPROVED ECC ENCRYPTION
4. AUTHENTICATION
REGISTRATION
Consider a patient P with
identification Idi along with a
password Pwi.
Hc = hf (Idi || Pwi|| Bi)
Hc is the hash code generated by
SHA-512
hf is a hash function
During registration, a Tp creates
the private key Prk
LOGIN
The patient logins:
Hs1 = hf (Id1 || Pw1 || B*1)
The hash code Hs1 is encrypted by
private key Prk
Ec = Hc Prk
VERIFICATION
The encrypted hash code is
decrypt
Dc = E Prk
SHA-512 is again computed on
the patients detail:
Hs2 = h(ID2 || PW2 || B2)
if(Hs1==Hs2)
valid patient
else
invalid patient
6. DATA SECURITY
SUBSTITUTION CAESAR CIPHER
Substitution Cipher
In this, every letter in the plain text is shifted to a certain place in the
alphabet. For e.g., with a shift of one, A would be swapped with B, B would
become C, and so on
Caesar Cipher
The output of the substitution cipher is given to the Caesar cipher, in this a
key is used to shift the message.
e (x) = (x + k) (mod26)
d (x) = (x – k) (mod26)
7. DATA SECURITY
IMPROVED ECC ENCRYPTION
In normal ECC, only two sorts of keys are created (public and private key),
whereas in improved ECC, an additional key (secret key) is generated to
enhance the system's security.
3 types of keys are generated:
1. Private Key (for decrypting the data)
Generated by choosing a random number between 0 and n-1.
2. Public Key (for encrypting the data)
Produced by the equation (1) & (2):
Puk = Prk * Bs (1)
Puk = (Prk,Bs) (2)
8. DATA SECURITY
IMPROVED ECC ENCRYPTION
3. Secret Key
Generated by summing Puk , Prk and Bs
Sk = ∑ (Puk, Prk, Bs)
After generating key, two ciphertext is created:
C1 = (S1 * Bs ) + Sk
C2 = M + (S1 * Puk) + Sk
S1 is random number between 1 and n-1
Decryption (Secret Key is subtracted)
M = ((C2 – Prk ) * C1 ) – Sk
9. Conclusion
Based on the simulation, the average encryption and decryption time 1.032 and
1.004 µs respectively, which is lower than the ECC and RSA and the scheme
achieves security requirements such as low encryption, decryption time and
communication overhead.