Skip to main content
SpringerLink
Log in

On the security of MQ cryptographic systems for constructing secure Internet of medical things

  • Original Article
  • Published:
Personal and Ubiquitous Computing Aims and scope Submit manuscript

Abstract

The Internet of Medical Things (IoMTs) are the group of medical devices connected to Internet, to perform the processes and services that support healthcare. The amount of data handled by medical devices grows exponentially, which means higher exposure of personal sensitive data. RSA, ECC and, other related public key cryptographic systems with countermeasures of power analysis and fault analysis, e.g., random masking, are often adapted by medical devices for guaranteing security and privacy. However, Shor algorithm has proven that they are not secure to quantum computer attacks. Fortunately, there exists a few quantum-resistant public key cryptographic schemes, e.g., Rainbow. To ensure end-to-end service delivery in the IoMTs under quantum attacks, there is a critical need for research into new designs and evaluation for the hardware security of new quantum-resistance cryptographic systems, e.g., rainbow, to make the medical devices more secure and reliable. Therefore, we present a physical analysis model of Rainbow by combining fault analysis and differential power analysis. The proposed model is implemented on cloud computing platform. Based on the experimental results, we successfully recover all the secret keys of Rainbow signature, which shows the importance of protecting multivariate signature with countermeasures on medical devices.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Musavi SHA, Chowdhry BS, Kumar T et al (2015) Iots enable active contour modeling based energy efficient and thermal aware object tracking on FPGA[j]. Wirel Pers Commun 85(2):529–543

    Article  Google Scholar 

  2. Aslam S, Hasan NU, Ju WJ et al (2046) Optimized energy harvesting, cluster-head selection and channel allocation for IoTs in smart Cities[J]. Sensors 16(12):2016

    Google Scholar 

  3. Guo J (2017) Smartphone-powered electrochemical biosensing dongle for emerging medical IoTs application[J]. IEEE Trans Ind Inf PP(99):1–1

    Google Scholar 

  4. Sharma V, Kumar R, Kaur R (2017) UAV-Assisted content-based sensor search in IoTs[J]. Electron Lett 53(11):724–726

    Article  Google Scholar 

  5. Tahir Y, Yang S, Mccann JA (2017) BRPL: Backpressure RPL for High-throughput and mobile IoTs[J]. IEEE Trans Mob Comput PP(99):1–1

    Google Scholar 

  6. Saeed A, Ahmadinia A, Javed A et al (2016) Intelligent intrusion detection in low-power IoTs[J]. ACM Trans Internet Technol 16(4):27

    Article  Google Scholar 

  7. Khalfi B, Hamdaoui B, Guizani M (2017) Extracting and exploiting inherent sparsity for efficient IoT support in 5G challenges and potential solutions[J]. IEEE Wirel Commun 24(5):68–73

    Article  Google Scholar 

  8. Shin D, Hwang Y (2017) Integrated acceptance and sustainability evaluation of internet of medical things: a dual-level analysis[J]. Internet Res 27(9):00–00

    Google Scholar 

  9. Swift A (2015) 4 security threats to the internet of things[J]. Chin J Integr Med 21(2):102–107

    Article  Google Scholar 

  10. Suciu G, Suciu V, Martian A et al (2015) Big data, internet of things and cloud Convergence—an architecture for secure E-Health Applications[J]. J Med Syst 39(11):141

    Article  Google Scholar 

  11. Khan Y, Ostfeld AE, Lochner CM et al (2016) Monitoring of vital signs with flexible and wearable medical Devices[J]. Adv Mater 28(22):4373

    Article  Google Scholar 

  12. Sametinger J, Rozenblit J, Lysecky R et al (2015) Security challenges for medical devices[J]. Commun ACM 58(4):74–82

    Article  Google Scholar 

  13. Ivlev I, Vacek J, Kneppo P (2015) Multi-criteria decision analysis for supporting the selection of medical devices under uncertainty[J]. Eur J Oper Res 247(1):216–228

    Article  MathSciNet  Google Scholar 

  14. Camara C, Peris-Lopez P, Tapiador JE (2015) Security and privacy issues in implantable medical devices—a comprehensive survey[J]. J Biomed Inform 55(C):272

    Article  Google Scholar 

  15. Tanev G, Tzolov P, Apiafi R (2015) A value blueprint approach to cybersecurity in networked medical Devices[J]. Mol Ther 5(6):17–25

    Google Scholar 

  16. Anderson S, Williams T (2017) Cybersecurity and medical devices: Are the ISO/IEC 80001-2-2 technical controls up to the Challenge?[J]. Computer Standards & Interfaces

  17. Tang W, Jia S, Wang Y (2016) A short-time three-phase single-rail precharge logic against differential power analysis[J]. IEICE Trans Electron E99.C(8):956–962

    Article  Google Scholar 

  18. Sarkar S, Banik S, Maitra S (2015) Differential fault attack against grain family with very few faults and minimal assumptions[J]. IEEE Trans Comput 64(6):1647–1657

    Article  MathSciNet  Google Scholar 

  19. Shor PW (1999) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev 41(2):303–332

    Article  MathSciNet  Google Scholar 

  20. Bernstein DJ, Lange T (2017) Post-quantum cryptography[J]. Nature 549(7671):188

    Article  Google Scholar 

  21. Peng Z, Tang S (2017) Circulant rainbow: a new rainbow variant with shorter private key and faster signature generation[J]. IEEE Access PP(99):1–1

    Google Scholar 

  22. Ding J, Petzoldt A (2017) Current state of multivariate Cryptography[J]. IEEE Secur Priv 15(4):28–36

    Article  Google Scholar 

  23. Tan Y, Tang S, Chen J et al (2016) Building a new secure variant of Rainbow signature scheme[J]. IET Inf Secur 10(2):53–59

    Article  Google Scholar 

  24. Tan Y, Tang S, Wang T (2015) Adding variables variation to Rainbow - like scheme to enhance its security level against MinRank attack[J]. Security & Communication Networks 7(12):2326–2334

    Article  Google Scholar 

  25. Takuya S, Tsukasa I, Shinsaku K et al (2014) Parallel implementation of multivariate public key cryptosystem rainbow using web Workers[J]. Ipsj Journal 55:2061–2071

    Google Scholar 

  26. Sumi T, Ishiguro T, Kiyomoto S et al (2014) Efficient implementation of multivariate public key cryptosystem rainbow on android mobile Phone[J]. Transactions of the Institute of Electronics Information & Communication Engineers A 97 :86–95

    Google Scholar 

  27. Shang PN, Gao ZL (2014) An authentication scheme based on the Light-Weight rainbow signature for wireless sensor Network[J]. Appl Mech Mater 519-520(21):185–188

    Article  Google Scholar 

  28. Yi H, Tang S (2016) Very small FPGA processor for multivariate signatures[J] . Comput J 59(7):1091–1101. https://doi.org/10.1093/comjnl/bxw008

    Article  MathSciNet  Google Scholar 

  29. Yi H, Li W (2017) On the importance of checking multivariate public key cryptography for side-channel attacks: the case of enTTS Scheme[J]. Comput J 60(8):1197–1209. https://doi.org/10.1093/comjnl/bxx010

    Article  Google Scholar 

  30. Marzouqi H, Al-Qutayri M, Salah K (2014) Review of gate-level differential power analysis and fault analysis countermeasures[J]. IET Inf Secur 8(1):51–66

    Article  Google Scholar 

  31. Qu B, Gu D, Guo Z et al (2013) Differential power analysis of stream ciphers with LFSRs[j]. Computers & Mathematics with Applications 65(9):1291–1299

    Article  MathSciNet  Google Scholar 

  32. Souvignet T, Frinken J (2013) Differential power analysis as a digital forensic tool.[J]. Forensic Sci Int 230 (1C3):127–136

    Article  Google Scholar 

  33. Avital M, Dagan H, Keren O et al (2015) Randomized multitopology logic against differential power Analysis[J]. IEEE Transactions on Very Large Scale Integration Systems 23(4):702–711

    Article  Google Scholar 

  34. Mahanta HJ, Azad AK, Khan AK (2015) Differential power analysis: attacks and resisting techniques[J]. Adv Intell Syst Comput 340:349–358

    Article  Google Scholar 

  35. Zhang JY, Jia H, Pang L (2014) The differential power analysis against AES based on template attack[J]. Information Security & Technology 76(13):1439–46

    Google Scholar 

  36. Lang LI, Ren-Fa LI, Ken-Li LI et al (2014) Differential power analysis attacks on PRESENT[j]. Application Research of Computers

  37. Wang FY, Chen BT, Liu JF et al (2014) Chosen plaintext and second-order differential power analysis combination attack on masked AES[j]. Journal of Cryptologic Research

  38. Tang W, Jia S, Wang Y (2016) A short-time three-phase single-rail precharge logic against differential power analysis[J]. Ieice Transactions on Electronics E99.C(8):956–962

    Article  Google Scholar 

  39. Rajaram M, Vijaya J (2014) A defense mechanism for differential power analysis attack in AES[j]. J Comput Sci 11(2):291– 296

    Article  Google Scholar 

  40. Masoumi M, Rezayati MH, Shi W (2015) An experimental setup for practical differential electromagnetic and power analysis of AES cryptosystem[J]. Int J Internet Technology and Secured Transactions 6(1):9–24

    Article  Google Scholar 

Download references

Acknowledgements

The authors acknowledge Shenzhen Science and Technology Program under Grant (No. JCYJ20170306144219159, No. JCYJ20160428092427867), Foundation for Distinguished Young TalentsinHigherEducationof Guangdong, China (No. 2017GkQNCX059), Special Funds for Shenzhen Strategic Emerging Industries and Future Industrial Development (No. 20170502142224600), Science and Technology Program of Shenzhen Polytechnic (No. 601722K20018).

Author information

Authors and Affiliations

  1. School of Computer Engineering, Shenzhen Polytechnic, Shenzhen, 518055, China

    Haibo Yi & Zhe Nie

Authors
  1. Haibo Yi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhe Nie
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haibo Yi.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yi, H., Nie, Z. On the security of MQ cryptographic systems for constructing secure Internet of medical things. Pers Ubiquit Comput 22, 1075–1081 (2018). https://doi.org/10.1007/s00779-018-1149-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00779-018-1149-y

Keywords

Search

Navigation