1

Secure Handshake with Symptoms-matching:

The Essential to the Success of mHealthcare Social Network

University of Waterloo & University of Ontario Institute of Technology

Rongxing Lu, Xiaodong Lin, Xiaohui Liang and Sherman Shen

BodyNets’10

SocialHealthcare

2 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Outline

• Introduction– Wireless Body Sensor Network– Mobile Healthcare Social Network

• Motivation– Privacy Challenges

• Proposed Secure Handshake• Security Analysis• Performance Evaluation• Conclusions

3 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Wireless Body Sensor Network

PDA

Wireless/Wired

eHealthcare center

Doctor

PHI

Body sensor

Patient

• Wireless Body Sensor Network (WBSN), as an emerging network paradigm in eHealthcare system aiming at providing patients with remote and continuous monitoring, has gathered great momentum from not only the governments but also the academia in our aging society.

4 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

WBSN Classification

• Based on wheter a patient is in-bed at home/hosptial or mobile outside, eHealthcare system can be divided into two categories: in-bed eHealthcare system and mobile eHealtcare (mHealthcare) system.

• In this work, we focus on the mHealthcare system.

In-bed eHealthcare System Mobile eHealthcare System

5 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

mHealthcare Social Network

• In mHealthcare system, patient’s PHI is reported to the eHealth center, and only the related medical professionals can read them.

• At the same time, due to patient’s mobility, patients can often contact with each other in mHealthcare system.

• If two patients have the same symptom, it is possible for them to share their health condition and experience, provide mutual support and inspiration to each other to eliminate loneliness.

• This kind of social contact is called mHealthcare social network (MHSN).

mHealthcare

mHealthcare Social Network

6 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Motivation:: Privacy Challenges

• In our aging society, MHSN is promising and can be accepted by the seniors.

• However, new security issues arisen from MHSN should be considered:• How to securely identify a patient who has the same

symptom?• How to prevent others who don’t have the same symptom

from knowing someone’s symptom?• To address these privacy challenges, we proposed a secure

same-symptom-based handshake (SSH) scheme, which allows a patient to securely share his PHI with ones who have the same symptom.

mHealthcare Social Network

Security Privacy Challenges

Share PHI,

experiences

7 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Proposed Secure Handshake

• When two patient Ui, Uj contact, the necessary conditions for establishing a social relationship based on the same symptom are :

Mobility Sociality

When Access Point (AP) is available, mobile patient can report the PHI to eHealth center

1: Ui is social0: Ui is not social

System Model

8 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Proposed Secure Handshake

Design Goals

• Patient's real identity should be protected in a MHSN.• Patient's PHI should be controlled by patient himself and only

shared with ones who have the same symptom.

Ui

Sym(Ui)

Pseudo-id Pid_iPrivate key S_i

Sym(Uj)

Uj

Pseudo-id Pid_jPrivate key S_j

Mutual authenticationEstablish a shared key

9 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Proposed Secure Handshake

Design Goals

• Correctness: When two honest patients Ui, Uj run secure handshake, if soc(Ui)=soc(Uj)=1 and sym(Ui)=sym(Uj), they can always authenticate each other as one who has the same symptom , establish a shared key.

• Impersonator Resistance: If soc(Ui)=soc(Uj)=1 and sym(Ui)<>sym(Uj), the probability that Ui believes Uj has the same symptom is negligible.

• Detector Resistance: If soc(Ui)=soc(Uj)=1 and sym(Ui)<>sym(Uj), Uj has no idea on what symptom sym(Ui) that Ui has.

Only when a MHSN is reinforced by a secure handshake scheme, it can be widely accepted by the patients and steps into its flourish stage.

10 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Proposed Secure Handshake

Bilinear Maps

• Let G be a cyclic additive group by P with a large prime order q, GT be a cyclic multiplicative group with the same order. An admissible bilinear pairing e: G×G-> GT is a map with the following properties:

• Bilinearity: For all P, Q in G, and any a,b in Zq, we have e(aP, bQ)=e(P,Q)ab

• Non-degeneracy: There exist P,Q in G such that e(P,Q)≠1• Computability: There is an efficient algorithm to compute

e(P,Q) for all P,Q in G.

Sym(Ui)=Ti

Ui

))(,( 0)(1

ipidHwii THSpidi

),( wwPPpub

Master keySystem Public key

System Initialization

11 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Proposed Secure Handshake

Description

• If Ti=Tj, i.e., Ui and Uj have the same symptom, they can mutually authenticate each other, and establish a shared key

• If Ti≠Tj, i.e., Ui and Uj have different symptoms, they cannot authenticate each other or establish a shared key

12 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Security Analysis

In the random oracle model, Ni and Nj can be shown semantic security with the provable security technique, which is the base for achieving the impersonator resistant and detector resistant.

impersonator resistant

detector resistant

“fellow sufferers sympathize with each other”

in mHealthcare social network

13 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Performance Evaluation

Scenarios: Since AP is not always available for a patient in mobile environment, those active patients, based on the same-symptom-based social relationship, can also help each other to relay their PHI. As a result, the PHI reporting delay can be reduced.

Simulation area

performance metric: the average PHI reporting delay (PRD), which is defined as the average time between when a PHI is generated and when it is successfully relayed to the eHealth center (the time to AP ≈ to center in simulation).

14 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Performance Evaluation

Simulation Result: The average PRD of sociable patients is obviously less than those of unsociable patients. The higher the social ratio ρ, the lower the PRD. These results demonstrate that the MHSN has positive affect on PRD, and can be accepted by the mobile patients.

15 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network

Conclusions

In this paper, based on the bilinear pairings, we have proposed an efficient secure handshake scheme for mHealthcare social network (MHSN).

Since the proposed secure handshake scheme won’t disclose each other’s symptom information if two patients don’t have same symptom, MHSN can be widely accepted by patients, so that they can enjoy the benefits brought by MHSN, such as eliminating the loneliness in our aging society and collaborative PHI reporting in mobile environment.

Thank you!