An improved pairing-free certificateless aggregate signature scheme for healthcare wireless medical sensor networks

Abstract

In healthcare wireless medical sensor networks (HWMSNs), the medical sensor nodes are employed to collect medical data which is transmitted to doctors for diagnosis and treatment. In HWMSNs, medical data is vulnerable to various attacks through public channels. In addition, leakage of patients’ information happens frequently. Hence, secure communication and privacy preservation are major concerns in HWMSNs. To solve the above issues, Zhan et al. put forward a pairing-free certificateless aggregate signature (PF-CLAS) scheme. However, according to our cryptanalysis, the malicious medical sensor node (MSNi) can generate the forged signature by replacing the public key in the PF-CLAS scheme. Hence, to address this security flaw, we design the improved PF-CLAS scheme that can achieve unforgeability, anonymity, and traceability. Since we have changed the construction of the partial private key, the improved PF-CLAS scheme can resist Type I and Type II attacks under the Elliptic Curve Discrete Logarithm assumption. In terms of the performance evaluation, the proposed scheme outperforms related CLAS schemes, which is more suitable for HWMSNs environments.