Edge-assisted post-quantum authentication protocol for IoMT: a privacy-preserving and lightweight approach
摘要
The emergence and growth of the Internet of Medical Things (IoMT) have transformed the way healthcare services are delivered, but this growth comes with its own security challenges, especially with the emergence of quantum computing. This paper presents a lightweight, privacy-preserving authentication scheme for edge-based IoMT environments, integrating CRYSTALS-Kyber Key Encapsulation Mechanism (KEM) to securely establish session keys between participating entities and resilience against quantum attacks, while CRYSTALS-Dilithium is utilized as the digital signature scheme to ensure message integrity, authentication, and non-repudiation. These NIST-standardized post-quantum primitives collectively strengthen the system’s resistance against quantum adversaries and enhance overall cryptographic robustness. The proposed system comprises two phases: Registration and Authentication. During registration, patients, wearable devices that utilize Physically Unclonable Functions (PUFs), and medical specialists register with a Trusted Authority via edge nodes. The authentication phase encompasses mutual authentication among patients, devices, medical specialists, edge nodes, and cloud servers, ensuring that only authorized entities access sensitive health information. In addition, the proposed scheme employs the formal security properties, such as authenticity and secrecy, are verified using the AVISPA tool under the Dolev-Yao model, with results confirming that all defined goals are achieved and no attacks are found. Performance evaluations indicate that the scheme is computationally efficient and suitable for resource-constrained IoMT devices. Furthermore, BAN logic is employed to formally verify the correctness of the authentication protocol, demonstrating that mutual authentication is securely established among the participating entities under well-defined trust assumptions. By integrating post-quantum cryptographic techniques, this authentication framework addresses emerging security challenges posed by quantum computing, aligning with the objectives of enhancing edge-based consumer electronics devices and Internet of Things (IoT) ecosystems with post-quantum cryptosystems.