Trustworthy Delegation Toward Securing Mobile Healthcare Cyber-Physical Systems

Changhee Hahn, Hyunsoo Kwon, Junbeom Hur

Research output: Contribution to journalArticlepeer-review

14 Citations (Scopus)


Attribute-based encryption (ABE) offers a promising solution for flexible access control over sensitive personal health records in a mobile healthcare system on top of a public cloud infrastructure. However, ABE cannot be simply applied to lightweight devices due to its substantial computation cost during decryption. This problem could be alleviated by delegating significant parts of the decryption operations to computationally powerful parties, such as cloud servers, but the correctness of the delegated computation would be at stake. Thus, previous works enabled users to validate the partial decryption by employing a cryptographic commitment or message authentication code (MAC). This paper demonstrates that the previous commitment or MAC-based schemes cannot support verifiability in the presence of potentially malevolent cloud servers. We propose two concrete attacks on previous commitment or MAC-based schemes. We propose an effective countermeasure scheme for securing resource-limited mobile healthcare systems and provide a rigorous security proof in the standard model, demonstrating that the proposed scheme is secure against our attacks. The experimental analysis shows that the proposed scheme provides the similar performance compared with the previous commitment-based schemes and outperforms the MAC-based scheme.

Original languageEnglish
Article number8510797
Pages (from-to)6301-6309
Number of pages9
JournalIEEE Internet of Things Journal
Issue number4
Publication statusPublished - 2019 Aug

Bibliographical note

Funding Information:
Manuscript received July 30, 2018; revised September 18, 2018; accepted October 19, 2018. Date of publication October 26, 2018; date of current version July 31, 2019. This work was supported in part by the Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea Government (MSIT) (No. 2018-0-00269, A research on safe and convenient big data processing methods), in part by the National Research Foundation of Korea (NRF) grant funded by the Korea Government (MSIP) (No. 2016R1A2A2A05005402), and in part by the Military Crypto Research Center (UD170109ED) funded by the Defense Acquisition Program Administration (DAPA) and Agency for Defense Development (ADD). This work is the extended version of [24]. (Corresponding author: Junbeom Hur.) The authors are with the Department of Computer Science and Engineering, Korea University, Seoul 02841, South Korea (e-mail: Digital Object Identifier 10.1109/JIOT.2018.2878216

Publisher Copyright:
© 2014 IEEE.


  • Attribute-based encryption (ABE)
  • cloud computing
  • cyber-physical systems
  • mobile healthcare

ASJC Scopus subject areas

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications


Dive into the research topics of 'Trustworthy Delegation Toward Securing Mobile Healthcare Cyber-Physical Systems'. Together they form a unique fingerprint.

Cite this