# A Smartcard-Based User-Controlled Single Sign-On for Privacy Preservation in 5G-IoT Telemedicine Systems

^{1}

^{2}

^{3}

^{4}

^{5}

^{6}

^{*}

## Abstract

**:**

## 1. Introduction

## 2. Related Works

#### 2.1. Telemedicine Systems

#### 2.2. Medical Privacy

## 3. Proposed Scheme

#### 3.1. Preliminary

- Polynomials of Chebyshev chaotic maps ${T}_{n}\left(x\right):\left[-1,1]\to \right[-1,1]$ is formed as ${T}_{n}{\left(x\right)=\mathit{cos}(\mathit{ncos}}^{-1}\left(x\right))$ in x of degree n.
- If $n\ge 2$, polynomials of the Chebyshev chaotic maps is formed as ${T}_{n}{\left(x\right)=2\mathit{xT}}_{n-1}{\left(x\right)-T}_{n-2}\left(x\right)$. However, results of the Chebyshev chaotic maps are 1 and x when n is 0 and 1, respectively.
- If $(s,r)\in Z$ and $s\in [-1,1]$, ${T}_{r}{(T}_{s}{\left(x\right))=T}_{\mathit{rs}}{\left(x\right)=T}_{s}{(T}_{r}\left(x\right))$, which is the so-called semi-group property.
- Zhang [51] proved that semi-group property can hold if Chebyshev polynomials are extended on interval $[-\infty ,+\infty ]$. In the situation, polynomials of Chebyshev chaotic maps become ${T}_{n}{\left(x\right)=(2\mathit{xT}}_{n-1}{\left(x\right)-T}_{n-2}\left(x\right))\mathrm{mod}N$ where $n\ge 2$, $x\in (-\infty ,+\infty )$, and N is a large prime number, and ${T}_{r}{(T}_{s}{\left(x\right))\mathrm{mod}N=T}_{\mathit{rs}}{\left(x\right)\mathrm{mod}N=T}_{s}{(T}_{r}\left(x\right))\mathrm{mod}N$.
- Even only with the knowledge of x and y, n is computationally infeasible to be obtained such that ${T}_{n}\left(x\right)\mathrm{mod}N=y$, which is the so-called Chaotic maps-based discrete logarithm problem (CMDLP).
- Even only with the knowledge of (x ${T}_{r}\left(x\right)\mathrm{mod}N$, ${T}_{s}\left(x\right)\mathrm{mod}N$), ${T}_{\mathit{rs}}\left(x\right)\mathrm{mod}N$ is computationally infeasible to be obtained, which is the so-called Chaotic maps-based Diffie-Hellman problem (CMDHP).

#### 3.2. System Initialization Phase

- Step 1.
- Server ${S}_{j}$ generates a secret value ${x}_{{S}_{j}}$, a big prime p, and a random number $x\in (-\infty ,+\infty )$.
- Step 2.
- Server ${S}_{j}$ choses a symmetric encryption algorithm ${E}_{k}(.)$, a symmetric decryption algorithm ${D}_{k}(.)$, a collision-resistance one-way hash function H(.), and a collision-resistance secure one-way chaotic hash function ${h}_{k}$(.).

#### 3.3. Registration Phase

- Step 1.
- User ${U}_{i}$ enters ${\mathit{ID}}_{i}$ and ${\mathit{PW}}_{i}$.
- Step 2.
- User ${U}_{i}$ uses the smartcard to choose a random number ${y}_{i}\in {Z}_{p}^{\ast}.$ After that, smartcard computes (${\alpha}_{i},$ ${A}_{i}$) as below. Finally, smartcard stores ${y}_{i}$ and sends (${\mathit{ID}}_{i}$, ${A}_{i}$) to server ${S}_{j}$.$${\alpha}_{i}{=T}_{{y}_{i}}\left(x\right)\mathrm{mod}p$$$${A}_{i}{=h}_{{\alpha}_{i}}{(\mathit{PW}}_{i})\oplus {h}_{{\alpha}_{i}}{(y}_{i}{,\mathit{SID}}_{j})$$
- Step 3.
- After receiving (${\mathit{ID}}_{i}$, ${A}_{i}$), server ${S}_{j}$ computes elements below. Then, server ${S}_{j}$ returns (${B}_{i}$, ${B}_{j}$) to user ${U}_{i}$.$${\beta}_{j}{=T}_{{x}_{{S}_{j}}}\left(x\right)\mathrm{mod}p$$$${u}_{i}{=h}_{{\beta}_{j}}{(\mathit{ID}}_{i})$$$${u}_{j}{=h}_{{\beta}_{j}}{(\mathit{SID}}_{i})$$$${B}_{i}{=U}_{i}\oplus {A}_{i}$$$${B}_{j}{=U}_{j}\oplus {A}_{i}$$
- Step 4.
- Upon receiving (${B}_{i}$, ${B}_{j}$), user ${U}_{i}$ stores (${B}_{i}$, ${B}_{j}$) in USB or smartcard.

#### 3.4. Authenticated Key Exchange Phase

- Step 1.
- User ${U}_{i}$ enters ${\mathit{ID}}_{i}$ and ${\mathit{PW}}_{i}$.
- Step 2.
- Smartcard checks ${\mathit{PW}}_{i}$, utilizes (${y}_{i}$, x) to compute ${A}_{i}$, retrieves (${B}_{i}$, ${B}_{j}$) to recover ${u}_{i}$, and computes (${K}_{i}$, ${R}_{i}$), as below.$${u}_{i}{=B}_{i}\oplus {A}_{i}$$$${K}_{i}{=A}_{i}\oplus {h}_{{\alpha}_{i}}{(y}_{i})$$$${R}_{i}{=B}_{j}\oplus {h}_{{\alpha}_{i}}{(y}_{i})$$
- Step 3.
- Smartcard chooses integer ${\rho}_{i}\in (-\infty ,+\infty )$ and a big prime ${N}_{i}$ to compute (${\mu}_{i}$, ${b}_{i}$, ${C}_{i}$) as below, and sends (${R}_{i}$, ${C}_{i}$, ${N}_{i}$) to server ${S}_{j}$.$${\mu}_{i}{=T}_{{y}_{i}}{(\rho}_{i}{)\mathrm{mod}N}_{i}$$$${b}_{i}{=E}_{{u}_{i}}{(N}_{i}{\left|\right|\mu}_{i})$$$${C}_{i}{=E}_{{K}_{i}}{(\mathit{ID}}_{i}{,b}_{i}{,\rho}_{i})$$
- Step 4.
- After receiving (${R}_{i}$, ${C}_{i}$, ${N}_{i}$), server ${S}_{j}$ computes the equations below. If server ${S}_{j}$ can decrypt ${b}_{i}$ successfully, server ${S}_{j}$ successfully authenticates user ${U}_{i}$.$${K}_{i}{=R}_{i}\oplus {h}_{{\beta}_{j}}({\mathit{SID}}_{j})$$$${(\mathit{ID}}_{i}{,b}_{i}{,\rho}_{i}{)=D}_{{K}_{i}}{(C}_{i})$$$${u}_{i}{=h}_{{\beta}_{j}}{(\mathit{ID}}_{i})$$$${(N}_{i}{\left|\right|\mu}_{i}{)=D}_{{u}_{i}}{(b}_{i})$$
- Step 5.
- For establishing a shared session key, server ${S}_{j}$ chooses a random number ${s}_{j}\in {Z}_{p}^{\ast}$, utilizes ${\rho}_{i}$, ${N}_{i}$, and ${\mu}_{i}$ retrieved from Step 4 to compute ${\omega}_{j}$, ${k}_{\mathit{ji}}$, and ${\mathit{MAC}}_{{S}_{j}}$, and sends $\left({\mathit{MAC}}_{{S}_{j}}{,\omega}_{j}\right)$ to user ${U}_{i}$.$${\omega}_{j}{=T}_{{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}$$$${k}_{\mathit{ji}}=H\left({T}_{{s}_{j}}\right({\mu}_{i}){\mathrm{mod}N}_{i})$$$${\mathit{MAC}}_{{S}_{j}}{=h}_{{k}_{\mathit{ji}}}\left({\mathit{SID}}_{j}{,\mathit{ID}}_{i},{\mu}_{i}\right)$$
- Step 6.
- Upon receiving $\left({\mathit{MAC}}_{{S}_{j}}{,\omega}_{j}\right)$, user ${U}_{i}$’s smartcard computes ${k}_{\mathit{ij}}$ and checks whether ${\mathit{MAC}}_{{S}_{j}}$ is correct. If it holds, the mutually shared session key is correct. Then, user U
_{i}’s smartcard computes ${\mathit{MAC}}_{{U}_{i}}$ and sends it to server ${S}_{j}$.$${k}_{\mathit{ij}}=H({T}_{{y}_{i}}{(\omega}_{j}{)\mathrm{mod}N}_{i})$$$${\mathit{MAC}}_{{S}_{j}}{?=h}_{{k}_{\mathit{ji}}}\left({\mathit{SID}}_{j}{,\mathit{ID}}_{i},{\mu}_{i}\right)$$$${\mathit{MAC}}_{{U}_{i}}{=h}_{{k}_{\mathit{ij}}}{(\mathit{ID}}_{i}{,\mathit{SID}}_{j}{,\omega}_{j})$$ - Step 7.
- Upon receiving ${\mathit{MAC}}_{{U}_{i}}$, server ${S}_{j}$ checks whether ${\mathit{MAC}}_{{U}_{i}}$ is correct. If it holds, the shared session key confirmation is complete.$${\mathit{MAC}}_{{U}_{i}}{?=h}_{{k}_{\mathit{ij}}}{(\mathit{ID}}_{i}{,\mathit{SID}}_{j}{,\omega}_{j})$$

#### 3.5. Offline Password Change Phase

- Step 1.
- User ${U}_{i}$ enters PIN to start smartcard and inputs old ${\mathit{PW}}_{i}$ and new ${{\mathit{PW}}^{\prime}}_{i}$.
- Step 2.
- Smartcard updates ${A}_{i}$ and stores it.$${A}_{i}{=h}_{{\alpha}_{i}}{({\mathit{PW}}^{\prime}}_{i})\oplus {h}_{{\alpha}_{i}}{(\mathit{PW}}_{i})\oplus {h}_{{\alpha}_{i}}{(y}_{i}{,\mathit{SID}}_{j})$$

## 4. Security Analysis

#### 4.1. Formal Security Proof Using BAN Logic

#### 4.1.1. Initial Assumptions

- A1. $P\in {r(C}_{P,Q})$: P can read from channel ${C}_{P,Q}$.
- A2. ${P\mathit{believes}w(C}_{P,Q})=\{P,Q\}$: P believes that P and Q can write on ${C}_{P,Q}$.
- A3. $P\mathit{believes}Q\mathit{once}\mathit{said}(\Phi \to \Phi )$: P believes that Q only says what it believes.
- A4. ${P\mathit{believes}\#(N}_{P})$: P believes that ${N}_{P}$ is fresh.

#### 4.1.2. Inference Rules

- S1. $\frac{P\mathit{sees}C\left(X\right),P\in r\left(C\right)}{P\mathit{believes}(P\mathit{sees}X|C),P\mathit{sees}X}$: If P receives and reads X via C, then P believes that X has arrived on C and P sees X.
- S2. $\frac{P\mathit{sees}C(X,Y)}{P\mathit{sees}X,P\mathit{sees}Y}$: If P sees a hybrid message (X, Y), then P sees X and Y separately.

- I1. $\frac{P\mathit{believes}\left(w\right(C)=\{P,Q\left\}\right)}{P\mathit{believes}(P\mathit{sees}X|C)\to Q\mathit{once}\mathit{said}X}$: If P believes that C can only be written by P and Q, then P believes that if P receives X via C, then Q said X.
- I2. $\frac{P\mathit{believes}(Q\mathit{once}\mathit{said}(X,Y\left)\right)}{P\mathit{believes}(Q\mathit{once}\mathit{said}X),P\mathit{believes}(Q\mathit{once}\mathit{said}Y)}$: If P believes that Q said a hybrid message (X, Y), then P believes that Q has said X and Y separately.
- I3. $\frac{P\mathit{believes}({\stackrel{a}{\to}}_{\mathrm{ECMDH}\left(\mathit{secret}\right)}P),P\mathit{believes}({\stackrel{{T}_{b}\left(x\right)\mathrm{mod}N}{\to}}_{\mathrm{ECMDH}\left(\mathit{public}\right)}Q)}{P\mathit{believes}(P\stackrel{{T}_{\mathit{ab}}\left(x\right)\mathrm{mod}N}{\leftrightarrow}Q)}$: If P believes that a is P’s extended chaotic maps-based Diffie-Hellman secret and ${T}_{b}\left(x\right)\mathrm{mod}N$ is extended chaotic maps-based Diffie-Hellman component from Q, then P believes that ${T}_{\mathit{ab}}\left(x\right)\mathrm{mod}N$ is symmetric key shared between P and Q.

- F1. $\frac{P\mathit{believes}(Q\mathit{once}\mathit{said}X),P\mathit{believes}\#\left(X\right)}{P\mathit{believes}(Q\mathit{once}\mathit{said}X)}$: If P believes that another Q said X and P also believes that X is fresh, then P believes that Q recently said X.
- F2. $\frac{P\mathit{believes}\#\left(X\right)}{P\mathit{believes}\#(X,Y)}$: If P believes that a part of a mixed message X is fresh, then it believes that the whole message (X, Y) is fresh.

- R1. $\frac{{P\mathit{believes}(\Phi}_{1}\to {\Phi}_{2}{),P\mathit{believes}\Phi}_{1}}{{P\mathit{believes}\Phi}_{2}}$: If P believes that ${\Phi}_{1}$ implies ${\Phi}_{2}$ and P believes that ${\Phi}_{1}$ is true, then P believes that ${\Phi}_{2}$ is true.

#### 4.1.3. Goals

- Goal 1. ${U}_{i}\mathit{believes}({U}_{i}\stackrel{{T}_{{y}_{i}{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}}{\leftrightarrow}{S}_{j})$: User ${U}_{i}$ believes that ${T}_{{y}_{i}{s}_{j}}({\rho}_{i}){\mathrm{mod}N}_{i}$ is a symmetric key shared between participants ${U}_{i}$ and ${S}_{j}$.
- Goal 2. ${S}_{j}\mathit{believes}({U}_{i}\stackrel{{T}_{{y}_{i}{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}}{\leftrightarrow}{S}_{j})$: Server ${S}_{j}$ believes that ${T}_{{y}_{i}{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}$ is a symmetric key shared between participants ${U}_{i}$ and ${S}_{j}$.
- Goal 3. ${U}_{i}{\mathit{believes}S}_{j}\mathit{believes}({U}_{i}\stackrel{{T}_{{y}_{i}{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}}{\leftrightarrow}{S}_{j})$: User ${U}_{i}$ believes that ${S}_{j}$ believes ${T}_{{y}_{i}{s}_{j}}({\rho}_{i}){\mathrm{mod}N}_{i}$ is a symmetric key shared between ${U}_{i}$ and ${S}_{j}$.
- Goal 4. ${S}_{j}{\mathit{believes}U}_{i}\mathit{believes}({U}_{i}\stackrel{{T}_{{y}_{i}{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}}{\leftrightarrow}{S}_{j})$: Server ${S}_{j}$ believes that ${U}_{i}$ believes ${T}_{{y}_{i}{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}$ is a symmetric key shared between ${U}_{i}$ and ${S}_{j}$.

#### 4.1.4. Proof

- Step 1.
- ${S}_{j}\mathit{sees}({\stackrel{{T}_{{y}_{i}}({\rho}_{i}){\mathrm{mod}N}_{i}}{\to}}_{\mathrm{ECMDH}\left(\mathit{public}\right)}{U}_{i}{,C}_{{S}_{j}{,U}_{i}}({\mathit{ID}}_{i}{\left|\right|b}_{i}{\left|\right|x}_{i2}){K}_{i}{,N}_{i})$
- Step 2.
- ${U}_{i}\mathit{sees}({\stackrel{{T}_{{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}}{\to}}_{\mathrm{ECMDH}\left(\mathit{public}\right)}{S}_{j}{,C}_{{U}_{i}{,S}_{j}}{({\mathit{SID}}_{j}{,\mathit{ID}}_{i}{,T}_{{y}_{i}}{(\rho}_{i}{)\mathrm{mod}N}_{i})}_{{k}_{\mathit{ij}}}{,T}_{{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i})$

_{.}To accomplish Goal 1 (User ${U}_{i}$ believes that ${k}_{\mathit{ij}}{=T}_{{y}_{i}{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}$ is a symmetric key shared between participants user ${U}_{i}$ and server ${S}_{j}$), Equations (25) and (26) must hold, because of the interpretation rule (I3) and assumption (A5).

_{i}sees and believes that ${T}_{{s}_{j}}{(\rho}_{i}{)\mathrm{mod}N}_{i}$ is in the channel ${C}_{{S}_{j}{,U}_{i}}$, which is the extended chaotic maps-based Diffie-Hellman public component from server ${S}_{j}$. To accomplish Equation (30), we have Equations (31)–(33) that must hold because of the interpretation rules (I1), the seeing rules (S1), (S2), assumptions (A1) and (A2). By using the interpretation rules (I3), our proposed scheme realizes that Goal 1 is achieved. Similarly, we ensured that the proposed scheme realizes Goal 2 by using the same arguments of Goal 1.

#### 4.2. Formal Security Proof Using AVISPA

#### 4.3. Informal Security Proof

#### 4.3.1. Preventing MITM Attack

#### 4.3.2. Key Confirmation

#### 4.3.3. Preventing Key-Compromise Impersonation and Server Spoofing Attacks

#### 4.3.4. Mutual Authentication

#### 4.3.5. User Anonymity

#### 4.3.6. Resistant to Bergamo et al.’s Attack

## 5. Performance Analysis

#### 5.1. Comparisons of Security Requirements

#### 5.2. Comparisons of Computational Complexity

## 6. Implementation

## 7. Discussion

- Scenario 1:
- Patient inserts smartcard (e.g., health insurance card or smartcard, as in Figure 13) into measurement devices that include a smartcard reader, such as sphygmomanometer or blood-glucose meter, before measuring biodata. Once a patient inserts smartcard, the authenticated key agreement phase of the proposed scheme is activated, and measured biodata can be transmitted securely to server as it is encrypted by the session key.
- Scenario 2:
- Patient’s wearable healthcare device (e.g., sensors, smart watch, etc.) transmits the measured biodata to the related mobile application (APP) on a smartphone, through data synchronization via Bluetooth, NFC, RFID, etc. If the patient wants to transmit the measured biodata to server, the patient can use a smartphone with a smartcard adopter, such as the smart token in Figure 13. Once a patient inserts the smartcard, the authenticated key agreement phase of proposed scheme is activated, and the measured biodata can be securely transmitted to server as it is encrypted by the session key.
- Scenario 3:
- Patient’s measured biodata are recorded or stored in storage at home. If the patient wants to transmit the measured biodata to server, the patient can use the smartcard with a reader. Once a patient inserts the smartcard, the authenticated key agreement phase of proposed scheme is activated, and the measured biodata can be transmitted securely to server as it is encrypted by the session key.
- Scenario 4:
- If a medical professional would like to access the measured biodata on server, the medical professional has to use the smartcard (e.g., healthcare certification IC card [66]) with a reader. Once a medical professional inserts smartcard, the authenticated key agreement phase of proposed scheme is activated, and the measured biodata can be securely transmitted as it is encrypted by the session key.

## 8. Conclusions

## Author Contributions

## Funding

## Institutional Review Board Statement

## Informed Consent Statement

## Data Availability Statement

## Conflicts of Interest

## References

- Garai, Á.; Péntek, I.; Adamkó, A. Revolutionizing Healthcare with IoT and Cognitive, Cloud-Based Telemedicine. Acta Polytech. Hung.
**2019**, 16, 163–181. [Google Scholar] [CrossRef] - Fong, B.; Fong, A.C.M.; Li, C.K. Telemedicine Technologies: Information Technologies in Medicine and Telehealth; John Wiley and Sons: New York, NY, USA, 2010. [Google Scholar] [CrossRef]
- Ryu, S. History of Telemedicine: Evolution, Context, and Transformation. Healthc. Inform. Res.
**2010**, 16, 65–66. [Google Scholar] [CrossRef] [Green Version] - Abderrahim, A.; Ibtissam, F.; Habiba, C.; Hicham, E.A.; Nabil, H. AES-PRESENT: A New Secure Iot-Based Scheme for Telemedicine and E-Health Systems. ARPN J. Eng. Appl. Sci.
**2018**, 13, 9554–9559. [Google Scholar] - Fan, Y.J.; Yin, Y.H.; Xu, L.D.; Zeng, Y.; Wu, F. IoT-Based Smart Rehabilitation System. IEEE Trans. Ind. Inform.
**2014**, 10, 1568–1577. [Google Scholar] [CrossRef] - Pasluosta, C.F.; Gassner, H.; Winkler, J.; Klucken, J.; Eskofier, B.M. An Emerging Era in the Management of Parkinson’s Disease: Wearable Technologies and the Internet of Things. IEEE J. Biomed. Health Inform.
**2015**, 19, 1873–1881. [Google Scholar] [CrossRef] [PubMed] - Chang, S.; Chiang, R.; Wu, S.; Chang, W. A Context-Aware, Interactive M-Health System for Diabetics. IT Prof.
**2016**, 18, 14–22. [Google Scholar] [CrossRef] - Baker, S.B.; Xiang, W.; Atkinson, I. Internet of Things for Smart Healthcare: Technologies, Challenges, and Opportunities. IEEE Access
**2017**, 5, 26521–26544. [Google Scholar] [CrossRef] - Sarkar, S.; Misra, S. From Micro to Nano: The Evolution of Wireless Sensor-Based Health Care. IEEE Pulse
**2016**, 7, 21–25. [Google Scholar] [CrossRef] - Yin, Y.; Zeng, Y.; Chen, X.; Fan, Y. The Internet of Things in Healthcare: An Overview. J. Ind. Infor. Integr.
**2016**, 1, 3–13. [Google Scholar] [CrossRef] - Anwar, S.; Prasad, R. Framework for Future Telemedicine Planning and Infrastructure Using 5G Technology. Wirel. Pers. Commun.
**2018**, 100, 193–208. [Google Scholar] [CrossRef] [Green Version] - Zriqat, I.a.A.; Altamimi, A.M. Security and Privacy Issues in Ehealthcare Systems: Towards Trusted Services. Int. J. Adv. Comput. Sci. Appl.
**2016**, 7, 229–236. [Google Scholar] - The 104th United States Congress, Health Insurance Portability and Accountability Act of 1996. Public Law 104-191. United States Statut. Large.
**1996**, 110, 1936–2103. Available online: https://pubmed.ncbi.nlm.nih.gov/16477734/ (accessed on 19 April 2021). - Note on Proposal for a Regulation of the European Parliament and of the Council on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (General Data Protection Regulation): 2012/0011 (Cod). Council of the European Union. 2013. Available online: https://lobbyplag.eu/governments/assets/pdf/CD-16140_14-C1.pdf (accessed on 20 April 2021).
- Lee, T.F. Provably Secure Anonymous Single-Sign-on Authentication Mechanisms Using Extended Chebyshev Chaotic Maps for Distributed Computer Networks. IEEE Syst. J.
**2018**, 12, 1499–1505. [Google Scholar] [CrossRef] - Liu, X.; Liu, J.; Wang, W.; Zhu, S. Android Single Sign-on Security: Issues, Taxonomy and Directions. Future Gener. Comput. Syst.
**2018**, 89, 402–420. [Google Scholar] [CrossRef] - Zakaria, N.H.; Zainul, M.F.; Katuk, N.; Tahir, H.M.; Omar, M.N. An Evaluation of Page Token in Openid Single Sign on (SSO) to Thwart Phishing Attack. J. Telecommun. Elect. Comput. Eng.
**2018**, 10, 19–23. [Google Scholar] - Marciniak, R. Role of New It Solutions in the Future of Shared Service Model. Pollack Period.
**2013**, 8, 187–194. [Google Scholar] [CrossRef] [Green Version] - National Health Service. The NHS Long Term Plan. National Health Service. Available online: https://www.longtermplan.nhs.uk/wp-content/uploads/2019/08/nhs-long-term-plan-version-1.2.pdf (accessed on 8 April 2021).
- Philip, N.Y.; Rodrigues, J.J.P.C.; Wang, H.; Fong, S.J.; Chen, J. Internet of Things for in-Home Health Monitoring Systems: Current Advances, Challenges and Future Directions. IEEE J. Sel. Areas Commun.
**2021**, 39, 300–310. [Google Scholar] [CrossRef] - Pramanik, P.K.D.; Pareek, G.; Nayyar, A. Security and Privacy in Remote Healthcare: Issues, Solutions, and Standards. In Telemedicine Technologies: Big Data, Deep Learning, Robotics, Mobile and Remote Applications for Global Healthcare; Elsevier: Amsterdam, The Netherlands, 2019; pp. 201–225. [Google Scholar] [CrossRef]
- Devaraj, S.J. Emerging Paradigms in Transform-Based Medical Image Compression for Telemedicine Environment. In Telemedicine Technologies: Big Data, Deep Learning, Robotics, Mobile and Remote Applications for Global Healthcare; Academic Press: Cambridge, MA, USA, 2019; pp. 15–29. [Google Scholar] [CrossRef]
- Rao, K. The Path to 5G for Health Care. Available online: https://futurenetworks.ieee.org/images/files/pdf/applications/5G--Health-Care030518.pdf (accessed on 8 April 2021).
- Lin, T.W.; Hsu, C.L. FAIDM for Medical Privacy Protection in 5G Telemedicine Systems. Appl. Sci.
**2021**, 11, 1155. [Google Scholar] [CrossRef] - Fan, K.; Jiang, W.; Li, H.; Yang, Y. Lightweight RFID Protocol for Medical Privacy Protection in IoT. IEEE Trans. Ind. Inform.
**2018**, 14, 1656–1665. [Google Scholar] [CrossRef] - Fortino, G.; Fotia, L.; Messina, F.; Rosaci, D.; Sarné, G.M.L. Trust and Reputation in the Internet of Things: State-of-the-Art and Research Challenges. IEEE Access
**2020**, 8, 60117–60125. [Google Scholar] [CrossRef] - Gambetta, D. Can We Trust Trust? In Trust: Making and Breaking Cooperative Relations; Gambetta, D., Ed.; Blackwell: Oxford, UK, 1988; pp. 213–237. [Google Scholar]
- Yan, Z.; Zhang, P.; Vasilakos, A.V. A Survey on Trust Management for Internet of Things. J. Netw. Comput. Appl.
**2014**, 42, 120–134. [Google Scholar] [CrossRef] - Sharma, A.; Pilli, E.S.; Mazumdar, A.P.; Gera, P. Towards Trustworthy Internet of Things: A Survey on Trust Management Applications and Schemes. Comput. Commun.
**2020**, 160, 475–493. [Google Scholar] [CrossRef] - Ud Din, I.; Guizani, M.; Kim, B.S.; Hassan, S.; Khan, M.K. Trust Management Techniques for the Internet of Things: A Survey. IEEE Access
**2019**, 7, 29763–29787. [Google Scholar] [CrossRef] - Guo, J.; Chen, I.R.; Tsai, J.J.P. A Survey of Trust Computation Models for Service Management in Internet of Things Systems. Comput. Commun.
**2017**, 97, 1–14. [Google Scholar] [CrossRef] - Abdelghani, W.; Zayani, C.A.; Amous, I.; Sèdes, F. Trust Management in Social Internet of Things: A Survey. In Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Springer: Berlin, Germany, 2016; Volume 9844, pp. 430–441. [Google Scholar]
- Mishra, D.; Mukhopadhyay, S.; Kumari, S.; Khan, M.K.; Chaturvedi, A. Security Enhancement of a Biometric Based Authentication Scheme for Telecare Medicine Information Systems with Nonce. J. Med. Syst.
**2014**, 38, 41. [Google Scholar] [CrossRef] - Renuka, K.; Kumari, S.; Li, X. Design of a Secure Three-Factor Authentication Scheme for Smart Healthcare. J. Med. Syst.
**2019**, 43, 133. [Google Scholar] [CrossRef] - Dharminder, D.; Mishra, D.; Li, X. Construction of RSA-Based Authentication Scheme in Authorized Access to Healthcare Services: Authorized Access to Healthcare Services. J. Med. Syst.
**2020**, 44, 6. [Google Scholar] [CrossRef] - Zhang, L.; Luo, H.; Zhao, L.; Zhang, Y. Privacy Protection for Point-of-Care Using Chaotic Maps-Based Authentication and Key Agreement. J. Med. Syst.
**2018**, 42, 250. [Google Scholar] [CrossRef] [PubMed] - Zhang, Q.; Zhang, Q.; Gan, Y.; Wang, R.; Tan, Y.A. A Dynamic and Cross-Domain Authentication Asymmetric Group Key Agreement in Telemedicine Application. IEEE Access
**2018**, 6, 24064–24074. [Google Scholar] [CrossRef] - Sureshkumar, V.; Amin, R.; Obaidat, M.S.; Karthikeyan, I. An Enhanced Mutual Authentication and Key Establishment Protocol for TMIS Using Chaotic Map. J. Inf. Secur. Appl.
**2020**, 53, 102539. [Google Scholar] [CrossRef] - Guo, R.; Shi, H.; Zheng, D.; Jing, C.; Zhuang, C.; Wang, Z. Flexible and Efficient Blockchain-Based ABE Scheme with Multi-Authority for Medical on Demand in Telemedicine System. IEEE Access
**2019**, 7, 88012–88025. [Google Scholar] [CrossRef] - Kocarev, L. Chaos-Based Cryptography: A Brief Overview. IEEE Circuits Syst. Mag.
**2001**, 1, 6–21. [Google Scholar] [CrossRef] [Green Version] - Kocarev, L.; Lian, S. Chaos-Based Cryptography—Theory, Algorithms and Applications; Springer: Berlin, Germany, 2011; Volume 354. [Google Scholar]
- Solev, D.; Janjic, P.; Kocarev, L. Introduction to Chaos. In Studies in Computational Intelligence; Springer: Berlin, Germany, 2011; Volume 354, pp. 1–25. [Google Scholar]
- Dachselt, F.; Schwarz, W. Chaos and Cryptography. IEEE Trans. Circuits Syst. I Fundam. Theory Appl.
**2001**, 48, 1498–1509. [Google Scholar] [CrossRef] - Kocarev, L.; Tasev, Z. Public-Key Encryption Based on Chebyshev Maps. In Proceedings of the 2003 International Symposium on Circuits and Systems, Bangkok, Thailand, 25–28 May 2003; pp. III28–III31. [Google Scholar]
- Mishkovski, I.; Kocarev, L. Chaos-Based Public-Key Cryptography. In Studies in Computational Intelligence; Springer: Berlin, Germany, 2011; Volume 354, pp. 27–65. [Google Scholar]
- Yoon, E.J.; Jeon, I.S. An Efficient and Secure Diffie–Hellman Key Agreement Protocol Based on Chebyshev Chaotic Map. Commun. Nonlinear Sci. Numer. Simul.
**2011**, 16, 2383–2389. [Google Scholar] [CrossRef] - Yoon, E.J.; Yoo, K.Y. Cryptanalysis of Group Key Agreement Protocol Based on Chaotic Hash Function. IEICE Trans. Inf. Syst.
**2011**, E94-D, 2167–2170. [Google Scholar] [CrossRef] [Green Version] - Lin, H.Y. Improved Chaotic Maps-Based Password-Authenticated Key Agreement Using Smart Cards. Commun. Nonlinear Sci. Numer. Simul.
**2015**, 20, 482–488. [Google Scholar] [CrossRef] - Lee, T.F.; Hsiao, C.H.; Hwang, S.H.; Lin, T.H. Enhanced Smartcard-Based Password-Authenticated Key Agreement Using Extended Chaotic Maps. PLoS ONE
**2017**, 12, e0181744. [Google Scholar] [CrossRef] [Green Version] - Lin, T.W.; Hsu, C.L. Anonymous Group Key Agreement Protocol for Multi-Server and Mobile Environments Based on Chebyshev Chaotic Maps. J. Supercomput.
**2018**, 74, 4521–4541. [Google Scholar] [CrossRef] - Zhang, L. Cryptanalysis of the Public Key Encryption Based on Multiple Chaotic Systems. Chaos Solitons Fractals
**2008**, 37, 669–674. [Google Scholar] [CrossRef] - Burrows, M.; Abadi, M.; Needham, R. A Logic of Authentication. ACM Trans. Comput. Syst. (TOCS)
**1990**, 8, 18–36. [Google Scholar] [CrossRef] - Mishkovski, I.; Kocarev, L. Chaos-Based Public-Key Cryptography. In Chaos-Based Cryptography: Theory, Algorithms and Applications; Kocarev, L., Lian, S., Eds.; Springer: Berlin/Heidelberg, Germany, 2011; pp. 27–65. [Google Scholar] [CrossRef]
- Amin, R.; Islam, S.H.; Biswas, G.P.; Khan, M.K.; Kumar, N. A Robust and Anonymous Patient Monitoring System Using Wireless Medical Sensor Networks. Future Gener. Comput. Syst.
**2018**, 80, 483–495. [Google Scholar] [CrossRef] - Han, L.; Tan, X.; Wang, S.; Liang, X. An Efficient and Secure Three-Factor Based Authenticated Key Exchange Scheme Using Elliptic Curve Cryptosystems. Peer-to-Peer Netw. Appl.
**2018**, 11, 63–73. [Google Scholar] [CrossRef] - Liu, B.; Yang, B.; Su, X. An Improved Two-Way Security Authentication Protocol for RFID System. Information
**2018**, 9, 86. [Google Scholar] [CrossRef] [Green Version] - Tan, Z. Secure Delegation-Based Authentication for Telecare Medicine Information Systems. IEEE Access
**2018**, 6, 26091–26110. [Google Scholar] [CrossRef] - Armando, A.; Basin, D.; Boichut, Y.; Chevalier, Y.; Compagna, L.; Cuellar, J.; Drielsma, P.H.; Heám, P.C.; Kouchnarenko, O.; Mantovani, J.; et al. The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In Proceedings of the Lecture Notes in Computer Science, Edinburgh, UK, 6–10 July 2005; pp. 281–285. [Google Scholar]
- Sutrala, A.K.; Das, A.K.; Kumar, N.; Reddy, A.G.; Vasilakos, A.V.; Rodrigues, J.J.P.C. On the Design of Secure User Authenticated Key Management Scheme for Multigateway-Based Wireless Sensor Networks Using ECC. Int. J. Commun. Syst.
**2018**, 31, e3514. [Google Scholar] [CrossRef] - Alshahrani, M.; Traore, I. Secure Mutual Authentication and Automated Access Control for IoT Smart Home Using Cumulative Keyed-Hash Chain. J. Inf. Secur. Appl.
**2019**, 45, 156–175. [Google Scholar] [CrossRef] - Oheimb, D.v. The High-Level Protocol Specification Language HLPSL Developed in the EU Project AVISPA. In Proceedings of the APPSEM 2005 Workshop, Frauenchiemsee, Germany, 12–15 September 2005. [Google Scholar]
- Bergamo, P.; D’Arco, P.; De Santis, A.; Kocarev, L. Security of Public-Key Cryptosystems Based on Chebyshev Polynomials. IEEE Trans. Circuits Syst. I Regul. Papers
**2005**, 52, 1382–1393. [Google Scholar] [CrossRef] [Green Version] - Wang, X.; Zhao, J. An Improved Key Agreement Protocol Based on Chaos. Commun. Nonlinear Sci. Numer. Simul.
**2010**, 15, 4052–4057. [Google Scholar] [CrossRef] - Lin, N.; Zhu, H.F. Enhancing the Security of Chaotic Maps-Based Password-Authenticated Key Agreement Using Smart Card. J. Inf. Hiding Multimed. Signal Process.
**2017**, 8, 1273–1282. [Google Scholar] - Madhusudhan, R.; Nayak, C.S. A Robust Authentication Scheme for Telecare Medical Information Systems. Multimed. Tools Appl.
**2019**, 78, 15255–15273. [Google Scholar] [CrossRef] - Healthcare Certification Authority. Available online: https://hca.nat.gov.tw/Default.aspx (accessed on 8 September 2020).
- AVISPA: Automated Validation of Internet Security Protocols and Applications. Available online: http://www.avispa-project.org/ (accessed on 30 May 2020).

Notations | Definitions |
---|---|

${\mathit{ID}}_{\mathit{i}}$ | Identity of user ${U}_{i}$. |

${\mathit{SID}}_{j}$ | Identity of server ${S}_{j}$. |

⊕ | Exclusive OR (XOR) operation. |

H(.) | Collision-resistant one-way hash function. |

$\mathit{PWi}$ | Password of user ${U}_{i}$. |

${x}_{{S}_{j}}$ | Secret value of server ${S}_{j}$. |

k | Encryption/decryption key k. |

${E}_{k}$(.)/${D}_{k}$(.) | A symmetric encryption/decryption algorithm with secret key k. |

x, $\mathit{yi}$, $\rho i$ | Random numbers. |

${h}_{k}$(.) | Collision-resistance secure one-way chaotic hash function. |

USB | Portable USB device. |

$\mathit{sj}$ | Server ${S}_{j}$’s new chaotic random number. |

**Table 2.**Notations of BAN logic [52] used in analyzing the proposed scheme.

Notations | Definitions |
---|---|

P, Q | Principles. |

X, Y | Statements. |

r, w | Readers (receivers) and writers (senders). |

K | Encryption key. |

P believes X | P believes X. |

P once said X | P once said X. |

C(X) | X is transited through communication channel C. |

r(C)/w(C) | Readers/writers of C. |

P sees C(X) | P sees C(X). |

P sees X|C | P sees X via C. |

${\left(X\right)}_{K}$ | X is encrypted with the key K. |

$P\stackrel{K}{\leftrightarrow}Q$ | P and Q establish a secure communication channel using K. |

Properties | [63] | [46] | [48] | [64] | [49] | [65] | [38] | Ours |
---|---|---|---|---|---|---|---|---|

Preventing key-compromise impersonation attack | X | O | X | X | O | O | O | O |

Preventing server spoofing attack | X | O | O | O | O | X | X | O |

Multi-server environments | X | X | X | X | X | O | O | O |

Preventing MITM attack | X | X | O | O | O | X | O | O |

Stolen-verification table attack | X | O | O | O | X | X | O | O |

Key confirmation | X | X | X | X | X | X | X | O |

Preventing clock synchronization problem | O | X | X | O | X | O | X | O |

User anonymity | X | X | O | O | O | X | O | O |

Preventing denial-of-service (DoS) attack | X | X | X | O | O | X | O | O |

Roles | Lee et al. [49] | Madhusudhan et al. [65] | Sureshkumar et al. [38] | Ours |
---|---|---|---|---|

User | ${3T}_{h}{+3T}_{\mathit{ch}}{+T}_{\mathit{sym}}\phantom{\rule{0ex}{0ex}}\approx {3T}_{h}{+525T}_{h}+2.5{T}_{h}\phantom{\rule{0ex}{0ex}}=530.5{T}_{h}$ | ${8T}_{h}{+5T}_{\mathit{ch}}\phantom{\rule{0ex}{0ex}}\approx {8T}_{h}{+875T}_{h}\phantom{\rule{0ex}{0ex}}{=883T}_{h}$ | ${7T}_{h}{+5T}_{\mathit{ch}}\phantom{\rule{0ex}{0ex}}\approx {7T}_{h}{+875T}_{h}\phantom{\rule{0ex}{0ex}}{=882T}_{h}$ | ${5T}_{h}{+2T}_{\mathit{ch}}{+2T}_{\mathit{sym}}\phantom{\rule{0ex}{0ex}}\approx {5T}_{h}{+350T}_{h}{+5T}_{h}\phantom{\rule{0ex}{0ex}}{=360T}_{h}$ |

Server | ${T}_{h}{+3T}_{\mathit{ch}}{+2T}_{\mathit{sym}}\phantom{\rule{0ex}{0ex}}\approx {T}_{h}{+525T}_{h}{+5T}_{h}\phantom{\rule{0ex}{0ex}}=531.5{T}_{h}$ | ${5T}_{h}{+4T}_{\mathit{ch}}\phantom{\rule{0ex}{0ex}}\approx {5T}_{h}{+700T}_{h}\phantom{\rule{0ex}{0ex}}{=705T}_{h}$ | ${3T}_{h}{+2T}_{\mathit{ch}}\phantom{\rule{0ex}{0ex}}\approx {3T}_{h}{+350T}_{h}\phantom{\rule{0ex}{0ex}}{=353T}_{h}$ | ${4T}_{h}{+2T}_{\mathit{ch}}{+2T}_{\mathit{sym}}\phantom{\rule{0ex}{0ex}}\approx {4T}_{h}{+350T}_{h}{+5T}_{h}\phantom{\rule{0ex}{0ex}}{=359T}_{h}$ |

Both | ${1061T}_{h}$ | 1588${T}_{h}$ | 1235 ${T}_{h}$ | 719 ${T}_{h}$ |

Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |

© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Lin, T.-W.; Hsu, C.-L.; Le, T.-V.; Lu, C.-F.; Huang, B.-Y.
A Smartcard-Based User-Controlled Single Sign-On for Privacy Preservation in 5G-IoT Telemedicine Systems. *Sensors* **2021**, *21*, 2880.
https://doi.org/10.3390/s21082880

**AMA Style**

Lin T-W, Hsu C-L, Le T-V, Lu C-F, Huang B-Y.
A Smartcard-Based User-Controlled Single Sign-On for Privacy Preservation in 5G-IoT Telemedicine Systems. *Sensors*. 2021; 21(8):2880.
https://doi.org/10.3390/s21082880

**Chicago/Turabian Style**

Lin, Tzu-Wei, Chien-Lung Hsu, Tuan-Vinh Le, Chung-Fu Lu, and Bo-Yu Huang.
2021. "A Smartcard-Based User-Controlled Single Sign-On for Privacy Preservation in 5G-IoT Telemedicine Systems" *Sensors* 21, no. 8: 2880.
https://doi.org/10.3390/s21082880