An Efficient and Provable Secure Certificate-Based Combined Signature, Encryption and Signcryption Scheme for Internet of Things (IoT) in Mobile Health (M-Health) System.

Mobile health (M-Health) system is the remote form of Wireless Body Area Networks (WBAN), which can be used for collecting patient's health data in real-time with mobile devices, and storing it to the network servers. The data can be accessed by doctors to monitor, diagnosed and treat patients through a variety of techniques and technologies. The main advantage of the M-Health system is the ease of time-independent communication from physically distant places that enhances the quality of healthcare services at a reduced cost. Furthermore, to provide faster access to the treatment of patients, an M-Health system can be integrated with the internet of things (IoT) to offer preventive or proactive healthcare services by connecting devices and persons. However, its equally great drawback lies in transmitting and receiving the health information wirelessly through an open wireless medium that offers different security and privacy violation threats. We aim to address such a deficiency, and thus a new scheme called an efficient and provable secure certificate-based combined signature, encryption and signcryption (CBCSES) scheme, has been proposed in this article. The scheme not only obtains encryption and signcryption but also provides encryption or signature model alone when needed. To show the effectiveness of the proposed scheme, detailed security analyses, i.e. indistinguishable under adaptive chosen-ciphertext attacks (IND-CBCSES-CCA) and unforgeable under adaptive chosen message attacks (EUF-CBCSES-CMA), and the comparisons with relevant existing schemes are carried out. The results obtained authenticate the superiority of our scheme in terms of both computation and communication costs with enhanced security.