A cloud-assisted key agreement protocol for the E-healthcare system.

Secure data transmission is critical to cloud-based electronic healthcare (e-healthcare) systems. Upon delving into the literature, it becomes clear that several security mechanisms have been developed to ensure the security of exchanged information across patients, physicians, and the cloud server, but they do not resist vulnerabilities such as man-in-the-middle, side-channel, and session key hijacking attacks. These vulnerabilities can seriously compromise the integrity of exchanged medical records. In light of this, the article proposes a cloud-assisted key agreement protocol for the e-healthcare system to enable secure authentication for patient monitoring, enhancing mutual authentication of the participating entities and creating protected session keys for secure open-channel communication. The proposed methodology employs robust and lightweight procedures, including SHA-256 and Elliptic Curve Cryptography (ECC), while considering the challenges of implementing strong security protocols in healthcare systems, such as the need for high performance and low energy consumption. The proof of correctness and robustness of the proposed protocol has been analyzed through the Real-Or-Random (RoR) model, ProVerif verification toolkit, and pragmatic illustration, while the efficiency and efficacy were checked by measuring computation, communication, storage costs, and energy consumption. The result obtained from the security analysis demonstrated that the proposed protocol resisting man-in-the-middle, replay, DoS, traceability/tracking, desynchronization, impersonation, and side channel attacks offers key secrecy, confidentiality, integrity, and authorization. In contrast, the result depicted from the performance analysis section shows that the proposed protocol is 46.99% better in communication, 96.46% in computation, and 53.69% in energy consumption, which is inaugurating its superiority over its competitors. Hence, it is recommended for practical implementation in the real-world cloud-based e-healthcare scenario.