TOWARDS SECURE IOT AUTHENTICATION SYSTEM BASED ON FOG COMPUTING AND BLOCKCHAIN TECHNOLOGIES TO RESIST 51% AND HIJACKING CYBER-ATTACKS

(Received: 7-Jan.-2025, Revised: 14-Mar.-2025 , Accepted: 1-Apr.-2025)

Authors Muwafaq Jawad, Ali A. Yassin, Hamid Ali Abed AL-Asadi, Zaid Ameen Abduljabbar, Vincent Omollo Nyangaresi, Zaid Alaa Hussien, Husam A. Neamah,

Keywords #Blockchain #Fog computing #IoHT #Authentication #Chaotic cryptography #Healthcare

Abstract The Internet of Health Things (IoHT) is a network of healthcare devices, software and systems that enable remote monitoring and healthcare services by gathering real-time health data through sensors. Despite its significant benefits for modern smart healthcare, IoHT faces growing security challenges due to the limited processing power, storage capacity and self-defense capabilities of its devices. While blockchain-based authentication solutions have been developed to leverage tamper-resistant decentralized designs for enhanced security, they often require substantial computational resources, increased storage and longer authentication times, hindering scalability and time efficiency in large-scale, time-critical IoHT systems. To address these challenges, we propose a novel four-phase authentication scheme comprising setup, registration, authentication and secret-construction phases. Our scheme integrates chaotic-based public-key cryptosystems, a Light Encryption Device (LED) with a 3-D Lorenz chaotic map algorithm and blockchain-based fog computing technologies to enhance both efficiency and scalability. Simulated on the Ethereum platform using Solidity and evaluated with the JMeter tool, the proposed scheme demonstrates superior performance, with a computationalcost reduction of 40% compared to traditional methods like Elliptic Curve Cryptography (ECC). The average latency for registration is 1.25 ms, while the authentication phase completes in just 1.50 ms, making it highly suitable for time-critical IoHT applications. Security analysis using the Scyther tool confirms that the scheme is resistant to modern cyberattacks, including 51% attacks and hijacking, while ensuring data integrity and confidentiality. Additionally, the scheme minimizes communication costs and supports the scalability of largescale IoHT systems. These results highlight the proposed scheme’s potential to revolutionize secure and efficient healthcare monitoring, enabling real-time, tamper-proof data management in IoHT environments.

References

[1] A. H. Ameen, M. A. Mohammed and A. N. Rashid, "Dimensions of Artificial Intelligence Techniques,Blockchain and Cyber Security in the Internet of Medical Things: Opportunities, Challenges and Future Directions," Journal of Intelligent Systems, vol. 32, no. 1, p. 20220267, 2023.

[2] B. Pradhan, S. Bhattacharyya and K. Pal, "IoT-based Applications in Healthcare Devices," Journal ofHealthcare Engineering, vol. 2021, no. 1, p. 6632599, 2021.

[3] N. Garg et al., "BAKMP-IoMT: Design of Blockchain Enabled Authenticated Key ManagementProtocol for Internet of Medical Things Deployment," IEEE Access, vol. 8, pp. 95956–95977, 2020.

[4] Y. Aydin, G. K. Kurt, E. Ozdemir and H. Yanikomeroglu, "A Flexible and Lightweight GroupAuthentication Scheme," IEEE Internet of Things Journal, vol. 7, no. 10, pp. 10277–10287, 2020.

[5] S. M. Umran et al., "Secure Data of Industrial Internet of Things in a Cement Factory Based on aBlockchain Technology," Applied Sciences, vol. 11, no. 14, p. 6376, 2021.

[6] M. El-Hajj, A. Fadlallah, M. Chamoun and A. Serhrouchni, "A Survey of Internet of Things (IoT)Authentication Schemes," Sensors, vol. 19, no. 5, p. 1141, 2019.

[7] G. Apruzzese et al., "The Role of Machine Learning in Cyber-security," Digital Threats: Research andPractice, vol. 4, no. 1, pp. 1–38, 2023.

[8] S. Matsumoto et al., "Authentication Challenges in a Global Environment," ACM Transactions onPrivacy and Security (TOPS), vol. 20, no. 1, pp. 1–34, 2017.

[9] S. C. Seak et al., "A Centralized Multi-modal Unified Authentication Platform for Web-basedApplication," Proc. of the World Congress on Engineering and Computer Science (WCECS 2014), vol. 1, San Francisco, USA, 2014.

[10] D. Nkomo and R. Brown, "Hybrid Cyber Security Framework for the Internet of Medical Things,"Blockchain and Clinical Trial: Securing Patient Data, Part of the Book Series: Advanced Sciences and Technologies for Security Applications (ASTSA), pp. 211–229, 2019.

[11] M. Jmaiel et al., "The Impact of Digital Technologies on Public Health in Developed and DevelopingCountries," Proc. of the 18th Int. Conf. on Smart Homes and Health Telematics (ICOST 2020), vol. 12157, Hammamet, Tunisia, 2020.

[12] I. Purdon and E. Erturk, "Perspectives of Blockchain Technology, Its Relation to the Cloud and ItsPotential Role in Computer Science Education," Engineering, Technology & Applied Science Research, vol. 7, no. 6, 2017.

[13] N. Deepa et al., "A Survey on Blockchain for Big Data: Approaches, Opportunities and FutureDirections," Future Generation Computer Systems, vol. 131, pp. 209–226, 2022.

[14] S. M. Umran et al., "Secure and Privacy-preserving Data-sharing Framework Based on BlockchainTechnology for Al-Najaf/Iraq Oil Refinery," Proc. of the 2022 IEEE Smartworld, Ubiquitous Intelligence & Computing, Scalable Computing & Communications, Digital Twin, Privacy Computing, Metaverse, Autonomous & Trusted Vehicles (Smart-World/UIC/ScalCom/DigitalTwin/PriComp/Meta), pp. 2284–2292, 2022.

[15] H. Sheth and J. Dattani, "Overview of Blockchain Technology," Asian J. For Convergence inTechnology (AJCT), vol. 5, no. 1, 2019.

[16] S. M. Umran et al., "Multi-chain Blockchain Based Secure Data-sharing Framework for Industrial IoTsSmart Devices in Petroleum Industry," Internet of Things, vol. 24, p. 100969, 2023.

[17] S. Tuli, R. Mahmud, S. Tuli and R. Buyya, "FogBus: A Blockchain-based Lightweight Framework forEdge and Fog Computing," Journal of Systems and Software, vol. 154, pp. 22–36, 2019.

[18] H. Reffad, A. Alti and A. Almuhirat, "A Dynamic Adaptive Bio-inspired Multi-agent System forHealthcare Task Deployment," Engineering, Technology & Applied Science Research, vol. 13, no. 1, pp. 10192–10198, 2023.

[19] O. Umoren, R. Singh, S. Awan, Z. Pervez and K. Dahal, "Blockchain-based Secure Authentication withImproved Performance for Fog Computing," Sensors, vol. 22, no. 22, p. 8969, 2022.

[20] N. Alsaeed, F. Nadeem and F. Albalwy, "A Scalable and Lightweight Group Authentication Frameworkfor Internet of Medical Things Using Integrated Blockchain and Fog Computing," Future Generation Computer Systems, vol. 151, pp. 162–181, 2024.

[21] R. Almadhoun et al., "A User Authentication Scheme of IoT Devices Using Blockchain-enabled FogNodes," Proc. of the 2018 IEEE/ACS 15th Int. Conf. on Computer Systems and Applications (AICCSA), pp. 1–8, Aqaba, Jordan, 2018.

[22] A. Mehmood et al., "Anonymous Authentication Scheme for Smart Cloud Based HealthcareApplications," IEEE Access, vol. 6, pp. 33552–33567, 2018.

[23] Y. Liang, "Identity Verification and Management of Electronic Health Records with BlockchainTechnology," Proc. of the 2019 IEEE Int. Conf. on Healthcare Informatics (ICHI), pp. 1–3, Xi'an, China, 2019.

[24] X. Cheng, F. Chen, D. Xie, H. Sun and C. Huang, "Design of a Secure Medical Data Sharing SchemeBased on Blockchain," Journal of Medical Systems, vol. 44, no. 2, p. 52, 2020.

[25] T.-Y. Wu et al., "Improved ECC-based Three-factor Multiserver Authentication Scheme," Security andCommunication Networks, vol. 2021, no. 1, p. 6627956, 2021.

[26] Y. Guo and Y. Guo, "FogHA: An Efficient Handover Authentication for Mobile Devices in FogComputing," Computers & Security, vol. 108, p. 102358, 2021.

[27] I. T. Javed et al., "Health-ID: A Blockchain-based Decentralized Identity Management for RemoteHealthcare," Healthcare, vol. 9, no. 6, p. 712, MDPI, 2021.

[28] I.-T. Chen, J.-M. Tsai, Y.-T. Chen and C.-H. Lee, "Lightweight Mutual Authentication for HealthcareIoT," Sustainability, vol. 14, no. 20, p. 13411, 2022.

29] O. Umoren, R. Singh, Z. Pervez and K. Dahal, "Securing Fog Computing with a Decentralized UserAuthentication Approach Based on Blockchain," Sensors, vol. 22, no. 10, p. 3956, 2022.

[30] H. Miriam et al., "Secured Cyber Security Algorithm for Healthcare System Using BlockchainTechnology," Intelligent Automation & Soft Computing, vol. 35, no. 2, 2023.

[31] S. Nakamoto, "Bitcoin: A Peer-to-peer Electronic Cash System," [Online], Available:https://www.ussc.gov/sites/default/files/pdf/training/annual-national-training-seminar/2018/Emerging_Tech_Bitcoin_Crypto.pdf, 2008.

[32] A. A.-N. Patwary et al., "FogAuthChain: A Secure Location-based Authentication Scheme in FogComputing Environments Using Blockchain," Computer Communications, vol. 162, pp. 212–224, 2020.

[33] W. J. Gordon et al., "Blockchain Technology for Healthcare: Facilitating the Transition to Patient-driven Interoperability," Computational and Structural Biotechnology J., vol. 16, pp. 224– 230, 2018.

[34] P. P. Ray, D. Dash, K. Salah and N. Kumar, "Blockchain for IoT-based Healthcare: Background,Consensus, Platforms and Use Cases," IEEE Systems Journal, vol. 15, no. 1, pp. 85–94, 2020.

[35] Z. Zheng et al., "An Overview of Blockchain Technology: Architecture, Consensus and Future Trends,"Proc. of the 2017 IEEE Int. Congress on Big Data (BigData Congress), pp. 557–564, Honolulu, USA, 2017.

[36] N. Z. Benisi, M. Aminian and B. Javadi, "Blockchain-based Decentralized Storage Networks: ASurvey," Journal of Network and Computer Applications, vol. 162, p. 102656, 2020.

[37] R. Zhang, R. Xue and L. Liu, "Security and Privacy on Blockchain," ACM Computing Surveys(CSUR), vol. 52, no. 3, pp. 1–34, 2019.

[38] F. Bonomi, R. Milito, J. Zhu and S. Addepalli, "Fog Computing and Its Role in the Internet of Things,"Proc. of the 1st Edition of the MCC Workshop on Mobile Cloud Comp. (MCC’12), pp. 13–16, 2012.

[39] Y. C. Hu et al., "Mobile Edge Computing: A Key Technology Towards 5G," ETSI White Paper, vol.11, no. 11, pp. 1–16, 2015.

[40] H. Sabireen and V. Neelanarayanan, "A Review on Fog Computing: Architecture, Fog with IoT,Algorithms and Research Challenges," ICT Express, vol. 7, no. 2, pp. 162–176, 2021.

[41] M. Yannuzzi et al., "Key Ingredients in An IoT Recipe: Fog Computing, Cloud Computing and MoreFog Computing," Proc. of the 2014 IEEE 19th Int. Workshop on Computer-aided Modeling and Design of Communication Links and Networks (CAMAD), pp. 325–329, Athens, Greece, 2014.

[42] M. Mohammed et al., "Chaotic-based Public Key Cryptosystem for PGP Protocol," Proc. of the Int.Conf. on Aerospace Sciences and Aviation Technology, vol. 15, pp. 1–17, The Military Technical College, Cairo, Egypt, 2013.

[43] B. Bai, S. Nazir, Y. Bai and A. Anees, "Security and Provenance for Internet of Health Things: ASystematic Literature Review," J. of Software: Evolution and Process, vol. 33, no. 5, p. e2335, 2021.

[44] V. O. Nyangaresi, "Biometric-based Packet Validation Scheme for Body Area Network SmartHealthcare Devices," Proc. of the 2022 IEEE 21st Mediterranean Electrotechnical Conf. (MELECON), pp. 726–731, Palermo, Italy, 2022.

[45] X. Li, J. Ma and S. Moon, "On the Security of the Canetti-Krawczyk Model," Proc. of the Int. Conf. onComputational and Information Science, Part of the Book Series: Lecture Notes in Computer Science, vol. 3802 pp. 356–363, 2005.

[46] S. Shamshad et al., "An Enhanced Scheme for Mutual Authentication for Healthcare Services," DigitalCommunications and Networks, vol. 8, no. 2, pp. 150–161, 2022.

[47] Z. Bao et al., "A Group Signature Scheme with Selective Linkability and Traceability for Blockchain-based Data Sharing Systems in E-health Services," IEEE Internet of Things Journal, vol. 10, no. 23, pp. 21115–21128, 2023.

[48] A. A. Mazlan et al., "Scalability Challenges in Healthcare Blockchain System: A Systematic Review,"IEEE Access, vol. 8, pp. 23663– 23673, 2020.

[49] G. Somani et al., "DDoS Attacks in Cloud Computing: Issues, Taxonomy and Future Directions,"Computer Communications, vol. 107, pp. 30–48, 2017.

[50] N. Sivasankari and S. Kamalakkannan, "Detection and Prevention of Man-in-the-Middle Attack in IoTNetwork Using Regression Modeling," Advances in Engineering Software, vol. 169, p. 103126, 2022.

[51] C.-M. Chen, Z. Chen, S. Kumari and M.-C. Lin, "LAP-IoHT: A Lightweight Authentication Protocolfor the Internet of Health Things," Sensors, vol. 22, no. 14, p. 5401, 2022.

[52] W. Yang et al., "Security Analysis of a Distributed Networked System under Eavesdropping Attacks,"IEEE Transactions on Circuits and Systems II: Express Briefs, vol. 67, no. 7, pp. 1254–1258, 2019.

[53] X. Xiang, M. Wang and W. Fan, "A Permissioned Blockchain-based Identity Management and UserAuthentication Scheme for E-health Systems," IEEE Access, vol. 8, pp. 171771–171783, 2020.

[54] M. T. Mohammed et al., "Chaotic Based Key Management and Public-key Cryptosystem," Int. J. ofComputer Science and Telecommunications, vol. 3, no. 11, pp. 35–42, 2012.

[55] H. M. Al-Saadi and I. Alshawi, "Provably-secure Led Block Cipher Diffusion and Confusion Based onChaotic Maps," Informatica, vol. 47, no. 6, pp. 105-114, 2023.

[56] S. Majumder et al., "Wearable Sensors for Remote Health Monitoring," Sensors, vol. 17, no. 1, p. 130,2017.

[57] D. Formica and E. Schena, "Smart Sensors for Healthcare and Medical Applications," Sensors, vol. 21,no. 2, p. 543, 2021.

[58] A. S. Rajasekaran et al., "Blockchain Enabled Anonymous Privacy-preserving Authentication Schemefor Internet of Health Things," Sensors, vol. 23, no. 1, p. 240, 2022.

[59] X. Jia, D. He, N. Kumar and K.-K. R. Choo, "A Provably Secure and Efficient Identity-basedAnonymous Authentication Scheme for Mobile Edge Computing," IEEE Systems Journal, vol. 14, no. 1, pp. 560–571, 2019.

[60] M. Burrows, M. Abadi and R. Needham, "A Logic of Authentication," DEC System Research CentreReport, ACM Transactions on Computer Systems, vol. 8, no. 1, pp. 18-36, February 1990.

[61] M. N. Aman, K. C. Chua and B. Sikdar, "A Light-weight Mutual Authentication Protocol for IoTSystems," Proc. of GLOBECOM 2017-2017 IEEE Global Communications Conf., pp. 1–6, Singapore, 2017.

Abstract: The Internet of Health Things (IoHT) is a network of healthcare devices, software and systems that enable remote monitoring and healthcare services by gathering real-time health data through sensors. Despite its significant benefits for modern smart healthcare, IoHT faces growing security challenges due to the limited processing power, storage capacity and self-defense capabilities of its devices. While blockchain-based authentication solutions have been developed to leverage tamper-resistant decentralized designs for enhanced security, they often require substantial computational resources, increased storage and longer authentication times, hindering scalability and time efficiency in large-scale, time-critical IoHT systems. To address these challenges, we propose a novel four-phase authentication scheme comprising setup, registration, authentication and secret-construction phases. Our scheme integrates chaotic-based public-key cryptosystems, a Light Encryption Device (LED) with a 3-D Lorenz chaotic map algorithm and blockchain-based fog computing technologies to enhance both efficiency and scalability. Simulated on the Ethereum platform using Solidity and evaluated with the JMeter tool, the proposed scheme demonstrates superior performance, with a computationalcost reduction of 40% compared to traditional methods like Elliptic Curve Cryptography (ECC). The average latency for registration is 1.25 ms, while the authentication phase completes in just 1.50 ms, making it highly suitable for time-critical IoHT applications. Security analysis using the Scyther tool confirms that the scheme is resistant to modern cyberattacks, including 51% attacks and hijacking, while ensuring data integrity and confidentiality. Additionally, the scheme minimizes communication costs and supports the scalability of largescale IoHT systems. These results highlight the proposed scheme’s potential to revolutionize secure and efficient healthcare monitoring, enabling real-time, tamper-proof data management in IoHT environments.
URL: https://jjcit.org/paper/261

,abstract={The Internet of Health Things (IoHT) is a network of healthcare devices, software and systems that enable remote monitoring and healthcare services by gathering real-time health data through sensors. Despite its significant benefits for modern smart healthcare, IoHT faces growing security challenges due to the limited processing power, storage capacity and self-defense capabilities of its devices. While blockchain-based authentication solutions have been developed to leverage tamper-resistant decentralized designs for enhanced security, they often require substantial computational resources, increased storage and longer authentication times, hindering scalability and time efficiency in large-scale, time-critical IoHT systems. To address these challenges, we propose a novel four-phase authentication scheme comprising setup, registration, authentication and secret-construction phases. Our scheme integrates chaotic-based public-key cryptosystems, a Light Encryption Device (LED) with a 3-D Lorenz chaotic map algorithm and blockchain-based fog computing technologies to enhance both efficiency and scalability. Simulated on the Ethereum platform using Solidity and evaluated with the JMeter tool, the proposed scheme demonstrates superior performance, with a computationalcost reduction of 40% compared to traditional methods like Elliptic Curve Cryptography (ECC). The average latency for registration is 1.25 ms, while the authentication phase completes in just 1.50 ms, making it highly suitable for time-critical IoHT applications. Security analysis using the Scyther tool confirms that the scheme is resistant to modern cyberattacks, including 51% attacks and hijacking, while ensuring data integrity and confidentiality. Additionally, the scheme minimizes communication costs and supports the scalability of largescale IoHT systems. These results highlight the proposed scheme’s potential to revolutionize secure and efficient healthcare monitoring, enabling real-time, tamper-proof data management in IoHT environments.},
keywords={Blockchain,Fog computing,IoHT,Authentication,Chaotic cryptography,Healthcare},
ISSN={2413-9351},
month={}}

AB - The Internet of Health Things (IoHT) is a network of healthcare devices, software and systems that enable remote monitoring and healthcare services by gathering real-time health data through sensors. Despite its significant benefits for modern smart healthcare, IoHT faces growing security challenges due to the limited processing power, storage capacity and self-defense capabilities of its devices. While blockchain-based authentication solutions have been developed to leverage tamper-resistant decentralized designs for enhanced security, they often require substantial computational resources, increased storage and longer authentication times, hindering scalability and time efficiency in large-scale, time-critical IoHT systems. To address these challenges, we propose a novel four-phase authentication scheme comprising setup, registration, authentication and secret-construction phases. Our scheme integrates chaotic-based public-key cryptosystems, a Light Encryption Device (LED) with a 3-D Lorenz chaotic map algorithm and blockchain-based fog computing technologies to enhance both efficiency and scalability. Simulated on the Ethereum platform using Solidity and evaluated with the JMeter tool, the proposed scheme demonstrates superior performance, with a computationalcost reduction of 40% compared to traditional methods like Elliptic Curve Cryptography (ECC). The average latency for registration is 1.25 ms, while the authentication phase completes in just 1.50 ms, making it highly suitable for time-critical IoHT applications. Security analysis using the Scyther tool confirms that the scheme is resistant to modern cyberattacks, including 51% attacks and hijacking, while ensuring data integrity and confidentiality. Additionally, the scheme minimizes communication costs and supports the scalability of largescale IoHT systems. These results highlight the proposed scheme’s potential to revolutionize secure and efficient healthcare monitoring, enabling real-time, tamper-proof data management in IoHT environments.

Download Full Text