1 Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network University of Waterloo & University of Ontario Institute of Technology Rongxing Lu, Xiaodong Lin, Xiaohui Liang and Sherman Shen BodyNets’10 Social Healthcare

2 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Outline Introduction – Wireless Body Sensor Network – Mobile Healthcare Social Network Motivation – Privacy Challenges Proposed Secure Handshake Security Analysis Performance Evaluation Conclusions Outline

3 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Wireless Body Sensor Network PDA Wireless/Wired eHealthcare center Doctor PHI Body sensor Patient Wireless Body Sensor Network (WBSN), as an emerging network paradigm in eHealthcare system aiming at providing patients with remote and continuous monitoring, has gathered great momentum from not only the governments but also the academia in our aging society.

4 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network WBSN Classification Based on wheter a patient is in-bed at home/hosptial or mobile outside, eHealthcare system can be divided into two categories: in-bed eHealthcare system and mobile eHealtcare (mHealthcare) system. In this work, we focus on the mHealthcare system. Based on wheter a patient is in-bed at home/hosptial or mobile outside, eHealthcare system can be divided into two categories: in-bed eHealthcare system and mobile eHealtcare (mHealthcare) system. In this work, we focus on the mHealthcare system. In-bed eHealthcare System Mobile eHealthcare System

5 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network mHealthcare Social Network In mHealthcare system, patient’s PHI is reported to the eHealth center, and only the related medical professionals can read them. At the same time, due to patient’s mobility, patients can often contact with each other in mHealthcare system. If two patients have the same symptom, it is possible for them to share their health condition and experience, provide mutual support and inspiration to each other to eliminate loneliness. This kind of social contact is called mHealthcare social network (MHSN). In mHealthcare system, patient’s PHI is reported to the eHealth center, and only the related medical professionals can read them. At the same time, due to patient’s mobility, patients can often contact with each other in mHealthcare system. If two patients have the same symptom, it is possible for them to share their health condition and experience, provide mutual support and inspiration to each other to eliminate loneliness. This kind of social contact is called mHealthcare social network (MHSN). mHealthcare mHealthcare Social Network

6 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Motivation:: Privacy Challenges In our aging society, MHSN is promising and can be accepted by the seniors. However, new security issues arisen from MHSN should be considered: How to securely identify a patient who has the same symptom? How to prevent others who don’t have the same symptom from knowing someone’s symptom? To address these privacy challenges, we proposed a secure same- symptom-based handshake (SSH) scheme, which allows a patient to securely share his PHI with ones who have the same symptom. In our aging society, MHSN is promising and can be accepted by the seniors. However, new security issues arisen from MHSN should be considered: How to securely identify a patient who has the same symptom? How to prevent others who don’t have the same symptom from knowing someone’s symptom? To address these privacy challenges, we proposed a secure same- symptom-based handshake (SSH) scheme, which allows a patient to securely share his PHI with ones who have the same symptom. mHealthcare Social Network Security Privacy Challenges Share PHI, experiences

7 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Proposed Secure Handshake When two patient Ui, Uj contact, the necessary conditions for establishing a social relationship based on the same symptom are : Mobility Sociality When Access Point (AP) is available, mobile patient can report the PHI to eHealth center 1: U i is social 0: U i is not social System Model

8 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Proposed Secure Handshake Design Goals Patient's real identity should be protected in a MHSN. Patient's PHI should be controlled by patient himself and only shared with ones who have the same symptom. Patient's real identity should be protected in a MHSN. Patient's PHI should be controlled by patient himself and only shared with ones who have the same symptom. Ui Sym(Ui) Pseudo-id Pid_i Private key S_i Sym(Uj) Uj Pseudo-id Pid_j Private key S_j Mutual authentication Establish a shared key

9 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Proposed Secure Handshake Design Goals Correctness: When two honest patients Ui, Uj run secure handshake, if soc(Ui)=soc(Uj)=1 and sym(Ui)=sym(Uj), they can always authenticate each other as one who has the same symptom, establish a shared key. Impersonator Resistance: If soc(Ui)=soc(Uj)=1 and sym(Ui)<>sym(Uj), the probability that Ui believes Uj has the same symptom is negligible. Detector Resistance: If soc(Ui)=soc(Uj)=1 and sym(Ui)<>sym(Uj), Uj has no idea on what symptom sym(Ui) that Ui has. Only when a MHSN is reinforced by a secure handshake scheme, it can be widely accepted by the patients and steps into its flourish stage.

10 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Proposed Secure Handshake Bilinear Maps Let G be a cyclic additive group by P with a large prime order q, G T be a cyclic multiplicative group with the same order. An admissible bilinear pairing e: G×G-> G T is a map with the following properties: Bilinearity: For all P, Q in G, and any a,b in Zq, we have e(aP, bQ)=e(P,Q) ab Non-degeneracy: There exist P,Q in G such that e(P,Q)≠1 Computability: There is an efficient algorithm to compute e(P,Q) for all P,Q in G. Let G be a cyclic additive group by P with a large prime order q, G T be a cyclic multiplicative group with the same order. An admissible bilinear pairing e: G×G-> G T is a map with the following properties: Bilinearity: For all P, Q in G, and any a,b in Zq, we have e(aP, bQ)=e(P,Q) ab Non-degeneracy: There exist P,Q in G such that e(P,Q)≠1 Computability: There is an efficient algorithm to compute e(P,Q) for all P,Q in G. Sym(Ui)=Ti Ui Master key System Public key System Initialization

11 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Proposed Secure Handshake Description If Ti=Tj, i.e., Ui and Uj have the same symptom, they can mutually authenticate each other, and establish a shared key If Ti≠Tj, i.e., Ui and Uj have different symptoms, they cannot authenticate each other or establish a shared key If Ti=Tj, i.e., Ui and Uj have the same symptom, they can mutually authenticate each other, and establish a shared key If Ti≠Tj, i.e., Ui and Uj have different symptoms, they cannot authenticate each other or establish a shared key

12 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Security Analysis In the random oracle model, Ni and Nj can be shown semantic security with the provable security technique, which is the base for achieving the impersonator resistant and detector resistant. impersonator resistant detector resistant “fellow sufferers sympathize with each other” in mHealthcare social network

13 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Performance Evaluation Scenarios: Since AP is not always available for a patient in mobile environment, those active patients, based on the same-symptom-based social relationship, can also help each other to relay their PHI. As a result, the PHI reporting delay can be reduced. Simulation area performance metric: the average PHI reporting delay (PRD), which is defined as the average time between when a PHI is generated and when it is successfully relayed to the eHealth center (the time to AP ≈ to center in simulation).

14 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Performance Evaluation Simulation Result: The average PRD of sociable patients is obviously less than those of unsociable patients. The higher the social ratio ρ, the lower the PRD. These results demonstrate that the MHSN has positive affect on PRD, and can be accepted by the mobile patients.

15 R. Lu, X. Lin, X. Liang and X. Shen, Secure Handshake with Symptoms-matching: The Essential to the Success of mHealthcare Social Network Conclusions In this paper, based on the bilinear pairings, we have proposed an efficient secure handshake scheme for mHealthcare social network (MHSN). Since the proposed secure handshake scheme won’t disclose each other’s symptom information if two patients don’t have same symptom, MHSN can be widely accepted by patients, so that they can enjoy the benefits brought by MHSN, such as eliminating the loneliness in our aging society and collaborative PHI reporting in mobile environment. Thank you!