PUF-PSS: A Physically Secure Privacy-Preserving Scheme Using PUF for IoMT-Enabled TMIS

Abstract

With the development of telecare medical information system (TMIS), doctors and patients are able to access useful medical services via 5G wireless communications without visiting the hospital in person. Unfortunately, TMIS should have the essential security properties, such as anonymity, mutual authentication, and privacy, since the patient’s data is transmitted via a public channel. Moreover, the sensing devices deployed in TMIS are resource-limited in terms of communication and computational costs. Thus, we design a physically secure privacy-preserving scheme using physical unclonable functions (PUF) in TMIS, called PUF-PSS to resolve the security requirements and efficiency of the existing related schemes. PUF-PSS prevents the security threats and also guarantees anonymity, key freshness, and authentication. We evaluate the security of PUF-PSS by performing formal and informal security analyses, including AVISPA implementation and ROR oracle model. We perform the test bed experiments utilizing well-known MIRACL based on a Raspberry PI 4 and compare the communication and computational costs of PUF-PSS with the previous schemes for TMIS. Consequently, PUF-PSS guarantees better efficiency and security than previous schemes and can be applied to TMIS environments.