SAKE: scalable authenticated key exchange for mobile e-health networks

Mobile e-Health Network (MHN) is an emerging cloud-aided networking application across the entire range of functions involved in e-Health systems. It is important to establish secure channels between users because the data transmitted in MHNs are private, for example, personal electronic healthcare records. It is of great significance to employ key management mechanism and encrypt the data before transmitting in MHNs. However, secure key management is challenging in MHNs because of its highly dynamic and large-scale nature. In this paper, we first model MHNs and formalize a hierarchical network architecture mirroring the administrative hierarchy and dynamic autonomy in MHNs in the real world. We next present a virtual MHN architecture with only three levels yet suitable to realistic MHNs with arbitrary hierarchical levels. By exploiting the virtual architecture, we propose an efficient authenticated key exchange framework to secure MHNs. We realize a scalable authenticated key exchange scheme with a dedicated variant of a recent hierarchical identity-based signature and the well-known Diffie-Hellman key exchange protocol. Theoretical analyses and experimental results show that scalable authenticated key exchange is secure and scalable and hence is practical to secure MHNs. Copyright (c) 2015 John Wiley & Sons, Ltd.