Efficient Pairing-Free Certificateless Signcryption Scheme for Secure Data Transmission in IoMT

The Internet of Medical Things (IoMT) builds a bridge between patients and doctors, facilitating patients’ being diagnosed and monitored by uploading physiological indicators without visiting the hospital. However, physiological indicators are sensitive data of patients, making it a challenge to achieve verifiability of data sources while ensuring data privacy during data transmission of IoMT. Due to its ease of deployment and the ability to provide both encryption and signature, certificateless signcryption (CLSC) is suitable for designing secure data-transfer protocol in IoMT. Nevertheless, internal adversaries “malicious users” and “malicious KGC,” capable of launching Type I and Type II attacks, threaten the security of present CLSC schemes, making most of them insecure. In this work, after giving an example of a recent CLCS scheme suffering Type I attack, we propose an efficient pairing-free CLCS scheme suitable for secure data transmission in IoMT based on the idea of zero-knowledge proof. It not only provides confidentiality and unforgeability of transmitted data under the Type I and Type II attacks but also achieves lower computational and communication overhead, and public verifiability. Finally, compared with the five recent CLSC schemes, theoretical analysis and experimental testing results show that the proposed scheme outperforms the other five schemes in terms of computation and communication costs as well as security. Therefore, our scheme is better suited for constructing secure data transmission in IoMT scenarios.