Locally Verifiable Batch Authentication in IoMT

Internet of Medical Things (IoMT) technology has gained a lot of attention. In the IoMT system, IoT devices collect and upload patient data through sensors, and doctors treat them remotely. In this process, doctors need to verify the correctness of the patient’s body data in bulk, a function that requires aggregated signature technology to achieve. However, due to the limitation that traditional verification of aggregated signatures requires access to all messages, doctors cannot efficiently verify the correctness of a particular piece of data. This will result in a significant additional verification overhead. Therefore, the efficiency problem of data batch authentication remains unsolved but imperative. In this paper, we propose an identity-based locally verifiable aggregated signature, (ID-LVEAS), that enables efficient local verification of patient data in IoMT. Building on top of both hybrid hash and inverse framework, we instantiate an ID-LVEAS scheme and prove its security in the EU-CMA security model. Based on ID-LVEAS, we further propose ID-based locally verifiable signcryption (ID-LVASC) that supports both confidentiality and integrity. We also present an instantiation and an application into IoMT from the proposed ID-LVASC. We conduct extensive experiments on the ID-LVEAS and ID-LVASC design. The results show that both cost constantly 0.01s for the verification, independent of the number of messages, which means our research has great promise for application in IoMT.