International Journal on Advanced Science, Engineering and Information Technology

The existence of electronic health record in the Internet world can result in the emergence of potentially unauthorized users to access and abuse the data. Therefore, it is necessary to have a high level of security that can maintain the confidentiality of electronic health record data. In cryptography, the longer the key then, the higher the level of security achieved. However, this can lead to slow computing time. Therefore, we propose a security method with an identity-based encryption scheme that is built hybrid using elliptic curve cryptography (ECC) and elliptic curve integrated encryption system (ECIES) algorithms or can be abbreviated as IBE-ECC-ECIES. An additional feature of the proposed method is the creation of key pairs generated by the ECC algorithm and there is an identity that has been embedded in the key pair in order to increase the level of security and uniqueness of the key. This method has been compared based on analysis of performance, computation time and the level of security in the same environment. This method is another IBE hybrid scheme called IBE-ECC-AES. The results of the test showed that the proposed method was superior to 0.3 seconds compared to the comparison method in the key pair generation process. In addition, security in the proposed method can overcome sniffing and chosen-plaintext attacks.

electronic health record; IBE; ECC; ECIES; embedded key.

A. Shamir, “Identity-based Cryptosystems and Signature Schemes,†Adv. Cryptol. - CRYPT0 ’84, LNCS 196, pp. 47–53, 1985.

D. Boneh and M. Franklin, “Identity-Based Encryption from the Weil Pairing,†Proc. Crypto 2001, vol. 2139, pp. 213–229, 2001.

L. B. Oliveira et al., “TinyPBC : Pairings for authenticated identity-based non-interactive key distribution in sensor networks,†Comput. Commun., vol. 34, no. 3, pp. 485–493, 2011.

L. B. Oliveira, R. Dahab, L. Julio, F. Daguano, and A. A. F. Loureiro, “Identity-Based Encryption for Sensor Networks,†in Proceedings of the Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW’07), 2007.

A. Sudarsono, M. Yuliana, and H. A. Darwito, “A secure data sharing using identity-based encryption scheme for e-healthcare system,†in International Conference on Science in Information Technology (ICSITech), 2018, pp. 429–434.

G. Ateniese and P. Gasti, “Universally anonymous IBE based on the quadratic residuosity assumption,†Fischlin M. Top. Cryptol. – CT-RSA 2009, vol. 5473, pp. 32–47, 2009.

D. Boneh and C. Gentry, “Space-Efficient Identity Based Encryption Without Pairings,†in 48th Annual IEEE Symposium on Foundations of Computer Science, 2007, pp. 647–657.

C. C. Tan, H. Wang, and S. Zhong, “IBE-Lite : A Lightweight Identity-Based Cryptography for Body Sensor Networks,†IEEE Trans. Inf. Technol. Biomed., vol. 13, no. 6, pp. 926–932, 2009.

Himanshu, P. Yadav, and A. Bisla, “Identity-based Encryption,†Malaviya National Institute of Technology Jaipur, 2015.

National Institute of Standards and Technology (NIST), Recommendation for Key Management - Part 1 : General, vol. SP 800-57. 2007.

D. N. Purnamasari, A. Sudarsono, and P. Kristalina, “Secure Data Sharing Scheme using Identity-based Encryption for e-Health Record,†in 2018 International Electronics Symposium on Engineering Technology and Applications (IES-ETA), 2019, pp. 60–65.

S. Al-Alak, Z. Ahmed, A. Abdullah, and S. Subramiam, “AES and ECC mixed for ZigBee wireless sensor security,†World Acad. Sci. Eng. Technol., vol. 81, no. 9, pp. 535–539, 2011.

S. Sharma and V. Chopra, “Analysis of AES Encryption with ECC,†Int. Interdiscip. Conf. Eng. Sci. Manag., no. December, pp. 195–201, 2016.

B. Ji, L. Wang, and Q. Yang, “New Version of AES-ECC Encryption System Based on FPGA in WSNs,†Journal of Software Engineering, vol. 9, no. 1. pp. 87–95, 2014.

S. A. Abbas and A. A. B. Maryoosh, “Data Security for Cloud Computing based on Elliptic Curve Integrated Encryption Scheme (ECIES) and Modified Identity-based Cryptography (MIBC),†Int. J. Appl. Inf. Syst., vol. 10, no. 6, pp. 7–13, 2016.

K.-L. Tsai, F.-Y. Leu, T.-H. Wu, S.-S. Chiou, Y. Liu, and H.-Y. Liu, “A Secure ECC-based Electronic Medical Record System,†J. Internet Serv. Inf. Secur., vol. 4, no. 1, pp. 47–57, 2014.

M. Yuliana, G. Awaludinsyah, A. Pratiarso, and A. Sudarsono, “Design and Implementation of a Secured Personal Identity-based ECC and ECDSA : an Inpatient System,†Eur. Sci. J., vol. 11, no. 21, pp. 473–483, 2015.

M. Rinaldi, Kriptografi. Institut Teknologi Bandung, 2006.

C. Research, “Standards for efficient cryptography - SEC 2 : Recommended Elliptic Curve Domain Parameters,†2000.

A. Sebastian, “Implementasi dan perbandingan performa algoritma hash SHA-1, SHA-256, dan SHA-512.†Institut Teknologi Bandung, pp. 1–18, 2007.

L. Zachariah, “Analysis and comparison of ECC & ECIES using IBE for securing patient’s privacy,†vol. 2, no. 6, pp. 43–47, 2012.