The Pseudonymous Certificates for Healthcare Systems

This study mainly modifies the butterfly key expansion (BKE) mechanism and applies it to the healthcare system. The system mainly includes a Root Certificate Authority (RCA), an Enrollment Certificate Authority (ECA), a Pseudonym Certificate Authority (PCA), a Registration Authority (RA), and End Entities (EEs)(i.e. user devices). Certificates can be issued by the RCA to the ECA, PCA, and RA to make them legal entities in the system. The ECA then issues device certificates (similar to identification cards for devices) to the EEs (e.g. blood pressure monitors). When patients use EEs to measure physiological information, the RA verifies that the EE is legal based on the issued multiple pseudonym certificates by the PCA. The EE then uses the pseudonym certificates to send physiological information to the RA, ensuring data integrity and non-repudiation, while also preventing identity information from being stolen. To verify the pseudonymous certificate-based healthcare system proposed in this study, the security of the system was verified using the security strengths defined by the National Institute of Standards and Technology (NIST) in the United States. Furthermore, as the BKE mechanism is primarily based on Elliptic Curve Cryptography (ECC), this study also verified the efficiency under different security strengths. Furthermore, under 256 of security strength, the mean computation time of key expansion is between 24186.584 microseconds and 57894.552 microseconds, so more than 18 public keys could be generated in one second.