摘要
目的:针对医疗数据在无线信道传输过程中易被窃听甚至篡改的问题,提出一种椭圆曲线密码学(elliptic curve cryptography,ECC)与高级加密标准(advanced encryption standard,AES)混合加密算法。方法:发送方使用AES会话密钥加密医疗数据、ECC公钥加密AES会话密钥,使用SHA-1计算医疗数据的散列值,继而使用ECC公钥对散列值签名;接收方使用ECC私钥验证签名,接着使用ECC私钥解密AES会话密钥,再用AES会话密钥解密医疗数据。结果:该安全方案在加解密时间、安全强度及能源消耗方面均优于常规的ECC算法或RSA和AES混合加密算法,保证了医疗数据在传输过程中的机密性和完整性。结论:该混合加密方案能够满足无线医疗传感网低时间复杂度的需求,较好地实现了对患者数据和隐私保护的目的。
Objective To propose a hybrid encryption algorithm involving in elliptic curve cryptography(ECC) and advanced encryption standard(AES) to solve the problems of wiretapping and tampering of medical data in wireless channel transmission. Methods The sender used AES session key for medical data encryption and ECC public key for AES session key, and applied SHA-1 to obtaining the information summary of medical data and ECC public key to gaining information summary signature. The recipient employed ECC private key to verify the signature and then to decrypt AES session key, and finally decrypt medical data with AES session key. Results The proposed security solution gained advantages over the conventional ECC algorithm and hybrid cryptographic algorithm of RSA and AES in encryption and decryption time, safety strength and energy consumption, so that the confidentiality and integrity of medical data could be ensured during transmission. Conclusion The hybrid encryption scheme can meet the requirement of wireless medical sensor network in low time complexity, and realizes the protection of the patient data and privacy.
出处
《医疗卫生装备》
CAS
2017年第12期11-15,共5页
Chinese Medical Equipment Journal
基金
上海高校青年教师培养资助计划专项基金(ZZGCD15088)
关键词
无线医疗传感网
数据安全
隐私保护
ECC加密
AES加密
混合加密算法
wireless medical sensor network
data security
privacy protection
ECC encryption
AES encryption
hybrid encryption algorithm
