Internet of Health Things (IoHT) is a subset of Internet of Things (IoT) technology that includes interconnected medical devices and sensors used in medical and healthcare information systems. However, IoHT is susceptible to cybersecurity threats due to its reliance on lowpower biomedical devices and the use of open wireless channels for communication. In this article, we intend to address this shortcoming, and as a result, we propose a new scheme called, the certificateless anonymous authentication (CAA) scheme. The proposed scheme is based on hyperelliptic curve cryptography (HECC), an enhanced variant of elliptic curve cryptography (ECC) that employs a smaller key size of 80 bits as compared to 160 bits. The proposed scheme is secure against various attacks in both formal and informal security analyses. The formal study makes use of the RealorRandom (ROR) model. A thorough comparative study of the proposed scheme is conducted for the security and efficiency of the proposed scheme with the relevant existing schemes. The results demonstrate that the proposed scheme not only ensures high security for healthrelated data but also increases efficiency. The proposed scheme’s computation cost is 2.88 ms, and the communication cost is 1440 bits, which shows its better efficiency compared to its counterpart schemes.
The Internet of Health Things (IoHT) is a networked system that incorporates various biomedical devices, including smart wearables, implants, and ingestible electronics. These devices are integrated with appropriate software applications to facilitate the collection, analysis, and dissemination of physiological data through the internet [
Privacy and security issues often occur in IoHT systems because biomedical sensors and usercustomized devices are frequently involved in internetbased communication. The typical IoHT system architecture is shown in
To secure IoHT systems, authentication mechanisms based on the digital signature system can be implemented [
Authentication schemes are usually built using computingbased cryptographic operations like bilinear pairing, RivestShamirAdleman (RSA), and ECC, and then evaluated to see how well the proposed scheme works. These operations, on the other hand, have high computation and communication costs. As a result, HECC, an enhanced variant of ECC that employs 80bit keys, identities, and certificate sizes to give the same level of security as ECC, bilinear pairing, and RSA [
We propose an efficient anonymous authentication scheme in certificateless settings for IoHT systems.
To overcome constraints such as low processing capabilities associated with biomedical devices and sensors, the proposed scheme uses a publickey cryptography method based on the HECC concept.
The proposed scheme is secure against various attacks in both formal and informal security analyses. The formal study makes use of the RealorRandom (ROR) model.
Lastly, we show that the proposed scheme has lower costs for both computation and communication than relevant existing schemes.
The following section outlines the organizational structure of the remaining portions of the article. The literature review is further discussed in
This section focuses on the security and privacy concerns of the IoHT system while using an authentication scheme. Also, we have given the limitations of the scheme, which appear in this section’s literature review in
No.  Scheme  Limitations 

1  Chen et al. [ 
The problem of user anonymity High computational cost High communication overheads 
2  Jiang et al. [ 
Not safeguarded from password guessing attack Not withstand impersonation attack Not resisting the DoS attack Facing problems like improper login request verification 
3  Chen et al. [ 
This scheme does not ensure patient privacy Also, it does not provide the message authentication 
4  Chiou et al. [ 
This scheme does not ensure patient privacy 
5  Mohit et al. [ 
The scheme is susceptible to the forged inspection report Also, it cannot guarantee patient anonymity or data confidentiality 
6  Li et al. [ 
High computational cost High communication overheads 
7  Saeed et al. [ 
The scheme is vulnerable to a forgery attack 
8  Liao et al. [ 
High computational cost High communication overheads 
9  He et al. [ 
High computational cost High communication overheads 
10  Kasyoka et al. [ 
High computational cost High communication overheads 
11  Liu et al. [ 
High computational cost High communication overheads 
Chen et al. [
Saeed et al. [
All of the abovementioned solutions involve the use of cryptographic techniques; these schemes are mostly based on ECC and bilinear pairing, both of which have prohibitively expensive communication and computation costs. However, the proposed scheme is based on the concept of HECC, a more sophisticated form of ECC. HECC uses an 80bit key size, which is half as large as ECC’s key size, but it still offers the same level of security as ECC and bilinear pairing.
This section explains some of the key concepts and materials that will be used in constructing the proposed scheme.
In 1989, Koblitz introduced a group law for the Jacobian of a Hyperelliptic curve (HE). It is defined by the Jacobian of genus
It typically has
Suppose the random triple
Suppose the random tuple
In this section, the network model is provided first, followed by the construction and correctness of the proposed scheme.
Depending on the requirements, the network model of IoHT systems can be implemented in several topologies; one such networking architecture is shown in
APDR: The APDR will assess a patient’s health and generate healthrelated information. Following this, it sends its encrypted identity along with a public number send (
WBD: To register WBD, the user compute and send (
NMGR/Service Provider: When NMGR/Service Provider receives identity from both WBD and APDR, this entity will act as a key generation canter in certificateless cryptography and will be responsible for creating the partial private key for both WBD and APDR.
IoT Gateway: The IoT gateway router can be used to connect any things that communicate using wireless technologies.
The proposed scheme has been constructed on the basis of the following phases and all the symbols used in the construction is included in
S. No.  Symbol  Descriptions 

1  Security parameter with the size of 80 bits  
2  It is selected by NMGR from the finite field of hyperelliptic curve and set as his secret key  
3  This value is calculated by NMGR and then set as his public key  
4  It is set by NMGR and its work is that it is available in a network to each user  
5  It is used to perform the function (SHA 256) irreversible hash functions  
6  A selected hyperelliptic curve for this scheme with genus 2  
7  A finite field of the hyperelliptic curve for with genus 2  
8  It is used for divisor multiplication in hyperelliptic curve  
9  The secret value utilized by APDR  
10  The secret value utilized by WBD  
11  The identity utilized by APDR  
12  The identity utilized by WBD  
13  It represent the hash value as 

14  It represents the hash value as 

15  The public key pair utilized by APDR  
16  The public key pair utilized by WBD  
17  The private key pair utilized by APDR  
18  The private key pair utilized by WBD  
19  It represents the hash value as 

20  It represent the hash value as 

21  It is used for encryption functions by using the secret key 

22  It is used for the Shared secret key  
23  It is used for the decryption function by using the secret key 

24  It represents the cipher text  
25  It represents the plaintext 
Given an 80bit hyper elliptic curve parameter
In this phase, APDR and WBD will be registered using the following steps:
The APDR can compute
Compute
Calculate
Upon reception (
Also, compute
The WBD set the secret key as
After reception of (
As a receiver of (
Also, WBD can process its secret key as followed:
In this section, we provide the provable security based on Random Oracle Model (ROM) and informal security analysis, which are as follows.
Here, we are going to prove the confidentiality and unforgeability of our proposed scheme against the following two types of attackers by using the ROM.
Outsider Attacker (
Insider Attacker (
So, keeping in view the capabilities of the above attackers (
If
If
If
If
If
If
If
If
If
If
If
If
If
If
If
In the event that any steps of the simulation are avoided,
Otherwise, if
Note that,
On the other hand, if each of the independent events listed below occurs,
So, the probability of
Finally, we can get:
If
If
If
If
If
If
If
If
If
If
If
In the event that any steps of the simulation are avoided,
Otherwise, if
Note that,
On the other hand, if each of the independent events listed below occurs,
So, the probability of
Finally, we can get:
So, in the above equations,
On the other hand, if each of the independent events listed below occurs,
So, the probability of
Finally, we can get:
So, in the above equations,
On the other hand, if each of the independent events listed below occurs,
So, the probability of
Finally, we can get:
The proposed scheme is based on hash function and hyper elliptic curve discrete logarithm problem. The two main properties of the hash function are irreversibility and collision resistance. Suppose
For authentication, and if the equality of
This section compares the proposed scheme to other relevant schemes in terms of computation cost, communication cost, memory overhead and security functionalities.
In this section, we compare the proposed approach with the methods presented by Liao et al. [
Schemes  Sender  Receiver  Total 

Liao et al. [ 
1 EXP + 5 BPM  2 EXP + 4P + 1BPM  3 EXP + 4P + 6BPM 
He et al. [ 
5 BPM  2P + 4BPM  2P + 9BPM 
Kasyoka et al. [ 
4 EMUL  2 EMUL  6 EMUL 
Liu et al. [ 
6 EMUL  8 EMUL  14 EMUL 
Proposed  3 HEMUL  3 HEMUL  6 HEMUL 
Schemes  Sender  Receiver  Total (in ms) 

Liao et al. [ 
1 * 1.25 + 5 * 4.31 = 22.8  2 * 1.25 + 4 * 14.90 + 1 * 4.31 = 66.41  3 * 1.25 + 4 * 14.90 + 6 * 4.31 = 89.21 
He et al. [ 
5 * 4.31 = 21.55  2 * 14.90 + 4 * 4.31 = 47.04  2 * 14.90 + 9 * 4.31 = 68.59 
Kasyoka et al. [ 
4 * 0.97 = 3.88  2 * 0.97 = 1.94  6 * 0.97 = 5.82 
Liu et al. [ 
6 * 0.97 = 5.82  8 * 0.97 = 7.76  14 * 0.97 = 13.58 
Proposed  3 * 0.48 = 1.44  3 * 0.48 = 1.44  6 * 0.48 = 2.88 
In this part, the proposed scheme is compared to existing schemes proposed by Liao et al. [
Schemes  Signature size 

Liao et al. [ 
(m) + 6(G) 
He et al. [ 
(m) + 3(G) + (H) 
Kasyoka et al. [ 
(m) + 2(q) + 2(H) 
Liu et al. [ 
(m) + 6(q) 
Proposed  (m) + 2(n) + (H) 
Note: (m) = message, (H) = hash function, (q) = elliptic curve bits for single parameter, (G) = bilinear pairing bits for single parameter, (n) = hyper elliptic curve bits for single parameter (m) = 1024 bits, (H) = 256 bits, (q) = 160 bits, (G) = 1024 bits, (n) = 80 bits.
Schemes  Signature size  Total (in bits) 

Liao et al. [ 
(1024) + 6 * (1024)  7168 
He et al. [ 
(1024) + 3 * (1024) + (256)  4352 
Kasyoka et al. [ 
(1024) + 2 * (160) + 2 * (256)  1856 
Liu et al. [ 
(1024) + 6 * (160)  1984 
Proposed  (1024) + 2 * (80) + (256)  1440 
IoHT systems are used to exchange remote data for a variety of physical activities, including patient monitoring, treatment development, observation and counseling. In IoHT, communication, computing, and interoperability are provided through multiple sensors, actuators, and controllers, resulting in a seamless connection and efficient resource management. Traditional cryptographic techniques, on the other hand, are not practicable for the vast majority of IoHT deployments due to the restrictions of lowpower embedded devices. As a result, we proposed the CAA scheme, a security method based on the HECC in this article. The HECC method is effective with small key sizes and can be used in IoHT systems. The security analysis demonstrates the proposed scheme’s efficacy in preventing several cyberattacks. Second, comparing the proposed scheme with existing schemes is carried out in terms of computation and communication costs. The proposed scheme takes 2.88 ms to compute, compared to 89.21, 68.59, 5.82, and 13.58 ms for Liao et al. [
Nisreen Innab would like to express sincere gratitude to AlMaarefa University, Riyadh, Saudi Arabia, for supporting this research.
The author received no specific funding for this study.
The data supporting the conclusions of this article are included within the article.
The author declares that he has no conflicts of interest to report regarding the present study.