Secure E-Healthcare System Based on Lightweight Key Management and Proof of Authority Blockchain
DOI:
https://doi.org/10.22399/ijcesen.4140Keywords:
Permissioned Blockchain, Proof-of-Authority (PoA), Fog Computing, Privacy Preservation, Key Management, Healthcare Data SecurityAbstract
As Internet of Medical Things (IoMT) continues to evolve rapidly, ensuring secure health data exchange among diverse healthcare actors becomes essential, not only to protect sensitive healthcare data but also to safeguard user privacy and prevent unauthorized access. With IoMT transmitting sensitive data from home environments to specialist hospitals, the need for strong yet efficient protection has never been more urgent. IoMT healthcare environments require cryptographic algorithms to be robust and lightweight enough to run effectively on low-end devices. Traditional encryption techniques incur vulnerable centralized key management and typically significant delays and computational overheads, making them unsuitable for low-power IoMT devices designed for these constrained environments. In this paper, an innovative lightweight key management and encryption method is proposed. The proposed system employs Post-Quantum Ciphertext-Policy Attribute-Based Encryption (Q-PA-ABE) to generate a shared key and ensure fine-grained one-to-many access control. A permissioned blockchain with Proof-of-Authority (PoA) consensus is decentralized Key-Generation Authorities (KGCs) management and auditability, and fog computing is low-latency data relaying to secure data transfer after setting up the keys. A Python-based prototype was implemented to enable real-time key exchange and secure data transmission. Experiments show lowest gas consumption and archives efficiency of 1.16% and removes single points of failure, while ensuring auditable data logs, demonstrating secure and efficient healthcare data services for IoMT.
References
[1]Suryateja, P. S., & Rao, K. V. (2024). A survey on lightweight cryptographic algorithms in IoT. Cybernetics and Information Technologies, 24(1), 21-34.
DOI: https://doi.org/10.2478/cait-2024-0002.
[2]Benjamin, M. (2025). Lightweight Cryptographic Protocols for Secure IoMT Communication in Edge Networks.
[3]Radhakrishnan, I., Jadon, S., & Honnavalli, P. B. (2024). Efficiency and security evaluation of lightweight cryptographic algorithms for resource-constrained IoT devices. Sensors, 24(12), 4008.
DOI: https://doi.org/10.3390/s24124008.
[4]Kumar, A., & Sharma, D. K. (2020). Survey and Analysis of Lightweight Authentication Mechanisms. In Cryptography-Recent Advances and Future Developments. IntechOpen.
DOI: https://doi.org/10.5772/intechopen.94407
[5]Svandova, Katerina, and Zdenek Smutny. "Internet of medical things security frameworks for risk assessment and management: a scoping review." Journal of Multidisciplinary Healthcare (2024): 2281-2301.
DOI: https://doi.org/10.2147/JMDH.S459987.
[6] Deb, S., Lupu, E., Drakakis, E. M., Bharath, A. A., Leung, Z. K., Ma, G. R., & Chattopadhyay, A. (2025). Securing the Internet of Medical Things (IoMT): Real-World Attack Taxonomy and Practical Security Measures. arXiv preprint arXiv:2507.19609.
[7] Zhong, Y., & Gu, J. (2024). Lightweight block ciphers for resource-constrained environments: A comprehensive survey. Future Generation Computer Systems, 157, 288-302.
DOI: https://doi.org/10.1016/j.future.2024.03.054.
[8] Cai, D., Chen, B., Zhang, L., & Kan, H. (2024). BA-ORABE: Blockchain-Based Auditable Registered Attribute-Based Encryption With Reliable Outsourced Decryption. arXiv preprint arXiv:2412.08957.
DOI : https://doi.org/10.48550/arXiv.2412.08957.
[9] Zhao, L., Dong, G., & Yuan, H. (2025). A blockchain-based verifiable CP-ABE scheme for medical data privacy protection. Scientific Reports, 15(1), 27325.
DOI: https://doi.org/10.1038/s41598-025-13069-1.
[10] Almaiah, M. A., Hajjej, F., Ali, A., Pasha, M. F., & Almomani, O. (2022). A novel hybrid trustworthy decentralized authentication and data preservation model for digital healthcare IoT based CPS. Sensors, 22(4), 1448.
DOI: https://doi.org/10.3390/s22041448.
[11] Ge, C., Liu, Z., Susilo, W., Fang, L., & Wang, H. (2023). Attribute-based encryption with reliable outsourced decryption in cloud computing using smart contract. IEEE Transactions on Dependable and Secure Computing, 21(2), 937-948.
DOI: https://doi.org/10.48550/arXiv.2412.08957.
[12] Ahmed, S., & Ahmed, T. (2022). Comparative analysis of cryptographic algorithms in context of communication: A systematic review. International Journal of Scientific and Research Publications, 12(7), 161-173. DOI: https://doi.org/10.29322/IJSRP.12.07.2022.p12720.
[13] Shree, M. S., Shrinath, S., Anandh, R. V., Inbamalar, T. Comprehensive Comparison of Lightweight Encryption Algorithms for Energy-Efficient IoT Applications (2025). IEEE Int. Conf. on Advances in Modern Age Technologies for Health and Engineering Science (AMATHE) (pp. 1-7).
[14] Thakor, V. A., Razzaque, M. A., & Khandaker, M. R. (2020). Lightweight cryptography for IoT: A state-of-the-art. arXiv preprint arXiv:2006.13813. DOI:https://doi.org/10.29322/IJSRP.12.07.2022.p12720.
[15] Peivandizadeh, A., Y. Adarbah, H., Molavi, B., Mohajerzadeh, A., & H. Al-Badi, A. (2024). A secure key exchange and authentication scheme for securing communications in the Internet of Things environment. Future Internet, 16(10), 357.
DOI: https://doi.org/10.3390/fi16100357.
[16] Rancea, A., Anghel, I., & Cioara, T. (2024). Edge computing in healthcare: Innovations, opportunities, and challenges. Future internet, 16(9), 329. DOI: https://doi.org/10.3390/fi16090329.
[17] Guo, C., Gong, B., Waqas, M., Alasmary, H., Tu, S., & Chen, S. (2024). An efficient pairing-free ciphertext-policy attribute-based encryption scheme for Internet of Things. Sensors (Basel, Switzerland), 24(21), 6843. DOI: https://doi.org/10.3390/s24216843.
[18] Reffad, H., Djenaoui, A., & Alti, A. (2021). Distributed Secure Services Based on IoT and Blockchain for e-Health Remote Care. In Proc. Int. Conf. Computer Science’s Complex Systems and Their Applications, Oum El Bouaghi (Algeria) (pp. 25-26). CEUR-WS. org.).
[19] Wu, G., Wang, H., Lai, X., Wang, M., He, D., & Chan, S. (2024). A comprehensive survey of smart contract security: State of the art and research directions. Journal of Network and Computer Applications, 226, 103882.
DOI: https://doi.org/10.1016/j.jnca.2024.103882.
[20] Mallick, S. R., Lenka, R. K., Tripathy, P. K., Rao, D. C., Sharma, S., & Ray, N. K. (2024). Fog-assisted blockchain-iomt healthcare framework with role-based access control for critically ill patients. SN Computer Science, 5(6), 658. DOI: https://doi.org/10.1007/s42979-024-02987-y.
[21] Shahzad, A., Chen, W., Zhang, Y., & Kumar, R. (2025). Zero-Trust Medical Image Sharing: A Secure and Decentralized Approach Using Blockchain and the IPFS. Symmetry (20738994), 17(4).
DOI : https://doi.org/10.3390/sym17040551.
[22] Xie, Z., Li, Z., & Liu, X. (2025). SHARP: Blockchain-Powered WSNs for Real-Time Student Health Monitoring and Personalized Learning. Sensors, 25(16), 4885.
DOI : https://doi.org/10.3390/s25164885.
[23] Moulahi, W., Jdey, I., Moulahi, T., Alawida, M., & Alabdulatif, A. (2023). A blockchain-based federated learning mechanism for privacy preservation of healthcare IoT data. Computers in Biology and Medicine, 167, 107630. DOI: https://doi.org/10.1016/j.compbiomed.2023.107630
[23] Alabdulatif, A., Al Asqah, M., Moulahi, T., & Zidi, S. (2023). Leveraging artificial intelligence in blockchain-based e-health for safer decision-making framework. Applied Sciences, 13(2), 1035.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 International Journal of Computational and Experimental Science and Engineering
This work is licensed under a Creative Commons Attribution 4.0 International License.
