Nevertheless, it can still LY188011 impersonate user by generating false guarantees (e.g., false public keys). Level 3: the authority cannot compute users’ secret keys, and it can be proven that it generates false guarantees of users’ if it does so.According to these definitions, we can easily find that the conventional certificateless cryptography can reach Level 2, and a traditional PKI can achieve Level 3 while the ID-PKC falls into Level 1.2.4. Model of Certificateless AuthenticationA certificateless authentication scheme consists of six probabilistic, polynomial time algorithms: Setup, User-Key-Generation, Partial-Key-Extract, Set-Private-Key, Set-Public-Key, and Authentication. These algorithms are defined as follows.Setup. Taking security parameter k as input, the authority returns a list of public parameters param and a randomly chosen master secret key msk.

User-Key-Generation. Taking a list of public parameters param as input, the user returns a secret key sk and a public key pk.Partial-Key-Extract. Taking param,msk, user’s identity ID, and pk received from the user as inputs, the authority returns a partial private key DID and a partial public key PID. Set-Private-Key. Taking param, DID, and sk as inputs, the user returns a private key SKID. Set-Public-Key. Taking param, PID, and pk as inputs, the user returns a public key PKID. Authentication. Taking identity, private key of the sender, and a list of parameters param as inputs, the receiver verifies the legality of the sender by its public key.

This model is similar to that of [15] but with a crucial difference that User-Key-Generation algorithm must be run prior to the Partial-Key-Extract algorithm, which makes the scheme achieve Girault’s trust level 3.3. Our ProtocolIn this section, we propose a certificateless authentication scheme without bilinear pairing to ensure the legality of Patient and Doctor by the MS.3.1. ConstructionThe GSK-3 proposed scheme involves three entities: Patient, Doctor, and MS. Before Patient obtains the wearable medical sensor at the first time, MS presets the IDP, SP 0,1m and IDD, SD 0,1m into Patient’s sensor and his/her doctor’s health professional hand-held device through the secure channel as their identities and the serial numbers of equipments, respectively. Besides, these two serial numbers will be preserved secretly by themselves. The details of our certificateless authentication scheme are as follows.We show the initialization phase of this protocol in Figure 1.Figure 1Initialization phase.Setup. The MS generates a large prime p, which makes the DL and CDH problems in the cyclic additive group G with generator P of order p be intractable.