INTRODUCTION TO CRYPTOGRAPHY

The 5G (fifth generation) network are the newest standard of mobile telecommunication that
is being deployed on the earth. 5G networks provide speed, capacity, and scalability, which
have an efficient effect on energy consumption and provide quality of service (QoS) and
amount of device communication [1,2]. A device connects with a small base station through
high-band spectrum technology and device-to-devices communication [1,3,4]. 5G network
will have a huge impact on connected services and devices through higher reliability,
connectivity, and storage [5]. Internet of things (IoT) arrange object as a part of network
settings in a distributed network. IoT has become a concept of enclosing several technologies
and a network between objects and human beings, which can interact and cooperate with
other device to communicate and share information. The vision of next-generation 5G
wireless communication lies in providing very high data rate, extremely low latency,
manifold an increase in base station capacity, and significant improvement in user’ perceived
quality of service compared to current 4G LTE networks [6]. 5G can significantly increase
the capacity and speed to provide reliable and speedy connectivity to the future IoT and,
moreover, provide reliable connections to thousands of devices at the same time [7]. 5G will
be able to provide a massive connection of Internet of Things (IoT), where billions of smart
devices can be connected of Internet [7]. However, security and privacy issues of transmitted
information between the objects are rising these years because wireless communications are
vulnerable to many adversarial attacks, which is an important transmitting media of IoT
networks.

Medical healthcare system currently has many challenges, such as infrastructure, connection,
professional requirements, data managements, real-time monitoring, etc., and each challenge
affects the quality of healthcare services [8]. Application of 5G networks have been expanded
rapidly, including in healthcare, and IoT with 5G environments provides solutions for
network layers, including enhancing QoS to solve the challenges above [1,4]. On the other
hand, the importance of healthcare-related privacy preservation is rising. If the work of
privacy preservation fails, not only will medical institutes have economic and credibility loss
bus also property losses and even the lives of patients will be harmed. Maintaining the
privacy of the patient data, which is usually stored in conventional system and difficult to
share due to varying standards and data formats, is one of the important sectors of health care
industry. If the healthcare information of the patients is the key to finding medical treatments,
maintaining the privacy of patient data becomes a central issue that determines the success of
medical practices [8].

Emergency medical services (EMS) holds an assignable proportion in our lives, which has
become a complex network of all type of professionals, including care in ambulance,
servicing as educators, practicing community paramedicine, and conducting research [9].
EMS has to be the first to respond and take care of minor and major injured patients while
attending to calls coming from different situations, such as accidents, natural disasters,
terrorism, pandemics, and patient transport. The state of California Emergency Medical
Service Authority of US developed a search, alert, file, and reconcile (SAFR) model to reach
goals of bidirectional data exchange between the EMS and the health information exchange
(HIE) organization to enhance prehospital treatment, prehospital decision-making, better
longitudinal patient record, and overall care [10]. The 5G network has the potential to bring
benefits to individuals, organizations, and society, which enables ambulances to connect a
patient who wears wearable devices to emergency department of destination hospital.
Measured biodata is collected at the incident scene and transmitted to the servers of the
destination hospital when the patients is been transported, which can allow the medical
professional team at the destination hospital to immediately realize the condition of the
patients, the prehospital treatment performed by the medical professional on an ambulance
and help decision-making. Measured biodata can be interconnected with hospital information
system, laboratory information system, geographic information system, picture archiving and
communication system, geographic information system, picture archiving and
communication system, and document management system, which enable medical
professionals in destination hospital to realize the historical medical record of patients, decide
first-aid information, and issue examination sheets. 5G network with EMS can simplify the
medical treatment process and improve the efficiency of patient treatment [11].

This paper proposes a privacy-preserved ID-based secure communication scheme in 5G-Iot

telemedicine system that can achieve the features below. (i) The proposed scheme allows
emergency signals to be transmitted immediately with decreasing risk of secret key leakage;
(ii) the information of the patients and their prehospital treatment can be securely transmitted
while transferring the patient to the destination medical institutes; (iii) the quality of
healthcare services can be assured while preserving the privacy of the patient; (iv) the
proposed scheme supports not only normal situations but also emergencies. (v) the proposed
scheme can resist potential attacks. the remaining organization of paper is sketched below.
telemedicine system, federal identity management mechanisms, key insulation, and
Chebyshev chaotic maps are introduced in Section 2. Section 3 introduces the proposed
scheme, and security and performs analysis are detailed in Section 4 and 5. Finally, the
conclusion is drawn in section 6.

2. Related Works

Telemedicine systems are a combination of healthcare electronic messaging and

telecommunication technologies [8, 12, 13]. Patients can transmit healthcare related
information, which is usually important sensitive and private, to healthcare services through
public network while using telemedicine system [8,12,13]. This the medical professionals are
able to know the health condition of the patients immediately and following up on the
healthcare condition of the patients become more convenient than before [12]. A general
telemedicine system in 5G-IoT environments includes three types of telemedicine, which are
synchronous telemedicine, synchronous telemedicine, and remote health monitoring [2,14].
Synchronous telemedicine allows the patient and the medical professional to communicate
directly through telecommunication technology, such as Microsoft Teams (version 1.5,
Microsoft Corporation, Washington, US), Cisco Webex (version 42.9, Cisco system, San
Jose, California, US), Zoom (version 5.11, zoom video communications, Inc., San Jose,
California, US), etc. Asynchronous telemedicine means that the medical professional can
follow up on the patients health condition through biodata continually transmitted by the
patient and stored and analysed by the server in the medical institute. Furthermore, the system
can automatically notify the medical professional when the patients health condition turns
bad after analysing and predicting the biodata. Remote health monitoring allows the medical
professional in real-time to monitor the patient's health condition, and the medical
professional can receive an alert immediately if the emergency happens to the patient through
this type of telemedicine. This paper focuses on scenarios of remote health monitoring and
asynchronous telemedicine. Meanwhile, data transmission security will be discussed, search
has eavesdropping, man-in-the-middle (MITM) attack, data tempering attack, message
modifying attack, data inspection act, etc. [8,15]. Technical supporter is not enough though
famous regulation providing personal information privacy has been announced [8,15].

Sameer introduced an identity-based (ID-based) cryptosystem [16], and an ID-based

cryptosystem derives the users public key from the public and unique information of the user.
Gentry et al. developed hierarchical ID-based cryptography (HIDC) based on the original ID-
based cryptosystem, and HIDC it has been proven to reduce the loading of private key
generation and the risk of key escrow [17]. Several works has been proposed in the last 2
decades [18-21], including Santo et al.’s work, which is the lightweight federal identity
management mechanism for IoT [22]. Moreover, Lin and Hsu [8] proposed a hierarchical ID-
based cryptography for federal identity management in medicine in a 5G-IoT environment,
which includes IoT gateways in the system structure. The proposed scheme applies a similar
system that the smart lamp replaces IoT gateway in the work of Lin and Hsu [8], and the
scenario of the proposed scheme includes an emergency that is not included in Lin Hsu’s
work [8].

Key insulation, which is introduced by Dodis etc al., of the effective solution to a key
exposure problem [23]. More and more wearable healthcare devices are used, and they only
have limited resource to protect keys. Any malicious adversary can easily obtain the key
information of the user or devices, which leads to key exposure problem. Once a private key
is compromised, malicious adversary has the chance to use the expose privacy key to submit
a legitimate request [24]. In public key cryptosystem that is key-insulated, receiver has 2
types of security key, a decryption key and a helper key. The descriptive key is a short-term
key for decrypting ciphertext and in a periodical update by the helper key, which is encrypted
at some time period, by using a decryption key update by the helper key at the same time
period. The decryption key is stored in a powerful but insecure device such as portable
healthcare device, and the helper key is stored in a physical secure but computationally limit
device called a helper, such as smartphone. Key-insulated encryption can significantly reduce
the impact of the key exposure problems, and many researchers has taken several approaches
to realise secure key-insulated cryptosystems. Many cryptographers has proposed several
types of key-insulation cryptography schemes, search has symmetric-key-based key-
insulation encryption [23], key-insulated signatures [25], parallel key-insulated hey
encryption [24,26] etc.

A chaotic system has features that can correspond to important features, confusion and
diffusion of cryptosystems [27-29]. First, the result of chaotic system is unpredictable is
small changes its initially values happen [27,30]. Second, a chaotic system is a complex
oscillation [27,30]. Third, chaotic system has a qualitative change of characters of solutions
[27,30]. Cryptosystem based on Chebyshev chaotic maps has been widely discussed for
decades, including lightweight solutions [13,28,29,31-33]. Mathematical definitions of
Chebyshev chaotic maps are given in Table 1 [13,28,29,31-33]. Proposed schemes in this
paper apply extended Chebyshev chaotic maps that satisfies definition in Table 1.

Table 1. Mathematical definitions of Chebyshev chaotic maps.

3. Proposed scheme

In this paper, a scenario that includes a patient Pai, a smart lamp SLj, an ambulance Aij, under
server of a medical institute (MS) is focused has illustrated in Figure 1.

Figure 1.

Once an emergency occurs to the patient, an emergency signal is sent by the variable
device(s) to a nearby smart lamp, and then the smart lamp transmits a signal to the nearest
medical institute. another way of the smart lab to send an emergency signal is for other
passers-by nearby the patient to press the emergency button on the smart lamp, has in Figure
2. After receiving the signal, a medical institute resolves the location of the patient, transmits
related information to EMS staffs, and assigns an ambulance to the site. After EMS staff
moves the patient into the ambulance, EMS cancel information about the patient, including
status and prehospital treatment to the destination medical institute. The staff of emergency
department at the destination medical institute can provide proper treatment according to the
information of the prehospital treatments after receiving the patient. The interaction between
5G link and a core network should be secure, which may be granted by function in the core
network, but secure communication between 5G links and a core network is not discussed in
a proposed scheme.

Figure 2.
The proposed scheme has five phases: system initialization phase, registration phase, key
update face, emergency signal sending phase, and ambulance communication phase. I the
system initialization phase, the server of the medical institute (MS) generates essential
parameters in functions. The patient (Pai), smart lamp (SLij), and an ambulance (Aij) becomes
legitimate parties through a registration phase. In the key update phase, a patients (Pa i’s)
smartphone can help a patient (Pai) update keys and secure a component in the smart lamp
that can help the smart lamp (SLj) update key. In in the secure ambulance communication
phase, the ambulance (Aij) and the smart lamp (SLj) authenticate each other and establish a
session key for systematic encryption for communication and transmitted information on the
status and prehospital treatments. Notations are defined in Table 2.

Table 2.

3.1 System initialization phase

In the system initialization phase, a server of a medical institute (MS), which provides
telemedicine services and is certified by a health care certification authority, set up
parameters by performing the following steps.

Step 1: The healthcare certification authority issues a certificate Certificate HCA→MS to the
server of the medical institute (MS) that provides telemedicine services and is certified by a
healthcare certification authority.

Step 2: The server of the medical institute (MS) generates secret values (sMS , ωMS) ϵ Z*p’ a big
prime p, and a random number xϵ (-∞, +∞) and computer PMS and PHS according 2
mathematical definitions and extended Chebyshev polynomials in Table 1.

PMS = TsMS (x) mod p (1)

PHA = TωMS (x) mod p (2)

Step 3: the surface of the medical institute (MS) chooses a schematic encryption algorithm E k
(.), a symmetric decryption algorithm Dk(.), collision-resistance one-way hash functions
(H0(.), H1(.), H2(.)) where H : {0,1}* → {0.1}n that take a binary string q ϵ {0,1}* arbitrary
length has input and produces a binary string Hq ϵ {0,1}n as an output, and a collusion-
resistance secure one-way chaotic keyed hash function hk (.).
Step 4: The server of medical institute (MS) output public parameters {PMS, PHA, p, x, H0 (.),
H1(.), H2(.), hk (.), Ek (.), Dk(.)} and private parameters (sMS, ωMS).

Step 5: The smart lamp (SLj) generates two large random primes (pj, qj), and φj. Then, the
smart lamp (SLj) selects a random integer ej, where 1 < ej < φj and gcd (ej, φj) = 1, and make it
public. After that, the smart lamp (SLj) computes dj, where 1 < dj < φj and ejdj ≡ 1 (mod φj and
ejdj ≡ 1 (mode φj) and keep dj secretly.

3.2 Registration phase

In this phase, the patient (Pai) and the smart lamp (SLj) interview with the server of a medical
institute (MS) for registration, and the ambulance (Aji) interacts with the smart lamp (SLj) for
registration via a secure channel. To deal with registration request submitted by patient (Pa i)
and the smart lamp (SLj) and a certificate Certificate MS→SLj via a secure channel while
computing and sending σI to the patient (Pai). The ambulance (Aij) submits registration
information to the smart lamp (SLj), and the smart lamp (SLj) verifies the ambulance’s (Aij)
legitimacy then issue private key (Sij) and certificate Certificate SLj→Aij. Detailed description
are stand as follows and illustrated in Figure 3.

Figure 3.

Step 1: The patients, Pai, chooses and identifier, PIDi, and a random number, ri ϵ Z*p, and
computer αi. After that, the patient Pai, sends (PIDi αi) to the server of a medical institute
(MS). Meanwhile, the star smart lamp, SLj, chooses an identifier, SLIDj, and submits to the
server of a medical institute (MS).

αi = Tri (x) mod p (3)

Step 2: After receiving (PIDi, αi) from the patient (Pai) and SLIDj from the smart lamp (SLj),
the server of medical institute (MS) computes the elements below. Then, the server of
medical institute (MS) returns (Si, 0, σi) to the patient (Pai) and Sj with Certificate MS →SLj,
which generated by the server of a medical institute (MS), to the smart lamp (SL j).

βi = TsMS (αi) mod p (4)

Si, 0 = H0 (PIDi \\ βi) ωMS H0 (PIDi \\ βi) (5)

σi= PMS H0 (PIDi \\ βi) (6)

 Vj = H0 (SLIDj) (7)

Sj = TsMS (Vj) mod p (8)

Step 3: The smart lamp (SLj) chooses a random number sj ϵ Z*p as a secret value and compute
Wj and store Certificate MS →SLj.

Wj= Tsj (x) mod p (9)

Step 4: The ambulance (Aij) chooses an identifier (AIDij) and a random number (sij ϵ Z*p) as a
secret value, computes Wij, and sends (AIDij, Wij) to the smart lamp (SLj).

Wij= Tsj (x) mod p (10)

Step 5: After receiving AIDij from the ambulance (Aij), the smart lamp (SLj) checks the
format of AIDij. If AIDij, then generates the Certificate SL →Aij from the Certificate MS→ SLj, and
sends (Sij, Certificate SL →Aij) to the ambulance (Aij) via a secure channel.

Vij = H1 (Wij, SLIDj) (11)

Sij= Sj Tsj (Vij) mod p (12)

Step 6: The ambulance (Aij) stores (Sij, Certificate SLj →Aij).

3.3 Key update phase

The patient’s ( Pai ' s) smartphone can help the patient ( Pai) update keys through
following the steps as illustrated in Figure 4.

Figure 4. Key update phase.

Step 1: The smartphone computes and sends the helper key HK Pa , b i as below. i

HK Pa ,b i, = ω MS ¿( PIDi ‖bi ¿ - H 0( PID i ‖bi – 1)]

i
(13)

Step 2: After receiving HK Pa ,b i, the patient ( Pai) computes S Pa , b i to update the key.
i i

S Pa , b i=¿ S Pa , b i+ ¿ HK Pa ,b i
i i i
(14)
3.4 Emergency Signal Sending Phase

When an emergency happens to a patient ( Pai) outdoors, the patients ( Pai) can
commission a nearby smart lamp (SL j ) to sign and send an emergency signal ( EM i) to a
server of a medical institute (MS). The server of the medical institute (MS) can verify the
message from patient ( Pai) through the following steps as illustrated in Figure 5.

Figure 5. Emergency signal sending phase.

Step 1: The patient generates a signed emergency signal. The patient ( Pai) computes (
σ Pa 1 , σ Pa 2) as below and sends (σ Pa , ω ¿ to the smart lamp ( SL j) that ω is a warrant including
i i i

delegation information generated by patient ( Pai).

σ Pa 1=¿ S Pa , b r i H 1 ( EM i )
i i i
(15)

σ Pa 2=α i i
(16)

σ Pa = (σ Pa 1 , σ Pa 2 , EM i , bi ¿
i i i
(17)

Step 2: The smart lamp transmits a signed emergency signal. After receiving (σ Pa , ω ¿ i

, the smart lamp ( SL j) computes (σ SL 1 , σ SL 2 , σ SL 3 ¿ as below and sends (σ SL ,ω ) to the server

j j j j

of the medical institute (MS).

σ SL 1= σ Pa 1 SSL , b r i H 2 (EM i )r i H 1 (ω )
j i j j
(18)

σ SL 2=¿ σ Pa 2αi
j i
(19)

σ SL 3=α i
j
(20)

σ SL =(σ SL 1 , σ SL 2 , σ SL 3 , EM i , bi ,b j )
j j j j
(21)

Step 3: The server of the medical institute verifies the signed emergency signal. After
receiving (σ SL ,ω ), the server of the medical institute (MS) verifies the message as below. If it
j

holds, the server of the medical institute (MS) can confirm that the message was sent from
the patient ( Pai). The server of the medical institute (MS) utilizes information from the smart
lamp (σ SL 1 , σ SL 2 , σ SL 3 , EM i , b j) to compute verification parameters ( v 1 , v 2 , v 3 , v 4 , v 5 , v 6 , v 7).
j j j
In addition, the smart lamp ( SL j) send information of the owner of the emergency signal
patient Pai and b i, so the medical (MS) is able to compute the verification parameter, v 3.
Finally, the medical institute (MS) verifies the validity of the emergency signal by checking
the equality between v 1and ( v 2 , v 3 , v 4 , v 5 , v 6 , v 7 ) with P MS and P HA. The process of
verification can be referred to in [35], which has been proven.

v 1=T σ 1(x) mod p SL j

(22)

v2 = T H 0
(PIDi ‖ σSL ) j2
(x) mod p (23)

v 3= T H 1
(PIDi ‖bi ) (x) mod p (24)

v4 = T H 1
(EM i ) (x) mod p (25)

v5 = T H 0
(SLID j ‖ σ SL 3) j
(x) mod p (26)

v6 = T H 1
(SLID i ‖b j ) (x) mod p (27)

v7 = T H 2
(EM i ) (x) mod p (28)

v 1 ? = v 2 P MS v 3 P HA v 4 σ P v 5 PMS v 6 P HA v 7 σ SL 3
i j
(29)

3.5. Secure Ambulance Communication Phase

After the ambulance ( Aij ¿ picks up the patient ( Pai), the ambulance ( Aij ¿ can initiate
communication with the server of the medical institute (MS) through the smart lamp ( SLt).
The smart lamp ( SLt) and the ambulance ( Aij ¿ will execute mutual authentication to ensure
further interaction between the smart lamp ( SLt) and the ambulance ( Aij ). Detailed
descriptions are stated as follows and illustrated in Figure 6.

Figure 6. Secure ambulance connection phase.

Step 1: The ambulance requests for communication. The ambulance ( Aij ¿ chooses a
random number (a ij ¿, computes μij and C t, and sends (C t, AIDij) to the smart lamp ( SLt) .

μij = T S (aij ) mod p

ij
(30)
 C t = (T e ( μij ‖aij‖Certificate SL → A ¿ mod p) Pt
t j ij
(31)

Step 2: The smart lamp verifies the request. After receiving (C t, AIDij), the smart
lamp ( SLt) obtains ( μij ‖aij‖Certificate SL → A ¿ by decrypting Pt and verifies if the
j ij

Certificate SL → A is valid. If the Certificate SL → A is valid, the smart lamp ( SLt) progresses to
j ij j ij

the steps below, or the smart lamp ( SLt) abandons the request.

( μij ‖aij‖Certificate SL → A ¿ = ¿ (C t ) mod p) / Pt

j ij
(32)

Step 3: The smart lamp establishes session key. The smart lamp ( SLt) computes (ω t ,
sk SL ↔ A , P j, Pij , Pt , k, MAC SL ) and sends ( MAC SL , ω t) to the ambulance ¿).
t ij t t

ω t = T d (a ij) mod p t
(33)

sk SL ↔ A = H 2 ¿
t ij
(34)

P j = H 1( SLID j ) (35)

P j = H 1 ¿) (36)

Pt = H 0( SLIDt ) (37)

k = ( P j ‖W 0)⊕( Pij ‖W i ¿ ⊕ (P ¿ ¿ t ‖W ij )⊕¿ ¿ ω t) (38)

MAC SL = h k ( P j, Pij, μij )

t
(39)

Step 4: The ambulance verifies the session key, After receiving ( MAC SL , ω t ) the t

ambulance ( Aij ) computes ( sḱ SL ↔ A , ḱ ) and verifies MAC SL .If the result of the verification is
t ij t

true, the ambulance ( Aij ) computes MAC A and sends MAC A to the smart lamp ( SLt).
ij ij

sḱ SL ↔ A =H 2 ¿
t ij
(40)

ḱ = ( P j ‖W 0)⊕( Pij ‖W i ¿ ⊕ (P ¿ ¿ t ‖W ij )⊕¿ ¿ ω t) (41)

h ḱ ( P j, Pij , μij ) ? = MAC SL t

(42)

MAC A = h sḱ ij SLt ↔ Aij

( Pij, Pt , w t ) (43)

Step 5: The smart lamp confirms the session key. After receiving MAC A , the smart ij

lamp ( SLt) verifies MAC A . If the result of the verification is true, a mutual authentication and
ij

key agreement is completed.

 hsk SLt ↔ Aij
( Pij, Pt , w t ) ? = MAC A ij
(44)

4. Security Analysis

This Paper applies the random oracle model [36] and BAN logic [37] for former security
proof. The random Oracle model [36] is used to provide the security of the emergency signals
sending phase, and BAN logic [37] is used to prove the secure authentication of the secure
ambulance communication phase. Note that the process of the random oracle model proof
[36] can refer to other works using the random oracle model, including Liu’s work [38],
because of a similar process of proof that aims to prove that the scheme can against
eavesdropping attack to the Diffie-Hellman key exchange scheme. In addition, the process of
BAN logic [37] can refer to other works using BAN logic, including Lee et al.’s[32] and Lin
and Hsu’s[13] works, because of the similar process of proof that aims to prove that
principals in scheme can believe established session keys. This Paper will not describe the
random Oracle model and the BAN logic proof in detail. Informal security presence
theoretical analysis that are present for proof of fulfilment of the security requirements of the
proposed scheme.

4.1 Security of Secret Key

Assume and adversary wants to obtain the master security key obtained by the server of
mechanical institute (MS), the smart lamp (SL j), and the ambulance (Aij), such that PMS = TSms
(x) mod p and Wj = Tsj (x) mod p. The adversary must have to solve the question based on
CMDLP. If the adversary wants to obtain the smart lamp’s (SL j’s) secret key, the adversary is
required to solve the question based on CMDLP. On the other hand, the smart lamp (SL j)
generates the secret key for the ambulance (A ij) by performing Sij = Sj Tsj (Vij) mod p. The
smart lamp (SLj) is able to know the ambulance’s (Aij’s) secret key.

4.2 Key Confirmation and Security of Session Key

The ambulance (Aij) can check the session key (skSL↔Aij) by MACSLt ? = hk, (Pt, Pij, μij), and
the smart lamp (SLt) can also check the session key (skSL↔Aij) through MACAij ? = hsk SLt↔Aij
(Pij, Pt, ωt) in the proposed scheme. If the adversary wants to obtain the session key (sk SLt↔Aij),
the adversary has to solve CMDHP. Moreover, the session key (sk SLt↔Aij) is not the same
every time because of the random number (a ij). As a result, the proposed scheme achieves key
confirmation while securing the session key.
4.3. Preventing Key-Compromise Impersonation Attacks

The ambulance’s (Aij’s) random number (sij) can be stored in the onboard unit of them
ambulance, which is hard to obtain information. On the other hand, the adversary cannot
obtain k due to not knowing s t, and afterwards, the process cannot be completed by the
adversary. As a result, the proposed scheme can prevent key-compromise impersonation
attacks.

4.4 Mutual Authentication

In the secure ambulance communication phase, the ambulance (A ij) and the smart lamp
(SLt)compute their session key k by public parameters (SLID t, AIDij, Wij, SLIDj). In addition,
each party generates a message authentication code (MAC SLt) and MACAij by k and skSLt↔Aij
respectively to verify each other’s validity. Moreover, because of the feature of HIDC, the
smart lamp (SLt) can realize that the ambulance (Aij) comes from the cloud services provider
by public parameter AIDij.

4.5 Preventing MITM Attack

In order to prevent an MITM attack in the secure ambulance communication phase, the
ambulance (Aij) and the smart lamp (SLt) can confirm whether the message is resent,
modified, and replaced, by checking the information through message authentication code
MACSLt and MACAij. This means that the adversary cannot modify the message authentication
code MACSLt and MACAij without the session key skSLt↔Aij. Thus, the proposed scheme can
prevent an MITM attack.

4.6 Unforgeability

If the adversary wants to forge a validated anonymous identity, the adversary has to acquire
smart lamp’s (SLj’s) secret (sj) and private key (Sj). The adversary has to solve CMDLP if the
adversary wants to compute the smart lamp’s (SL j’s) secret (sj) and private key (Sj) from
public parameter (Wj).

4.7. Without Assistance of Registration Centre

The registration centre (RC) third party for both sides of communication after the registration
phase. A privilege or malicious insider attack may occur if the adversary is in the RC, and
some risks may be led to, search has message leakage, verification stolen, etc. If a privilege
or malicious insider attack occurs in a telemedicine system, the patient's privacy and security
may be damaged. Although works related to security of 5G networks has been proposed
recently [3,4], the RC is included in the system structures of these works, which is no
different from conventional network. In the proposed scheme, the hierarchical system
structure was introduced, which is suitable for 5G network without a RC or a trusted third
party.

4.8 Resistant to Bergamo et al,’s Attack

Bergamo et al. proposed an attack on Chebyshev chaotic map-based cryptosystem based on

two reasons has below [39]. First, an adversary is able to obtain related elements (x, a ij, μij,
ωj). Second, several Chebyshev polynomials go through the same point due to the periodicity
of the cosine function. In the proposed scheme, an adversary is unable to obtain any related
elements (x, aij, μij, ωj) because of being encrypted in transmitted messages where only the
ambulance (Aij) and the smart lamp (SLj) can retrieve the decryption key. Moreover, the
proposed scheme utilises extended Chebyshev polynomials proposed by Zhang [34], in which
the periodicity of the cosine function can be avoided. As a result, the proposed scheme can
resist attack proposed by Bergamo et al. [39].

5. Computation Complexity Analysis

According to previous research that uses MIRACL Library and Ubuntu 16.0 operating
system with 4 GB RAM and 2.7 GHz processor and get execution time [3,4,13], the time of
performing a one-way hash function operation (T h) is about 0.006 milliseconds (ms), and
time for performing a Chebyshev chaotic map operation (T ch) is approximately equal with
42.04 times of performing a one-way has function operation that is about 0.252 ms and using
Chebyshev chaotic map can be more efficient than using elliptic-curve cryptography. The
time taken for XOR operation is ignored because the value is too low to influence the result.
The result of computational complexity and performing time of the proposed scheme are
presented and show in Table 3. In the emergency signal sending phase, The patient will take
0.006 ms, the smart lamp will take 0.012 ms, and the server of the medical institute will take
1.8 ms after receiving a message from the patient. The ambulance does not exist in the
emergency signal ending phase. Performing the emergency signals sending phase will take at
least 1.818 ms, according to the result above. In the secure ambulance communication phase,
the ambulance will take 0.792 ms, and each smart lamp will take 0.774 ms after receiving a
message from the ambulance. The patient and server of the medical institute do not exist in
the secure ambulance communication phase. Performing the secure ambulance
communication phase will take at least 1.566 ms , according to the result above. Although
there are no requirements or standards about the recommendation of time to perform a
cryptographic module, the proposed scheme has proven that is more efficient than the
previous studies. For example, the time to perform the emergency signal sending phase is
better than Abdel-Malek et al.’s work [40]; the process of secure ambulance communication
phase is similar to Lin and Hsu’s [13] works so that the result can be referred to Lin and
Hsu’s [13] work.

6. Conclusion

5G networks provide high speed network, big capacity, and scalability, which has an efficient
effect on energy consumption and provides quality of experience and amount of device
communication, and 5G can provide connection massive IoT. IoT with 5G environments
provides solution of the network layer, including enhancing the quality of service, to solve
challenges of smart medical healthcare. EMS has become a complex network of all types of
professionals, including care and ambulance. 5G network with EMS can simplify the medical
treatment process and improve the efficiency of patient treatment. The importance of
healthcare-related privacy preservation is rising. If the work of privacy preservation fails, not
only will medical institute have economical and credibility losses but also property losses and
even the lives of patients will be harmed. This paper proposes a privacy-preserved ID-based
secure communication scheme in 5G-IoT telemedicine systems that can achieve the feature
below. The proposed scheme allows the emergency signal to be transmitted immediately with
decreasing risk of secret key leakage. Information about the patient and their prehospital
treatment can be transmitted securely while transferring the patients to the destination
medical institute, and the quality of healthcare service can be assured while preserving the
privacy of the patient through the proposed scheme. The proposed scheme supports not only
normal situation but also emergencies. The proposed scheme applies key insulation to
prevent key exposure problems on wearable device and provides federated identity
management, which can manage the identity of ambulances in and hierarchical structure
efficiently. Finally, the proposed scheme can resist potential attack and has been proven
secure enough using the random oracle model [36] and BAN logic [37].