A Provable Secure Private Data Delegation Scheme for Mountaineering Events in Emergency System
Recently, the sport of mountaineering is a popular leisure activity and many people may injure while mountaineering. In the year of 2014, Chen et al. suggested a cloud-based emergency response and SOS system for mountaineering travelers when they encounter dangers. Chen et al. claimed that their proposed system is secure against various known attacks and the executive performance of the system is reasonable when the protocol is implemented on the traveler‚??s mobile device. However, in this paper, we discover that Chen et al.‚??s scheme is unable to protect the privacy of mountaineering travelers and the vulnerability allows a malicious attacker to spy on the electronic medical records of all mountaineering travelers by launching eavesdropping attacks. Moreover, Chen et al.‚??s scheme is vulnerable to off-line password guessing attack when the mobile device of the mountaineering traveler is lost or stolen by an attacker. In order to repair these shortcomings existing in Chen et al.‚??s scheme, we suggest an improved version of their scheme, which is provably secure in the random oracle model under the DDH and CDH problems.
Cloud computing, emergency system, mobile device, provable security, traveler privacy, user authentication.