Secure and Efficient Smart Healthcare System Based on Federated Learning

Liu, Wei; Zhang, Yinghui; Han, Gang; Cao, Jin; Cui, Hui; Zheng, Dong

doi:https://doi.org/10.1155/2023/8017489

International Journal of Intelligent Systems

On this page

Abstract Introduction Related Work Preliminaries Evaluation Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Research Article | Open Access

Volume 2023 | Article ID 8017489 | https://doi.org/10.1155/2023/8017489

Secure and Efficient Smart Healthcare System Based on Federated Learning

Wei Liu,^1,2Yinghui Zhang ,^1,2Gang Han,^1,2Jin Cao,³Hui Cui,⁴and Dong Zheng^1,2

Academic Editor: Said El Kafhali

Received24 Aug 2022

Revised06 Nov 2022

Accepted30 Nov 2022

Published27 Feb 2023

Abstract

The rapid development of smart healthcare system in the Internet of Things (IoT) has made the early detection of many chronic diseases more convenient, quick, and economical. However, when healthcare organizations collect users’ health data through deployed IoT devices, there are issues of compromising users’ privacy. In view of this situation, this paper introduces federated learning technology to solve the problem of data security. In this paper, we consider the two main problems of federated learning applications in IoT smart healthcare system: (1) how to reduce the time overhead of system running and (2) how to authenticate that the user device uploading data is deployed by the system itself. To solve the above problems, we propose the first federated learning scheme based on full dynamic secret sharing. First, we use a two-mask protocol to keep the user’s local model parameters confidential during federated learning. Then, based on homogeneous linear recursive equation, homomorphic hash function, and elliptic curve cryptosystem, the full dynamic secret sharing and user identity authentication are realized. In addition, our scheme allows users to join or quit during training. Finally, we have carried out simulation test on this scheme. The experimental results show that the efficiency of our scheme is improved by about 60% on average in the case of no user dropping and by about 30% in the case of some users dropping.

1. Introduction

Over the past few decades, global health has gradually improved. As society invests more and more in health care, many intractable diseases are slowly being brought under widespread and comprehensive control. With the continuous improvement of medical level, people’s health has been improved, and people’s life expectancy has also been prolonged. However, population aging has become a global trend, gradually attracting the attention of the world. With the aging of the population, the incidence of chronic non-communicable diseases has exploded simultaneously. According to the latest report from the World Health Organization, seven of the top 10 causes of death in 2019 were chronic non-communicable diseases. In 2000, 60.8% of patients died from chronic non-communicable diseases, and in 2019, that proportion rose to 73.6%. At the same time, due to population growth and aging, the number of deaths from chronic diseases increased by 28% in 2019 compared to 2000. Due to the characteristics of chronic diseases, patients need to spend a lot of time and money on frequent medical treatment, which will undoubtedly increase the burden of the patient's family and also occupy a large number of medical resources.

Therefore, the use of Internet of Things technology to achieve smart healthcare system is very promising [1, 2], through the deployment of health monitoring sensors in the user’s home environment to collect the user’s health-related data, upload the data to the server for analysis and processing, and finally put forward health suggestions to the user through the user’s data performance [3, 4]. As a remote monitoring technology, the smart healthcare system can enable people to carry out early detection and health monitoring of chronic diseases without leaving home, which is expected to play a key role in the post-COVID-19 era.

However, there are still some obstacles to the actual deployment of the IoT smart healthcare system in the real world. The smart healthcare system collects a large amount of users’ health-related data, builds models through machine learning, and then applies the models to disease detection. However, users’ data are likely to be sensitive or contain private information, and users may not be willing to share their health data directly with third-party service providers. At the same time, due to the continuous occurrence of large-scale disclosure of user privacy data in recent years, many countries, regions, and organizations around the world have introduced laws and regulations to protect user privacy, making it more difficult for service providers to directly access user data, and thus the “data island” crisis was born.

Federated learning is proposed in such an environment, allowing users to train a machine learning model together without sharing raw private data. Bonawitz et al. [5] first fully proposed a federal learning protocol in 2017, and the problem of “data island” is solved well by the techniques of double mask, Shamir secret sharing, and Diffie–Hellman key negotiation. Subsequently, Yang et al. [6] made a very detailed classification and summary of federal learning. Xu et al. [7] proposed an improved scheme based on the scheme proposed by Bonawitz et al.’s scheme [5] which further improved the security of the scheme by adding bilinear mapping and homomorphic hash function to verify the server. So et al. [8] proposed a lightweight federal learning security aggregation scheme, which uses one-time aggregation mask reconstruction to replace random seeds and has strong practicability.

However, as far as we know, there is no existing scheme that can reduce the time spent on mask secret sharing by the user in each round of training. Reducing the time spent on secret sharing without sacrificing user privacy is obviously more complex than well-trained federated learning. In addition, it is a challenge to allow new users to join the workflow and tolerate users exiting for network or device reasons while reducing time overhead and to ensure that all users are deployed within the system and not external users.

In this paper, we first propose a federated learning scheme based on full dynamic secret sharing. Firstly, we apply the full dynamic secret sharing technique based on homogeneous linear recursive equation to federated learning to reduce the time cost of secret sharing in each round of training. Then, we use a homomorphic hash function and an improved elliptic curve cryptography signature scheme to verify user identity. Finally, we conduct simulation tests under the assumption of honesty and curiosity, and the experimental results show that our proposed scheme can improve the efficiency under various conditions. The contributions of this paper are summarized as follows:(i)We first propose a scheme for federated learning based on full dynamic secret sharing, which improves the efficiency of federated learning by assigning secret sharing subkeys to users that can be used repeatedly in multiple rounds of federated learning.(ii)The proposed federated learning scheme uses a dynamic hash function and an improved elliptic curve signature scheme to authenticate users. It prevents data uploaded by non-system deployed users from affecting the accuracy of the federated learning model.(iii)Based on the proposed federated learning with fully dynamic secret sharing, a privacy-protected intelligent medical system is designed to improve the availability of the intelligent medical system in practical deployment. Then, we conduct several simulation tests on multiple computers, and the experimental results show that the efficiency of our scheme is improved.

The rest of the paper is organized as follows. In Section 2, we introduce the related work of this paper. In Section 3, we describe the preparatory knowledge about this paper. In Section 4, we summarize the scheme. Then, in Section 5, we detail our scheme. In Section 6, we discuss the security of the scheme. In Section 7, we carry out the simulation test for all the schemes. Finally, we summarize this paper in Section 8.

2.1. Smart Healthcare in the Internet of Things

In recent years, investment in the application of the IoT has accelerated the pace of the medical industry towards intelligence. The smart healthcare of the IoT is to collect users’ health data through sensors and other IoT devices and then send the data to the server for processing and analysis. After the industry has entered the 4.0 era, it has been clear from the technical aspect that smart healthcare needs to rely on artificial intelligence and big data technology. These techniques can effectively mine the hidden information in the data, discover the hidden connections between various diseases, and predict the trend of epidemics. The development of smart healthcare will help improve people's quality of life and enhance the level of medical services [9]. In the face of many chronic non-communicable diseases, the IoT smart healthcare system has the advantages of being simple to use and inexpensive compared to traditional screening measures and neuropsychological assessment, as well as remote treatment, which is crucial in the post-COVID-19 era.

The concept of “e-health” dates back to 1999 [10].With the advent of the information age, medical treatment has gradually reduced manual participation from the original manual operation and manual recording to information equipment detection and automatic recording. In recent years, researchers have focused on using wearable devices to monitor users’ health data in real time and give early warning of possible heart disease. Li et al. [11] collected users’ audio data through IoT devices and detected whether users might have Alzheimer’s disease by analyzing the audio data. However, in the current smart medical products of the IoT, there is no in-depth consideration of data security, and many even directly send users’ private information to the public cloud for statistical analysis, which has a very big security risk. For the privacy and security of information transmission, Masud et al. [12] proposed a lightweight anonymous user authentication protocol for IoT healthcare. However, the protocol cannot effectively resist privileged insider attack and stolen authentication attack and has some shortcomings in security. Chen et al. [13] proposed a new protocol based on Masud et al.’s protocol, which solved the problems and deleted some redundant parameters to make the protocol more efficient and secure.

El Kafhali et al. [14] added fog-computing technology to the smart healthcare system consisting of IoT and cloud computing and proposed an IoT-fog-cloud architecture model. Meanwhile, El Kafhali et al. [15] proposed a queuing model in IoT-fog-cloud architecture to reduce the cost of computing resources while ensuring performance. El Kafhali et al. verified the feasibility of the proposed scheme by modeling it, which further improved the possibility of the actual deployment of the smart medical system. To address the security challenges brought by the rapid development of medical IoT, Pelekoudas-Oikonomou et al. [16] proposed a solution to integrate blockchain technology into medical IoT. Pelekoudas-Oikonomou et al. reviewed the state-of-the-art blockchain-based security mechanisms in order to provide a foundation for organizing research efforts towards the design and development of reliable blockchain-based countermeasures, addressing the pressing security challenges of smart healthcare systems in an effective and efficient manner. Fathi et al. [17] proposed a novel electrocardiograph signal compression algorithm to address the energy consumption of wearable devices for detecting heart diseases in smart healthcare systems. The proposed scheme not only improves the computational efficiency but also reduces the energy consumption, which makes the practical deployment of wearable devices a step forward.

2.2. Federated Learning

Traditional machine learning is centered on a server, which trains the machine learning model by collecting large amounts of user data and then returns the model to the user for use. Considering the risk of privacy data leakage when users directly transfer private data to the server, the researchers improved the scheme so that users could transfer training parameters of the local model to protect data security instead of directly transferring private data to the server. However, it turns out that passing only local model parameters can still expose users’ private information [18].

As mentioned earlier, there is a threat of privacy leakage whether users directly pass local data or model parameters. Therefore, different from traditional machine learning, the federated learning scheme proposed by Bonawit et al. [5] encrypts and protects users’ local model parameters with a double mask that can be eliminated and at the same time protects the integrity and security of users’ private data. Grivet Sébert et al. [19] used differential privacy and homomorphic encryption technology to solve the data security problem in the federated learning process and proposed a complete scheme that could deal with a wide range of threats. Ryffel et al. [20] proposed a practical framework combining admissibility training and functional encryption to perform partial encryption and privacy protection prediction, significantly improving the security of private data without compromising model accuracy. Liu et al. [21] applied attribute-based encryption technology to federated learning, realizing fine-grained data sharing on the premise of privacy protection. By seamlessly integrating federation learning into mobile crowdsensing, Zhao et al. [22] proposed CROWDFL, a privacy-preserving MCS system, and designed a secure aggregation algorithm. The system protects the privacy of participants and fully exploits the computing power of participants.

2.3. Secret Sharing

Secret sharing is an important method to realize information security and data privacy and also an important research direction in cryptography. Shamir [23] and Blakley [24] proposed threshold secret sharing scheme based on Lagrange interpolation and linear projective geometry, respectively, in 1979. The secret sharing scheme allows the user to divide a secret into shares, so that any set of shares greater than or equal to can be used to reconstruct , but any set of shares less than provides no information about . Subsequently, Xu and Xiao [25] proposed a threshold multiple secret sharing scheme based on RSA digital signature. The security of the scheme depends on the security of RSA digital signature, that is, the difficulty of large number decomposition.

In recent years, due to different application scenarios and increasing demands, researchers have proposed dynamic secret sharing schemes to reduce the occupancy of storage space and improve communication efficiency. Liu et al. [26] analyzed several multi-secret sharing schemes and proposed two improved verifiable multi-secret sharing schemes based on them. Yuan and Li [27] proposed a fully dynamic secret sharing scheme, which improves the performance of key management and distributed systems.

2.4. Cryptosystem Based on Elliptic Curve

Elliptic curves have been studied for many years in algebra and geometry, and there are rich and profound theoretical studies available in the literature. Elliptic curve cryptosystems, namely, various public key cryptosystems based on the elliptic curve discrete logarithm problem, were first proposed independently by Miller [28] and Koblitz [29] in 1985, which made a major breakthrough in the research of public key cryptosystems. This is the elliptic curve cryptosystem (ECC). Compared with the traditional public key system, ECC has higher security, smaller space, lower bandwidth requirements, and better flexibility.

Johnson et al. [30] proposed the elliptic curve digital signature (ECDSA) algorithm based on ECC in 2001, and Brown [31] provided the proof of the unforgeability of the ECDSA scheme in 2005. Xiao et al. [32] designed a relatively efficient scheme based on ECDSA but did not provide formal security proof. Based on the scheme proposed by Xiao et al., Qiu et al. [33] extended the mutual signature protocol to multiple parties and realized a special type of group signature scheme.

3. Preliminaries

3.1. Homogeneous Linear Recursion

In this section, we briefly introduce homogeneous linear recursion, whose detailed description can be found in Discrete Mathematics [34].

Definition 1. Let be a positive integer and be real numbers. Define degree homogeneous linear recursion using the following equation:where are constants.

Definition 2. We define HLR auxiliary equation forWhen we calculate in the complex field , we can assume that the auxiliary equation has roots. However, roots do not have to be distinct. We assume that the distinct values are and the degrees are , respectively. In other words, the auxiliary equation can be represented aswhere .

Lemma 1. Assume that sequence is defined by HLR; auxiliary equation has roots with degree .where and is a polynomial function of with degree at most .

3.2. Diffie–Hellman Problem

Let the cyclic additive group , where is the generator, and the order of is a prime number . Discrete logarithm problem (DLP): given , compute the value of . Computational Diffie–Hellman problem (CDHP): given , we compute the value of . Decision Diffie–Hellman problem (DDHP):given , we decide whether .

3.3. Two-Parameter One-Way Function

Given and , the function denotes a two-parameter one-way function, which is easy to be computed. However, it is difficult to be computed in the following case:(1)Given and , it is difficult to compute . Similarly, given and , it is difficult to compute .(2)Without knowing , it is difficult to compute by taking any .(3)Given , it is difficult to find two different values , , such that .

4. System Structure and Scheme Overview

As shown in Figure 1, in order to improve privacy security and efficiency, the scheme is designed as a three-tier architecture, which is divided into user layer, server layer, and cloud server layer. At the user layer, healthcare devices deployed in the IoT in the user’s home environment collect user health data for local training and upload the local model parameters to the server to which the device belongs. At the server layer, the server will collect the local model parameters of its deployed IoT devices and then perform global aggregation to get the optimal parameters and return them to users. At the cloud server layer, servers with good reputation, high level, and high-quality model parameters are encouraged to upload the encrypted model parameters and aggregate them again through the blockchain incentive mechanism and finally return the optimal parameters to the server.

Between users and servers, we propose a federated learning scheme based on full dynamic secret sharing, which runs between one server and users. The entire federated learning scheme consists of multiple epochs. The first epoch has six rounds, including three rounds of initialization and three rounds of operation. After the completion of the first epoch, subsequent epochs do not need to be initialized again, and only three rounds of operation are required. In other words, the process of the federated learning scheme is to run an epoch with three rounds of initialization and three rounds of operations once and then repeat the epoch with three rounds of operations. In the three initialization rounds, each user generates a reusable subkey. In the next three operation rounds, the server gets the correct user data as long as at least users survive to the end.

As mentioned above, in federated learning, the user submits local model parameters to the server, and the server performs global aggregation and returns the optimal parameters to the user. However, there are three problems to consider in this process. First, the user’s local model parameters need to be protected because Chai et al. [18] have shown that only the user’s local model parameters can recover some sensitive user information. Second, in the federated learning process, the secret sharing operation will occupy a large amount of time in each complete data aggregation. Third, in real-world scenarios, user disconnection is very common and cannot be ignored. In this section, we present a scheme that we can use to solve these problems.

As in our scheme, we divide the parties into two classes: a single server that aggregates inputs from users. Each user holds a private parameter . The goal of the protocol is to compute in a secure fashion. In other words, we guarantee that the server only knows a sum of the users’ inputs containing contributions and that the users know nothing.

To simplify the presentation, we assume that each user is assigned a unique logical identity as an integer between 1 and , so that no two honest and curious users can share the same index. Meanwhile, we use to denote the current user and to denote the remaining users in our scheme.

When we say that the server “collects messages from at least users,” we mean that the server receives messages from all users who were not disconnected in that round. If the amount of user information received is less than , the execution of the epoch in the schema is aborted. In our actual tests, we set the wait time for the server, and if the wait time is exceeded and not enough messages are collected, the round of epoch will be terminated.

In Figure 2, we briefly describe the flow of our scheme.

The following is a detailed description of federated learning based on full dynamic secret sharing:(i)Initialization phase round 0: Server:(a)The server constructor function computes , where is a large prime number and .(b)Generate based on ECC, and then generate public and private key pairs for each user signature.(c)The server transmits to the user over the secure channel and broadcasts .(ii)Initialization phase round 1: User :(a)The constructor where is a constant, .(b)Pick a large prime number .(c)Generate based on ECC, where the parameter of ECC is .(d)Send to the server. Server:(a)Collect messages from at least users from the previous round, otherwise abort.(b)Broadcast to all users the and move to next round.(iii)Initialization phase round 2: User :(a)The user selects and computes(b)Send to the server. Server:(a)Collect from at least users from the previous round, otherwise abort.(b)Generate based on ECC, where the parameter of ECC is . After the first epoch, the server generates and broadcasts both and when broadcasting the global parameters.(c)Broadcasts to all users the .(iv)Run phase round 0: User :(a)The user selects select and computes(b)The user selects the integer , and computes where , is a two-parameter one-way function.(c)Calculate(d)Compute , where .(e)Compute where .(f)Compute(g)Similarly, the integer can be used to calculate , and , where is the mask generated by the user using a pseudorandom generator.(h)Send to the server. Server:(a)Collect from at least users from the previous round (denote with this set of users), otherwise abort.(b)Send to each user and move to the next round.(v)Run phase round 1: User :(a)Receive broadcast by the server.(b)Calculate(c)Compute(d)Compute where is hash function and is the global model parameter of the last epoch. In the first epoch, is the server initialization parameter.(e)Calculate(f)Send to the server. Server:(a)Collect messages from at least users from the previous round (denote with this set of users), otherwise abort.(b)Receive and verify(c)If the authentication fails, authenticate a single user.(d)Calculate ,(e)Verify . If all users are successfully verified, calculate .(f)The server broadcasts dropped users list .(vi)Run phase round 2: User :(a)Calculate for the dropped user.(b)Send to the server. Server:(a)Collect responses from at least users (denote with this set of users).(b)Receive uploaded by the user.(c)Construct the degree polynomial from .(d)Calculate(e)Compute to find for the dropped user.(f)Compute and then compute online.(g)The mask of the dropped user can be obtained by using .(h)Finally calculate and output

We consider the operation of adding or removing users as an additional phase of the proposed scheme. This additional phase is run at the end of each epoch if users need to be added or removed. It is important to note that the number of users added or removed that we are talking about here is small and does not have an impact on the threshold . If the server needs to add or remove a large number of users, it simply starts a new federated learning scheme once.

To add a user, we perform the following operations: the server assigns and to the new user and broadcasts the public key . The new user constructs the secret sharing auxiliary function and broadcasts the parameters to other users through the server. Meanwhile, the server sends the public parameters of other users to the new user. The new user generates based on the parameters of other users and sends to the server. The server broadcasts the public key of the new user to other users.

To delete a user, we perform the following operations: the server deletes and for this user. The remaining clients delete , and the arguments of auxiliary function of the corresponding user.

6. Security Analysis

6.1. Honest but Curious Security

In this section, we analyze the attacks that exist in the proposed scheme. At the same time, we assume that no matter how the parties suspend, our agreement is conducted in an honest but curious setting. We assume that both the server and the user are honest but curious. The adversaries mentioned in this section are all honest but curious users who try to obtain the original data by analyzing the public parameters.

6.1.1. Attack: Adversary Trying to Obtain from

Except for the user who acts as the secret distributor, the subkeys of other users are generated by themselves, and the distributor cannot deceive other users. In this section, we will do some analysis of possible attacks. We believe that directly breaking the encryption used in public verifiable secret sharing (PVSS) schemes means breaking the CDHP problem. Therefore, we have the following lemma.

Lemma 2. Encryption used in PVSS schemes is secure if and only if the CDHP problem holds.

Proof. Assuming that shared encryption is insecure, there exists an algorithm . Input two random elements and algorithm outputs with a non-negligible probability of success . Now we show that the opponent should break the CDHP problem with the same non-negligible probability of success . The opponent selects from group , inputs two parameters into algorithm , and runs algorithm . The opponent then outputs with a non-negligible probability of success of . Since algorithm can break the shared encryption, we can get . From the steps of the experiment, we can confirm that the opponent breaks the CDHP. But CDHP is difficult to use in group .
Therefore, shared encryption is secure.

6.1.2. Attack: Users Less than the Threshold Cooperate to Obtain Shared Secrets

Lemma 3. If the Diffie–Hellman problem holds, then users pool their share. But they do not have access to shared secrets.

Proof. The recovery stage of the scheme is based on using Lagrange interpolation polynomials:By counting , where is , the number of pairs is less than . Therefore, users less than the threshold cannot determine the degree polynomial of , nor can they obtain any information about the shared secret.

6.2. Privacy against Active Adversaries

In this section, we discuss the security of active adversaries. The active adversary is to break the protocol, send incorrect or forged messages to other honest users, and abort or omit messages. We assume that the server is still honest but curious. However, some malicious users try to obtain private data actively. At the same time, there are some strange users who try to upload incorrect or forged data to the server. We refer to these two classes of users as active adversaries.

6.2.1. Attack: Adversary or Malicious Participants Trying to Obtain from

Proof. If the active adversary can get , then we can say that the scheme is no longer safe. There are two ways an active opponent can get . The first method is to extract from , but it is difficult to calculate the discrete logarithm problem of elliptic curve (ECDLP) in group . Therefore, it is impossible to extract from when an active adversary uses this method. Therefore, the active opponent may use the second method to attack our scheme. The second approach is to use the properties of bilinear mapping to reduce the ECDLP problem to DLP problem. The active opponent gets . Since it is also difficult to calculate DLP in group , the second method still does not pose a threat to the security of our scheme.

6.2.2. Attack: A Non-System Deployed Active Adversary Attempts to Upload Incorrect or Forged Parameter Data

Proof. In most cases, once the random numbers are the same, a second-order linear equation set can be constructed to solve the user’s private key, resulting in the disclosure of the private key. Therefore, when different messages are signed using the same signature scheme, different random numbers are used. If our scheme uses the same random number to sign different messages, then according to equation setwhere are known and are unknown, the expression of the private key can be obtained asIf the random number of each signature is different, it is impossible to break our scheme through the above attack method. Assuming is random, the system becomesand the unknown are . The number of unknowns has changed from two to three, and according to the existing algebraic knowledge, it is impossible to find the private key. According to the ECDLP problem, given equations cannot be obtained. Therefore, when the random numbers are different, our scheme can prevent key disclosure, and non-system deployed active adversary trying to upload incorrect or forged parameter data will be identified and rejected, ensuring the security of the scheme.

7. Evaluation

In Table 1, we compare the work in our scheme with the work in the existing literature. We chose Bonawitz et al.’s scheme [5] and Xu et al.’s scheme [7] to compare the work with our scheme. As can be seen from the table, our scheme optimizes the existing schemes. We conducted simulation tests on Bonawitz et al.’s scheme Secagg [5] and our scheme EfficiencySecagg. All the calculations below assume one server and users. We evaluated the scenario based on the honest but curious version, ignoring the cost of all signatures. We note that the costs of including them do not change any asymptotics but only slightly increase the computation and communication costs. In addition, we assume that when users exit, they have already sent their share to all other users, but they have not yet sent the mask to the server. This is actually a worst-case user drop because all the other users already contain the mask of the dropped user, and the server must perform an expensive recovery calculation to remove the mask, or it will have an indelible impact on the calculation results.

Our simulation environment is Intel (R) Core (TM) 17-12700H CPU@2.30 GHz, 16G memory, and Windows 11 64-bit operating system. The programming language we use is Python.

Figures 3 and 4 show the test results assuming no user drops. In Figure 3, we only compare the running time of one epoch for the two schemes, where the EfficiencySecagg scheme’s epoch does not include initialization. It can be seen that the running time increases as the number of users increases. The figure shows that the EfficiencySecagg scheme always has less time overhead than the Secagg scheme. At the same time, as the number of users increases, the advantages of the EfficiencySecagg scheme become more obvious. In Figure 4, we test the complete scheme including different number of epochs by simulation. Meanwhile, in the simulation test in Figure 4, the number of users is fixed to 30 for both schemes. It is worth mentioning that what we mean by a complete scheme is one epoch with an initialization phase and multiple epochs without an initialization phase. It can be seen that with the increase of the number of epochs, the EfficiencySecagg scheme has more and more obvious efficiency advantages over Secagg scheme.

In Figures 5–7, we again only compare the two schemes for one epoch, where the EfficiencySecagg scheme does not include initialization. However, there are different number of user drops in Figures 5–7, respectively. It is obvious that the different number of user drops does not have a very noticeable impact on the Secagg scheme and has some impact on the EfficiencySecagg scheme. However, the EfficiencySecagg scheme is still more efficient than Secagg scheme. Figure 8 illustrates this comparison more intuitively. The simulation test environment in Figure 8 is based on the environment in Figure 4 with 30% user drops added. We can see that the EfficiencySecagg scheme is still better than the Secagg scheme.

It can be seen from the above simulation test results that the efficiency of our EfficiencySecagg scheme is always higher than that of Secagg scheme under different conditions.

8. Conclusion

We propose a federated learning scheme based on fully dynamic secret sharing in smart healthcare systems. The scheme assigns reusable subkeys to users in the initialization phase and uses the full dynamic secret sharing method in the running phase, which can reduce the time overhead and improve the efficiency of federated learning. In addition, the user authentication method based on elliptic curve cryptosystem was used to ensure that the communication between the user and the server in the public network would not be interfered. Compared with the existing federated learning schemes, our scheme can not only reduce the time cost and improve the efficiency but also dynamically add or delete users, making it easier to be compatible with various scenarios in the real world. Security analysis shows that the scheme is secure in the case of honest but curious and active adversaries. Simulation results also demonstrate the practicability of the proposed scheme.

Data Availability

The data used to support the findings of this study are available from the corresponding author upon request.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Acknowledgments

This study was supported by the National Natural Science Foundation of China (grant nos. 62072369 and 62072371), Shaanxi Special Support Program Youth Top-Notch Talent Program, The Youth Innovation Team of Shaanxi Universities, Innovation Capability Support Program of Shaanxi (grant no. 2020KJXX-052), Key Research and Development Program of Shaanxi (grant nos. 2021ZDLGY06-02 and 2020ZDLGY08-04), and Postgraduate Innovation Fund Program of Xi’an University of Posts and Telecommunications (grant nos. CXJJZL2021025 and CXJJYL2021075).

References

X. Lin, R. Lu, X. Shen, Y. Nemoto, and N. Kato, “Sage: a strong privacy-preserving scheme against global eavesdropping for ehealth systems,” IEEE Journal on Selected Areas in Communications, vol. 27, no. 4, pp. 365–378, 2009.
View at: Publisher Site | Google Scholar
X. Liang, M. Barua, L. Chen et al., “Enabling pervasive healthcare through continuous remote health monitoring,” IEEE Wireless Communications, vol. 19, no. 6, pp. 10–18, 2012.
View at: Publisher Site | Google Scholar
S. Selvaraj and S. Sundaravaradhan, “Challenges and opportunities in IoT healthcare systems: a systematic review,” SN Applied Sciences, vol. 2, no. 1, pp. 139–148, 2020.
View at: Publisher Site | Google Scholar
A. Ukil, S. Bandyoapdhyay, C. Puri, and A. Pal, “IoT healthcare analytics: the importance of anomaly detection,” in Proceedings of the 2016 IEEE 30th International Conference on Advanced Information Networking and Applications (AINA), pp. 994–997, Crans-Montana, Switzerland, March 2016.
View at: Google Scholar
K. Bonawitz, V. Ivanov, B. Kreuter et al., “Practical secure aggregation for privacy-preserving machine learning,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1175–1191, Dallas TX USA, October 2017.
View at: Google Scholar
Q. Yang, Y. Liu, T. Chen, and Y. Tong, “Federated machine learning: concept and applications,” ACM Transactions on Intelligent Systems and Technology (TIST), vol. 10, no. 2, pp. 1–19, 2019.
View at: Publisher Site | Google Scholar
G. Xu, H. Li, S. Liu, K. Yang, and X. Lin, “Verifynet: secure and verifiable federated learning,” IEEE Transactions on Information Forensics and Security, vol. 15, pp. 911–926, 2020.
View at: Publisher Site | Google Scholar
J. So, C. J. Nolet, C. S. Yang, S. Li, Q. Yu, and R. Ali, “Lightsecagg: a lightweight and versatile design for secure aggregation in federated learning,” Proceedings of Machine Learning and Systems, vol. 4, pp. 694–720, 2022.
View at: Google Scholar
H. Li, “Research on Security and Privacy Protection for Smart Medical Networks,” Beijing Jiaotong University, Beijing China, 2021, PhD Thesis.
View at: Google Scholar
V. Della Mea, “What is e-Health (2): the death of telemedicine?” Journal of Medical Internet Research, vol. 3, no. 2, p. e22, 2001.
View at: Publisher Site | Google Scholar
J. Li, Y. Meng, L. Ma et al., “A federated learning based privacy-preserving smart healthcare system,” IEEE Transactions on Industrial Informatics, vol. 18, no. 3, pp. 2021–2031, 2022.
View at: Publisher Site | Google Scholar
M. Masud, G. S. Gaba, K. Choudhary, M. S. Hossain, M. F. Alhamid, and G. Muhammad, “Lightweight and anonymity-preserving user authentication scheme for IoT-based healthcare,” IEEE Internet of Things Journal, vol. 9, no. 4, pp. 2649–2656, 2022.
View at: Publisher Site | Google Scholar
C. M. Chen, S. Liu, S. Ashraf Chaudhry, Y. C. Chen, and M. Asghar khan, “A lightweight and robust user authentication protocol with user anonymity for IoT-based healthcare,” Computer Modeling in Engineering and Sciences, vol. 131, no. 1, pp. 307–329, 2022.
View at: Publisher Site | Google Scholar
S. El Kafhali and K. Salah, “Performance modelling and analysis of Internet of Things enabled healthcare monitoring systems,” IET Networks, vol. 8, no. 1, pp. 48–58, 2019.
View at: Publisher Site | Google Scholar
S. El Kafhali, K. Salah, and S. B. Alla, “Performance evaluation of IoT-fog-cloud deployment for healthcare services,” in Proceedings of the 2018 4th International Conference on Cloud Computing Technologies and Applications (Cloudtech), pp. 1–6, Brussels, Belgium, November 2018.
View at: Google Scholar
F. Pelekoudas-Oikonomou, G. Zachos, M. Papaioannou et al., “Blockchain-based security mechanisms for IoMT Edge networks in IoMT-based healthcare monitoring systems,” Sensors, vol. 22, no. 7, p. 2449, 2022.
View at: Publisher Site | Google Scholar
I. S. Fathi, M. A. A. Makhlouf, E. Osman, and M. A. Ahmed, “An energy-efficient compression algorithm of ECG signals in remote healthcare monitoring systems,” IEEE Access, vol. 10, Article ID 39129, 2022.
View at: Publisher Site | Google Scholar
D. Chai, L. Wang, K. Chen, and Q. Yang, “Secure federated matrix factorization,” IEEE Intelligent Systems, vol. 36, no. 5, pp. 11–20, 2021.
View at: Publisher Site | Google Scholar
A. Grivet Sébert, R. Pinot, M. Zuber, C. Gouy-Pailler, and R. Sirdey, “SPEED: secure, PrivatE, and efficient deep learning,” Machine Learning, vol. 110, no. 4, pp. 675–694, 2021.
View at: Publisher Site | Google Scholar
T. Ryffel, E. Dufour-Sans, R. Gay, F. Bach, and D. Pointcheval, “Partially Encrypted Machine Learning Using Functional Encryption,” 2019, https://arxiv.org/abs/1905.10214.
View at: Google Scholar
W. Liu, Y. H. Zhang, Y. F. Li, and D. Zheng, “A fine-grained Medical Data Sharing Scheme Based on Federated Learning,” Concurrency and Computation: Practice and Experience, Article ID e6847, 2022.
View at: Publisher Site | Google Scholar
B. Zhao, X. Liu, W. N. Chen, and R. Deng, “CrowdFL: privacy-preserving mobile crowdsensing system via federated learning,” IEEE Transactions on Mobile Computing, vol. 1, 2022.
View at: Publisher Site | Google Scholar
A. Shamir, “How to share a secret,” Communications of the ACM, vol. 22, no. 11, pp. 612-613, 1979.
View at: Publisher Site | Google Scholar
G. R. Blakley, “Safeguarding cryptographic keys,” in Proceedings of the International Workshop on Managing Requirements Knowledge, p. 313, New York, NY, USA, June 1979.
View at: Google Scholar
C. Xu and G. Xiao, “A threshold multiple secret sharing scheme,” Acta Electronica Sinica, vol. 32, no. 10, p. 1688, 2004.
View at: Google Scholar
Y. Liu, F. Zhang, and J. Zhang, “Attacks to some verifiable multi-secret sharing schemes and two improved schemes,” Information Sciences, vol. 329, pp. 524–539, 2016.
View at: Publisher Site | Google Scholar
J. Yuan and L. Li, “A fully dynamic secret sharing scheme,” Information Sciences, vol. 496, pp. 42–52, 2019.
View at: Publisher Site | Google Scholar
V. S. Miller, “Use of elliptic curves in cryptography,” in Proceedings of the Conference on the Theory and Application of Cryptographic Techniques, pp. 417–426, Linz, Austria, April 1985.
View at: Google Scholar
N. Koblitz, “Elliptic curve cryptosystems,” Mathematics of Computation, vol. 48, no. 177, pp. 203–209, 1987.
View at: Publisher Site | Google Scholar
D. Johnson, A. Menezes, and S. Vanstone, “The elliptic curve digital signature algorithm (ECDSA),” International Journal of Information Security, vol. 1, no. 1, pp. 36–63, 2001.
View at: Publisher Site | Google Scholar
D. R. L. Brown, “Generic groups, collision resistance, and ECDSA,” Designs, Codes and Cryptography, vol. 35, no. 1, pp. 119–152, 2005.
View at: Publisher Site | Google Scholar
S. Xiao, X. Wang, and P. Feng, “Elliptic curve digital signature algorithm based on moduleless inverse operation,” Computer Engineering and Applications, vol. 56, no. 11, pp. 118–123, 2020, In Chinese.
View at: Google Scholar
Z. Qiu, M. Xinyi, D. Gong, W. Peichao, H. Yongqing, and Z. Ping, “An improved group signature scheme for elliptic curves,” Advances in Applied Mathematics, vol. 10, no. 6, pp. 1880–1886, 2021, In Chinese.
View at: Publisher Site | Google Scholar
N. L. Biggs, Discrete Mathematics, Oxford University Press, Oxford, UK, 2002.

Copyright

Copyright © 2023 Wei Liu et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

International Journal of Intelligent Systems

Secure and Efficient Smart Healthcare System Based on Federated Learning

Abstract

1. Introduction

2. Related Work

2.1. Smart Healthcare in the Internet of Things

2.2. Federated Learning

2.3. Secret Sharing

2.4. Cryptosystem Based on Elliptic Curve

3. Preliminaries

3.1. Homogeneous Linear Recursion

3.2. Diffie–Hellman Problem

3.3. Two-Parameter One-Way Function

4. System Structure and Scheme Overview

5. Federated Learning Based on Full Dynamic Secret Sharing

6. Security Analysis

6.1. Honest but Curious Security

6.1.1. Attack: Adversary Trying to Obtain from

6.1.2. Attack: Users Less than the Threshold Cooperate to Obtain Shared Secrets

6.2. Privacy against Active Adversaries

6.2.1. Attack: Adversary or Malicious Participants Trying to Obtain from

6.2.2. Attack: A Non-System Deployed Active Adversary Attempts to Upload Incorrect or Forged Parameter Data

7. Evaluation

8. Conclusion

Data Availability

Conflicts of Interest

Acknowledgments

References

Copyright