An Optimal Authentication Scheme through Dual Signature for the Internet of Medical Things
Round 1
Reviewer 1 Report
Comments and Suggestions for AuthorsThe authors propose an authentication scheme using dual signature with applications in healthcare. The paper is generally well written.
The authors should expand on the methodology for testing the security of the proposed method. It is not clear from the paper how the tests and measurements were carried out.
The authors describe using a regular PC for the tests, however, the proposed scheme is intended for low power devices. Have there been any tests on such devices? How can this method be integrated with existing medical devices?
Author Response
The authors propose an authentication scheme using dual signature with applications in healthcare. The paper is generally well-written.
Response: We value the reviewer's time and efforts in reviewing our article. We are also grateful for the encouraging comments. The insightful comments have unquestionably improved the article's quality, and we genuinely appreciate it.
Comment: The authors should expand on the methodology for testing the security of the proposed method. It is not clear from the paper how the tests and measurements were carried out.
Response: We owe the reviewer a lot of gratitude for providing us with this feedback. We have now included the syntax for the proposed scheme, which will make it much simpler for the readers to comprehend the proposed scheme. We provided both a security analysis and a validation study for the proposed scheme. The analyses are carried out with the support of a tool for formal verification known as Scyther. Please refer to Appendix A for more details.
Comment: The authors describe using a regular PC for the tests, however, the proposed scheme is intended for low-power devices. Have there been any tests on such devices? How can this method be integrated with existing medical devices?
Response: The computation cost has been evaluated utilizing the Raspberry board in the revised version. RPI remains widely regarded as the most economical and power-efficient choice. Additional compelling attributes of the RPI 4 that reinforce its choice include its integrated wireless network capabilities, specifically, dual-band 802.11 b/g/n/ac Wi-Fi and Bluetooth 5.0 BLE. The model and hardware specifications are delineated in the present scheme implementation: The Raspberry PI 4B (2019) is equipped with a 64-bit CPU architecture and a 1.5 GHz quad-core processor. It operates on the Ubuntu 20.04.2 LTS operating system and has a memory capacity of 8 GB.
In the revised version, we have updated Table 2 and redrawn Figure 3 to reflect the new findings.
Reviewer 2 Report
Comments and Suggestions for AuthorsThe authors proposed an authentication method based on dual signature for the Internet of Medical Things, the paper is well structured and the study delivered its goal. The manuscript does not require modification except minor comment given below.
- Line 90 , Replace “To remove such problems” by “to overcome with these issues “,
- Line 37 , 98 , Replace “Internet of Medical Things” by “ IoMT”,
- Line 72 , This sentence ‘….which can only the authorise the legitimate user to access and use the health care data’ …. does not make complete sense.
- I suggest to not add this subsection 1.2. Layout of Paper ,,, you can add the paragraph without subsection.
- Enumerate equations in your manuscript.
Good Luck
Author Response
The authors proposed an authentication method based on dual signature for the Internet of Medical Things, the paper is well structured and the study delivered its goal. The manuscript does not require modification except minor comment given below.
- Line 90 , Replace “To remove such problems” by “to overcome with these issues “, (Corrected)
- Line 37 , 98 , Replace “Internet of Medical Things” by “ IoMT”, (Replaced)
- Line 72 , This sentence ‘….which can only the authorise the legitimate user to access and use the health care data’ …. does not make complete sense. (Corrected)
- I suggest to not add this subsection 1.2. Layout of Paper ,,, you can add the paragraph without subsection. ( Removed)
- Enumerate equations in your manuscript. (Enumerated)
Response: We owe the reviewer a great deal of gratitude for the encouraging comments. All of the issues that were brought to our attention have been addressed. During the course of the modifications, we made some further changes to the article, and we now believe that the article has been significantly improved.
Reviewer 3 Report
Comments and Suggestions for AuthorsThe paper describes an optimal authentication scheme intended for use in the Internet of Medical Things, based on hyperelliptic curves and featuring double signatures. The most important shortcomings identified in this paper are:
1. The section "1.1. Motivation and Contributions" does not clearly indicate what the authors' own contributions are.
2. The section "3. Related Work" is too short and should be extended (especially with new solutions).
3. The section "5. Proposed Dual Signature Scheme" should be extended with a formal algorithm in pseudocode. The description of the algorithm also should be extended.
4. The paper lacks comprehensive research. It would be good to extend the research.
5. The paper is devoted to the optimal authentication scheme, but it is not explicitly written that this authentication scheme is optimal and in what respect it has been optimized.
Minor shortcomings:
1. Section "1.2. Layout of Paper" contains a number of errors, e.g. the numbering of the sections does not correspond to their content.
2. "2. Preliminaries" is a very short section, too short for such an extensive hierarchy of subsections. One level of subsection numbering should be removed, i.e. 2.1.1 should be replaced with 2.1, 2.1.2 should be replaced with 2.2., etc.
3. Equations must be numbered. Equations should be entered according to the MDPI formula. Under a given equation, all symbols used in that equation should be explained (unless they were explained under previous equations).
4. The equation in line 140 is misspelled.
5. Table 5 (line 393). There is a special table in the MDPI template where all acronyms should be placed.
Author Response
The paper describes an optimal authentication scheme intended for use in the Internet of Medical Things, based on hyperelliptic curves and featuring double signatures. The most important shortcomings identified in this paper are:
- The section "1.1. Motivation and Contributions" does not clearly indicate what the authors' own contributions are.
Response: We are grateful to the reviewer for pointing out this issue. In the revised version, the Motivation and Contributions section has been revised to emphasize our contributions.
- The section "3. Related Work" is too short and should be extended (especially with new solutions).
Response: In the revised version, the section 3. Related Work" has been marginally expanded. Several of the most recent articles have been added to this section. We appreciate the reviewer's comment.
- The section "5. Proposed Dual Signature Scheme" should be extended with a formal algorithm in pseudocode. The description of the algorithm also should be extended.
Response: In the revised version, we have extended section "5. Proposed Dual Signature Scheme". The changes are highlighted in the revised version for reference. We are very hopeful that the reviewer’s reservations have been fulfilled.
- The paper lacks comprehensive research. It would be good to extend the research.
Response: In this study, we added three types of analysis: informal security analysis, formal security validations using the Scyther tool, and performance analysis in terms of computational cost in milliseconds and communication overheads in bits. All of these analyses demonstrate that the proposed scheme is viable.
- The paper is devoted to the optimal authentication scheme, but it is not explicitly written that this authentication scheme is optimal and in what respect it has been optimized.
Response: Due to the use of HECC rather than ECC, which offers the same level of security with a smaller key size, optimal is used here in the sense of lightweight. As a result of this characteristic, the proposed scheme has a lower computation cost than the relevant existing schemes, as explained in the article.
Minor shortcomings:
- Section "1.2. Layout of Paper" contains a number of errors, e.g. the numbering of the sections does not correspond to their content.
Response: The inaccuracies have been rectified. We greatly appreciated the reviewer bringing it to our attention.
- "2. Preliminaries" is a very short section, too short for such an extensive hierarchy of subsections. One level of subsection numbering should be removed, i.e. 2.1.1 should be replaced with 2.1, 2.1.2 should be replaced with 2.2., etc.
Response: The inaccuracies have been rectified. Section 2 has been extended. We greatly appreciated the reviewer bringing it to our attention.
- Equations must be numbered. Equations should be entered according to the MDPI formula. Under a given equation, all symbols used in that equation should be explained (unless they were explained under previous equations).
Response: Giving equations to this article will make complications. All the symbols are explained in the symbol table. In addition, syntax has been added for more explanations.
- The equation in line 140 is misspelled.
Response: The inaccuracies have been rectified.
- Table 5 (line 393). There is a special table in the MDPI template where all acronyms should be
Response: All the acronyms used in the article have been explained on their first use.
Round 2
Reviewer 3 Report
Comments and Suggestions for AuthorsThe paper is interesting and timely.
My comments have been addressed in the revised paper.