Abstract:
This paper introduces a Quantum-Resistant HKMS which addresses the needs of patients
who want to have more control over their cryptography keys to mitigate the
insider dangers. The KMS traditionally refers to centralized Key Management Systems
where the centralized structure has authority over the master keys and in many
cases, has numerous powers in terms of security which in most cases can lead to the
introduction of new sources of weakness, and particularly the so-called insider threats.
Our approach alleviates these concerns by removing reliance of central key management
from the system; patients actually create and can manage their keys on their own.
In our system, the keys are generated from the patient’s physiological data, for
instance, ECG signals, which implies that the key generation procedure remains under
the control of the patient. It greatly minimizes the chance of key exposure to any
central authority and improves the protection of the communication links between the
patient wearable sensors and the system.
Therefore, by using the quantum-resistant cryptographic methods for integration,
our proposed solution minimizes the vulnerability of threats, including threats
from a quantum computing system. This decentralized approach guarantees that even
in cases where a centralized health data system is implemented, the patients’ most secure
cryptographic keys remain under their sole control eliminating the insider threat
factor while promoting secure transfer of health data. The proposed system provides a
balanced, yet decentralized, approach to securing patient information, offering strong
protection against current and future security challenges.
