A quantum-resilient lattice-based security framework for internet of medical things in healthcare systems
Zeyad Ghaleb Al-Mekhlaf, Murtaja Ali Saare, Jalal Mohammed Hachim Altmemi, Mahmood A. Al-Shareeda, Badiea Abdulkarem Mohammed, Gharbi Alshammari, Reem alrashdi, Yasser A. Alkhabra, Ibrahim Dughaim Alreshidi
Abstract
The rapid adoption of Internet of Medical Things (IoMT) devices enables real-time patient monitoring and remote diagnostics and has revolutionized healthcare delivery. Traditional cryptographic schemes like RSA and ECC, which rely on meaningful mathematical challenges, are under great threat from quantum computing, threatening sensitive medical data confidentiality and integrity. This paper proposes a quantum-resistant healthcare security framework based on lattice-based cryptographic primitives such as Learning With Errors (LWE), Ring-LWE (RLWE), and Short Integer Solution (SIS). To this end, we design a five-phase IoMT-friendly framework—Initialization, Registration, Authentication, Data Exchange, and Treatment—where each phase is backed up by lightweight cryptography primitives that can be easily implemented on the low-resource IoMT devices. Relative to the state-of-the-art lattice- and hash-based constructions, our framework involves 50-75% smaller ciphertext sizes, up to a 50% reduction of the communication overhead, and nearly 60% less in computational cost. Furthermore, the solution relies on zero-knowledge proofs, homomorphic encryption as well and attribute-based access control to guarantee strong security and privacy. Using the AVISPA tool, the framework is formally verified, showing its resistance against classical and quantum adversaries. Focusing on tangible healthcare threats, including data tampering and unlicensed access to patient diagnostics, this research paves the way for scalable, efficient, and quantum-resistant medical data protection. Our results pave the way for future investigations into secure post-quantum healthcare and IoT applications.