Secure Equality Test Technique Using Identity-Based Signcryption for Telemedicine Systems

For telemedicine, wireless body area network (WBAN) offers enormous benefits where a patient can be remotely monitored without compromising the mobility of remote treatments. With the advent of high capacity and reliable wireless networks, WBANs are used in several remote monitoring systems, limiting the COVID-19 spread. The sensitivity of telemedicine applications mandates confidentiality and privacy requirements. In this article, we propose a secure WBAN-19 telemedicine system to overcome the pervasiveness of contagious deceases utilizing a novel aggregate identity-based signcryption scheme with an equality test feature. We demonstrate a security analysis regarding indistinguishable adaptive chosen-ciphertext attack (IND-CCA2), one-way security against adaptive chosen-ciphertext attack (OW-CCA2), and unforgeability against adaptive chosen-message attack (EUF-CMA) under the random oracle model. The security analysis of the scheme is followed by complexity evaluations where the computation cost and communication overhead are measured. The evaluation demonstrates that the proposed model is efficient and applicable in telemedicine systems with high-performance capacities.


Secure Equality Test Technique Using
Identity-Based Signcryption for Telemedicine Systems Mohammed Ramadan , Member, IEEE, and Shahid Raza , Senior Member, IEEE Abstract-For telemedicine, wireless body area network (WBAN) offers enormous benefits where a patient can be remotely monitored without compromising the mobility of remote treatments.With the advent of high capacity and reliable wireless networks, WBANs are used in several remote monitoring systems, limiting the COVID-19 spread.The sensitivity of telemedicine applications mandates confidentiality and privacy requirements.In this article, we propose a secure WBAN-19 telemedicine system to overcome the pervasiveness of contagious deceases utilizing a novel aggregate identity-based signcryption scheme with an equality test feature.We demonstrate a security analysis regarding indistinguishable adaptive chosenciphertext attack (IND-CCA2), one-way security against adaptive chosen-ciphertext attack (OW-CCA2), and unforgeability against adaptive chosen-message attack (EUF-CMA) under the random oracle model.The security analysis of the scheme is followed by complexity evaluations where the computation cost and communication overhead are measured.The evaluation demonstrates that the proposed model is efficient and applicable in telemedicine systems with high-performance capacities.

I. INTRODUCTION
T HE ONGOING COVID-19 pandemic is one of many other world crises, such as global warming and economic crises, that are required extensive research work to be solved or mitigated.Technology has been involved in many life aspects, and information and communication technology (ICT) tools and innovations are developed since the beginning of this pandemic.Future emerging technologies, such as wireless body area networks (WBANs), wireless sensor networks (WSNs), and the Internet of Things (IoT) have been adopted widely as critical strategic solutions [1].
Telemedicine is a term invented in the 1970s that means "healing at a distance."In 2007, the World Health Organization (WHO) standardized the definition of telemedicine as follows: "the delivery of healthcare services, where distance is the key factor, by all healthcare professionals using ICT to deal with medical information, including diagnosis, treatment, and prevention of diseases" [2].Technically, telemedicine is a technology-based medical system that uses technical devices to allow remote healthcare data access securely.Thus, to enable periodic monitoring and continuous follow-up by sending sensitive health-related data collected using different WBAN nodes and implanted sensors in the body; to help decide if there is an urgent need for medical intervention.The diagnostic tools are essential due to the wide deployment and development of digital technologies.These monitoring services can be further improved by employing a wireless network that connects body sensors/nodes with remote healthcare providers through WBANs.Note that telemedicine refers to remote clinical services while telehealth for remote nonclinical services [3].
WBAN is a commonly implemented technique for remote monitoring, diagnoses, and intervention of patient healthrelated information via WBAN nodes such as embodied sensors.The key challenge with deploying emerging technologies within healthcare systems such as WBAN is to provide concrete security, including privacy preserving, confidentiality, integrity, and authentication is a significant challenge when deploying emerging technologies in healthcare systems.Security techniques and countermeasures are essential to efficiently address these concerns by considering all the limitations of implementing remote healthcare systems [4].
WBANs consist of various biological devices and sensors connected inside/around the body and can be wearable or in the surrounding area.These devices must have specific requirements for different purposes [5].For instance, some devices can measure and monitor health conditions and physical symptoms, such as blood pressure, body temperature, heartbeats rate, respiratory rate, electrocardiogram (ECG), electromyogram (EMG), electroencephalogram (EEG), and blood glucose pollution level.The other devices/sensors for detecting responses to physiological and mental-related behaviors, such as fear, anxiety, and stress [6].For the type of collected data, WBAN nodes manage to send the patient's data to the corresponding physicians to provide real-time medical and diagnoses.Biokinetic sensors collect human body movement-related data, while ambient sensors collect surrounding and ecological-related data [7].See Fig. 1 for the overall WBAN model description.As the patients of COVID-19 reach hospitals after diagnosis, they need close follow-up and monitoring to detect any deterioration or changes in their health condition.The healthcare professionals can then decide if there is a need for medical interventions, such as oxygen supplements or mechanical ventilation.Main symptoms, such as body temperature, pulse rate, blood pressure, level of awareness, repeated shaking, and chills are essential in the follow-up process.This collected data from patients required close contact with the patient's body and the risk of infection exposure.Therefore, this article proposes a secure approach scheme for telemedicine systems providing secure remote diagnosis and follow-up techniques that can support the healthcare sector in maintaining social distancing and reduce the cost of personal protective equipment (PPE) [8].
The proposed WBAN-19 solution enables remote access to medical information and creates a wireless connection between the diagnosed medical data and the healthcare provider through WBAN sensors and to overcome the pervasiveness of COVID-19 [9].The medical data must be secure, accurate, and preserve the privacy of patients' information.Hence, security and privacy-preserving protocols are highly required to protect this sensitive medical information [10].

A. Related Work
Shamir [11] introduced identity-based cryptography (IBC), which solves the key management issues by eliminating the certificate authority (CA) and the public-key digital certificates.The user generates the public key using some of the user's identity-related information that are publicly known.A trusted third party so-called private key generator (PKG) secretly generates the corresponding private keys for all users using a secret master key.
Boneh et al. [12] proposed an aggregate signature scheme that combines multiple signatures initiated by several users on different messages into a single aggregated short signature.The validation of this aggregate signature corresponds to the verification of every single signature used to generate the aggregated signature, i.e., the aggregated signature is valid if and only if all other signatures are valid and each signer signed its original message individually.The aggregation technique reduces resource usage regarding storage space and transmission capacity.Thus, it can be a significant use-case for resources-constrained systems.The first identity-based aggregate signcryption with formal security proof is given by Selvi et al. [13].
The first public key encryption with an equality test (PKEET) was introduced by Yang et al. [14], which is a public key encryption (PKE) scheme that enables an equality test process on encrypted data using public keys.In PKEET schemes, each user generates a trapdoor for equality tests to a third party called the equality tester (ET), which checking the equality among several ciphertexts without disclosing confidential information.
Lee et al. [15] presented a semi-generic PKE and an identity-based encryption scheme with an equality test technique.This approach considers some kind of access control for equality test over ciphertexts, and they only consider IND-CCA2 security for the PKE schemes in the random oracle model (ROM) under the hard assumptions of computational Diffie-Hellman (CDH) problems.
Wu et al. [16] researched and proposed an identity-based encryption scheme with an equality test technique for cloud computing systems.This scheme has a reasonably low computational cost Hash-To-Point function and claimed secure for one-way chosen identity and ciphertext attacks (OW-ID-CCA).
Shen et al. [17] proposed a secure and efficient identitybased aggregate signature scheme for WSNs that provides a data-integrity feature with respect to designated verification for WSN nodes.This scheme has relatively low computation and communication complexity, and it is claimed secure under the ROM.
Abouelkheir and El-Sherbiny [18] proposed a secure identity-based pairing-free aggregate signcryption scheme over the elliptic curve cryptographic (ECC).This proposed scheme is considered secure under the ROM providing confidentiality and unforgeability security requirements.
Finally, Xiong et al. [19] proposed a scheme to secure message classification services through identity-based signcryption with an equality test for the Internet of Vehicles (IoV).This scheme combines identity-based signcryption with an equality test feature (IBSC-ET).They set the cloud server to perform the equality test process between two signcrypted ciphertexts using the same or different public keys.This scheme is considered secure using the ROM under the Diffie-Hellman hard assumptions.

B. Our Contributions
The proposed WBAN-19 solution provides a secure and efficient solution for the healthcare systems to overcome the spreading of the COVID-19 pandemic.The scheme remotely monitors and diagnoses the health conditions of COVID-19 cases by using the equality test feature under aggregate Identity-based signcryption.To our knowledge, there is no proposed scheme for telemedicine systems that is provably secure and can provide an aggregate signcryption with equality test technique has been proposed to fulfill all possible security requirements with high performance and efficiency.Our contributions are shown as follows.
1) The proposed WBAN-19 scheme is a concrete solution for observing patients' health conditions and suspicious cases based on COVID-19 symptoms and reporting them to the corresponding authorities.Also, the solution can provide an extensive healthcare system by observing and monitoring any other diagnostic parameters.
2) The proposed WBAN-19 model provides an aggregated cryptosystem that supports the relevant medical authorities in achieving an equality test on ciphertexts through the trapdoor-test algorithm with authentication (signing algorithm) and confidentiality (encryption algorithm).
The proposed approach is appropriate for monitoring and diagnosing contagious diseases, such as COVID-19 without revealing sensitive information or compromising users' privacy.3) We provide a complete performance evaluation analysis compared to other proposed schemes.The security analysis articulates that our scheme is secure against IND-ASC-CCA2, one-way security against adaptive chosen-ciphertext attack (OW-CCA2), and unforgeability against adaptive chosen-message attack (EUF-CMA) in the ROM.4) Also, the evaluation affirms that the proposed approach is efficient, secure, and provides reasonable communication and computation cost.5) Finally, the analysis comparisons and discussions demonstrates that our proposed scheme is secure, flexible, reliable, and compatible with telemedicine systems.

C. Paper Organization
The remainder of this article is organized as follows.Section II reviews some basics preliminaries and general notions related to the proposed scheme.Section III demonstrates the proposed system models and security definitions.In Section IV, we construct our proposed WBAN-19 scheme with detailed steps.In Section V, we provide a comprehensive security analysis for the proposed scheme.Subsequently, Section VI showed the performance evaluation of the proposed scheme with some comparisons and analysis.Finally, we summarized our article as a conclusion in Section VII.

II. PRELIMINARIES
This section provides basic definitions, including bi-linear pairing and some hard assumptions.

A. Bilinear Pairing
Let G 1 and G 2 denote two cyclic groups whose orders are prime p.Let R be a generator in G 1 .A map e : G 1 ×G 1 → G 2 is called a bi-linear pairing if it fulfills the following properties.
3) Computability: For all R, P ∈ G 1 , there always exists an algorithm to efficiently compute e(R, P).

B. Decision Diffie-Hellman Problem (DDH)
Given (g, g x , g y , Z) ∈ G 2 ), where x and y are chosen randomly x, y ∈ Z * p , the decision Diffie-Hellman problem (DDH) problem is to decide whether There no exists a probabilistic polynomial-time algorithm to solve the DDH assumption with a nonnegligible probability.

C. Computational Diffie-Hellman Problem
Given (P, xP, yP ∈ G 1 ), where x and y are chosen randomly x, y ∈ Z * p , the computational Diffie-Hellman problem (CDHP) problem is to compute xyP.
There no exists a probabilistic polynomial-time algorithm to solve the CDHP assumption with a nonnegligible probability.

D. Computational Bilinear Diffie-Hellman Problem
Given (P, xP, yP, zP ∈ G 1 ), where x, y, and z are chosen randomly x, y, z ∈ Z * p , the computational bilinear Diffie-Hellman problem (CBDHP) problem is to compute e(P, P) xyz .
There no exists a probabilistic polynomial-time algorithm to solve the CBDHP assumption with a nonnegligible probability.

A. COVID-19 Application Model
This section introduces the models description of our proposed WBAN-19 scheme which offers a secure lightweight cryptosystem with the equality test technique.It involves of logical multisteps algorithms as follows.
First, the medical sensors sense the patient body's essential signals for medical checks.Then, the information gathered by WBAN sensors is encrypted (using an encrypted algorithm) and signed (using a signing algorithm), then transferred in an aggregated form (using an aggregation algorithm) to the medical server for processing this data.As described in Fig. 3, and after receiving the data, the medical server compares the equality of incoming data without revealing any sensitive information (using an equality test algorithm).If no symptoms are detected in the patient's health condition, then the system will respond by aborting the algorithm.The scheme concludes with another message sent to the medical server with the signcrypted message and later sent to be verified and decrypted in case of some symptoms are detected (checking the equality test) and required physicians intervention.Note that only end-users, i.e., patients and physicians could reveal medical sensitive information after the equality test process in case of potential symptoms.
On March 2020, the WHO declared COVID-19 a global pandemic.COVID-19 has varied from simple to mild symptoms to severe illness and mortality.According to the WHO, the most prevalent symptoms that are associated with COVID-19 include [29]: 1) fever; 2) cough; 3) shortness of breath.These symptoms may become more severe in some people.The complete list of symptoms is still being investigated.Thus, doctors are learning new things about this virus every day.The following are some other symptoms of COVID-19.
1) Persistent pain or pressure in the chest.
2) Blue lips or face.
3) Excessive drowsiness.4) Confusion.Recently, we learned that COVID-19 might not first cause any symptoms for some people; and people may carry the virus for days or up to two weeks before noticing any symptoms.Therefore, it is important to observe other general signs to overcome the pervasiveness of the pandemic [30].The proposed WBAN-19 sensors (body sensors, surrounding sensors, wearable devices, mobile phones, etc.) are used to detect the parameters in Table I.
The proposed WBAN-19 solution is based on equality test comparisons among a set of parameters (S 1 , . . ., S 8 ); which are the (diagnosed values) sent by entities, and a set of parameters (P 1 , . . ., P 8 ); which are the values stored in the medical server at the hospital for (normal case values), with a threshold value to separate between normal health conditions and the critical ones.Fig. 2 shows the handshaking process for our proposed protocol.Note that a third party (PKG) is trusted for the signcryption process to generate the system parameters.In contrast, the third party (medical server) is nontrusted on the medical provider side to perform the equality test without revealing any medical data.The proposed security model is compatible with telemedicine systems for the following reasons: Using identity-based construction gives our proposed model more flexibility to be implemented in real usecase scenarios.The proposed models' description shows more compatibility with telemedicine systems by using WBANs architecture.The complexity analysis shows more reliability to implement the proposed scheme within any real use-case scenarios.Finally, the comparison analysis shows the efficiency of our scheme compared to some other approaches.

B. System Model
The proposed WBAN-19 model is an aggregated identitybased signcryption with a secure equality test technique for monitoring and observing the sensitive medical data.It consists of seven algorithms: 1) Setup; 2) KeyGen; 3) Signcrypt; 4) Aggregate; 5) Unsigncrypt; 6) Trapdoor; and 7) Test.The public keys are the hash values of users' identities, and all users can compute them.A trusted third party (PKG) calculates the private keys using the secret master key.Then, the private keys are generated and sent to the corresponding users by the PKG entity.
The general scheme description is as follows.
Setup: This algorithm runs by the security server, and it is a function in the secret parameters over identity-based cryptosystems.KeyGen: This algorithm inputs system parameters and generates a pair of public/private keys.
Signcrypt: The user inputs system parameters, message M, and the corresponding public/private keys as input and returns the signcrypted message.
Aggregate: This algorithm takes system parameters signcrypted messages and aggregates all signcrypted messages from all users combined.
Unsigncrypt: This algorithm takes system parameters, signcrypted messages, and the corresponding public/private keys; and it returns the plaintext and performs the verification process.
Trapdoor: This algorithm runs by the users (physician/patient), and it is a function in the security parameters and the private key (secret key); it returns the corresponding trapdoor.
Test: This algorithm runs by the ET (security server), and it is a function in the security parameters, trapdoor, and ciphertexts; it performs the equality test process.The equality test algorithm will check the health-related values as encrypted messages.This will be for the plaintext without revealing any ciphertexts as follows.
S 1 is the first symptom, e.g., fever, the temperature for suspicious cases will be above 38

C. Security Model
This section defines the security models of the proposed WBAN-19 scheme regarding indistinguishable adaptive chosen-ciphertext attack (IND-ASC-CCA2) and OW-CCA2.Assume that Ch denotes a challenger; A 1 and A 2 represent adversaries.cannot make queries on the secret key and the plaintext.8) Output: A 2 outputs M as a guess of M. Definition 3: The proposed WBAN-19 scheme is secure against existentially EUF-CMA in the random oracle if the advantage of A 3 to win against our proposed scheme is negligible.This definition can be demonstrated as follows.
1) Setup: Ch runs the Setup algorithm to produce the system parameters params and sends it to A 3 while keeping the master key (s) secure.2) KeyGen-Queries: A 3 creates queries on ID i , then Ch sends the corresponding private key X IDi to A 3 .3) Queries: The adversary can adaptively issue the following queries.4) Signcrypt-Queries: A 3 can adaptively make queries on the signcryption of message M i , then Ch sends the corresponding signcryption C agg to A 3 .5) Unsigncrypt-Queries: A 3 can adaptively query the signcrypted message C agg , then Ch sends M i to A 3 .6) Output: A 3 outputs ID * with C * agg .If the result of the Unsigncrypt is valid, then A 3 wins the game with a negligible advantage.

IV. WBAN-19: SCHEME CONSTRUCTION
This section presents our proposed WBAN-19 scheme based on an identity-based cryptosystem with an aggregate signcryption with equality test features for the adequate security of remote medical monitoring systems.The private key is generated by a trusted third party (PKG) using the secret master key then sent to the corresponding users via a secure channel.The public key is the digest of the corresponding user's identity and it is publicly known.Note that: Entity A: WBAN-19 Nodes (Patients); Entity B: WBAN-19 Nodes (Physician); Entity ET: Medical/Security Server (ET).
1) Setup: This algorithm is run by PKG as follows.Given the security parameter k, the PKG chooses bi-linear map groups e : G 1 × G 1 → G 2 with prime order q and generator P ∈ G 1 .Choose a master s ∈ Z q , and calculate P 0 = sP.Let H 1 , H 2 , and H 3 be cryptographic hash functions as follows: 2) KeyGen: For any identities ID ∈ {0, 1} * .This algorithm runs by the PKG, it generates the pair public/private keys as follows.
Set the Public Key: Set the Private Key:

params), and to
Signcrypt the message between users A/B by using the corresponding public/private keys.This algorithm performs the following steps.Pick Randoms: r i , t i ∈ Z q .Then, compute: ) and send it to the medical server for the later equality test process.4) Aggregate: Given a set of signcryption C i = (U i , V i , W i , Z i ), such that (i = 1, . . ., n), and C i is the signcryption by ID i , then this algorithm is as follows.
The aggregate signcryption will be C agg = ((U i , V i , Z i ), W agg ), for (i = 1, . . ., n). 5) Unsigncrypt: Given (C i , params) and Unsigncrypt the message between users A/B using the corresponding public/private keys.This algorithm performs the following steps.Compute: R i = e(X IDB , U i ) Compute: ).This algorithm computes the trapdoors for users A/B: ).This algorithm is run by the entity ET as follows. Compute: ET checks if e(U A , E B P) = e(U B , E A P) holds.

B. Correctness
The consistency of our proposed scheme can be demonstrated as follows. 1)

V. WBAN-19: SECURITY ANALYSIS
The security model for our proposed WBAN-19 is an aggregate identity-based signcryption scheme with an equality test feature for secure medical monitoring systems.The following theorems present the security proof.Note: Ch: denotes the Challenger.A 1 , A 2 : represent the Adversaries.
Theorem 1: The proposed WBAN-19 scheme is secure against indistinguishable adaptive chosen-ciphertext attack (IND-ASC-CCA2) in the ROM; if the CBDHP assumption holds.
Proof: Assume A 1 is an adversary against our scheme, and there exists a challenger Ch claims to solve the CBDHP problem in polynomial time and with a nonnegligible advantage.Thus, A 1 and Ch perform the following game.
1) Setup: The Challenger Ch runs this algorithm and generates the public parameters (params) as follows.Ch Chooses two groups, G 1 and G 2 , then computer P 0 = sP and sends params to A 1 .2) Phase 1: For all the adversary queries, Ch answers as follows.
a) H 1 -Queries: Ch selects ∈ Z q , such that 1 ≤ ≤ q H 1 .A performs the th query on the targeted identity ID .If i = , then Ch picks random value a i ∈ Z q and answers to A 1 with Q IDi = a i βP.If i = , then Ch sets Q IDi = a i P, and replies to If yes, Ch responds with Otherwise, Ch picks μ i ∈ {0, 1} * randomly and sends Otherwise, Ch picks d i ∈ Z q randomly and sends   The following equation can achieve the BDH solution: R 1/ai i = e(X IDB , U i ) 1/ai = e(VP, a i αβP) 1/ai .Analysis: Assume that H 2 -queries happen and there are n of R i in H 2 -List.Then, A 1 could recognize the challenge ciphertext C agg is invalid.Then, Ch can solve the CBDHP problem with a nonnegligible advantage.Therefore, our WBAN-19 scheme is secure against IND-ASC-CCA2.
Theorem 2: The proposed WBAN-19 scheme is OW-CCA2 in the ROM; if the CDHP assumption holds.
Proof: Assume A 2 is an adversary against our scheme, and there exists a challenger Ch claims to solve the CDHP problem in polynomial time and with a nonnegligible advantage.Thus, A 2 and Ch perform the following game.
1) Setup: The challenger Ch runs this algorithm and generates the public parameters (params) as follows.Ch Chooses two groups, G 1 and G 2 , then computer P 0 = sP and sends params to A 2 .2) Phase 1: For all the adversary queries, Ch answers as follows. a) If yes, Ch answers with Otherwise, Ch picks μ i ∈ {0, 1} * randomly and sends Otherwise, Ch picks d i ∈ Z q randomly and sends 3) Challenge: When receiving a query on ID * , Ch selects randomly

A. Computational and Communication Complexity
Wireless networks have extremely restricted resources regarding power and bandwidth.The most significant concern is that these systems heavily consume this power through the computation cost and capacity overhead.We assess the performance of the WBAN-19 solution, mainly regarding the computation and communication complexities.
For the running time, we utilize PBC Library [31] and MIRACL Library [32], and the experimental computations in [33] and [34], with respect to the following specifications: PIV; Windows XP OS 64 (bits); 1 (GB) RAM; 3 (GHz) CPU.The running time for each operation is defined as follows.
3) Bilinear Pairing: T 3 = 5.337 (ms).4) General Hash Function: T 4 = 0.009 (ms).5) Other lightweight (XOR, addition, etc.) 0.001 (ms) (Omitted).The protocol overhead is another important factor in constrained environments such as WBAN systems.The proposed WBAN-19 scheme has an efficient overhead by reducing the size of transmitted data.We endorse the 80 (bits) security level, RSA with 1024 (bits), and ECC with 160 (bits).Assume that For any low-power systems such as WSNs.The power consumption, computation cost, and communication capacity can affect the performance due to the limited resources of such systems.Therefore, to improve the security level, we need to consider lightweight cryptosystems.Tables II and III demonstrate the computation cost and the communication overhead for our WBAN-19 scheme in comparison to the proposed schemes in [35], [36], and [37].The security comparison in Table IV is carried against the proposed schemes in [38], [39], and [40].This includes comparisons of the security features, security requirements, and the flexibility provided by each scheme.

B. WBAN Experiment
The IEEE 802.15.6-2012 is the standard for WBANs.It intends to update and assist new use cases while increasing the dependability support by such standards.This standard categorizes the WBAN into four main entities as follows [41].
1) WBAN Client: This could be WBAN users with implanted and wearable sensors/devices.2) Mobile Device: This could be smartphones or any personal digital assistants (PDAs).3) Medical Provider: This could be healthcare professionals or hospitals connected through a medical server.4) Network Manager: This could be a trusted or semitrusted third party (security server) that establishes and distributes secret and public parameters.Also, IEEE Std.802.15.6 defined the WBAN environment as follows.
1) Static: A single WBAN to serve a single patient in a specific environment.2) Semidynamic: For elderly care with slow-moving capabilities.3) Dynamic: Multiple WBANs to serve multiple users with fast-moving capabilities.The proposed WBAN-19 scheme can be implemented in all possible WBAN environments since our proposed scheme is lightweight regarding the computational and communication complexities; with three entities involved (user A: patient aka WBAN user, user B: physician, and a medical/security server.We implemented an equality test and threshold methods for WBAN diagnoses algorithms and experiments.Fig. 2 shows two levels of diagnoses and healthcare decision making based on hospital and threshold values stored in the security/medical server, which is just compatible with the proposed model providing more flexibility and reliability to the proposed scheme.There are several other algorithms that have been widely used in WBANs [42], [43].These algorithms, such as blockchainbased techniques considered efficient and relatively secure.However, some of such lack fulfilling some security properties and features, such as signcryption as a one-logical algorithm, equality test as a diagnoses technique, aggregation for more efficiency, and provably security.

C. Comparisons Analysis
As shown in the above-mentioned evaluation for the WBAN-19 scheme, the computation cost and the communication overhead are improved compared to the other proposed schemes in [35], [36], and [37].From Fig. 4, the computation cost in these references is (72.482ms) in average.It is (49.263ms) for our scheme.Thus, the total computational cost for our proposed WBAN-19 scheme is improved by (68%) compared to the other proposed schemes.
The communication overhead demonstrated in Fig. 5 and Table III indicates that our proposed scheme improves the communication overhead by (60%), from the approximate average overhead of (1800 bits) for the above-compared references to (1120 bits) for our proposed scheme.
As for security, the comparisons in Table IV show that our proposed scheme provides more security requirements, properties, and features than the proposed schemes in [38], [39], and [40].Our scheme provides signcryption, equality test, and aggregation security properties as well as provable security under the ROM for EUF-CMA, IND-CCA2, and OW-CCA2 security models.The security versus functionality for our scheme shows more flexibility as several new features have been added to the WBAN-based COVID diagnoses system compared with other proposed schemes.

D. Results and Discussion
Pondering the security of current wireless networks such as WBANs, we can easily identify several vulnerabilities against different attacks.Security is an essential factor for wireless systems because they are meant to serve network users.Wireless technologies are also employed or associated with other applications, such as IoT, WSN, traffic control, e-health, smart grid, etc. [44].According to the security analysis presented in Section V, the proposed approach allows WBAN-19 entities to authenticate each other and communicate securely before providing any services.
From the above analysis, the proposed WBAN19 scheme is flexible, reliable, and compatible with telemedicine systems for the following reasons.
1) Using identity-based construction gives our proposed scheme more flexibility to be implemented in real usecase scenarios.
2) The proposed models' description shows the compatibility of our scheme with telemedicine systems by using WBANs architecture.
3) The complexity analysis shows the reliability of our scheme, which can be implemented in any real use-case scenario.4) The security analysis shows that the proposed scheme is secure under several provable security models.5) Finally, the comparison analysis shows that our proposed scheme is more efficient than other proposed approaches.As a result, the proposed WBAN-19 solution is secure and has low computational cost and communication overhead, achieving better performance than other proposed approaches.Furthermore, our proposed solution can be implemented efficiently by industrial sectors within the WBAN standardization and even by future technologies such as the upcoming 6G mobile networks [45], which is essential to reduce the stored data, transmission handshaking processes, delay, and bandwidth usage in these technologies to improve the battery life for better performance [46].

VII. CONCLUSION
WBAN-based applications can be employed widely in the healthcare sectors, allowing for a more flexible infrastructure for the daily monitoring of health parameters.It is an important security feature by providing privacy-preserving techniques to patients and hospitals and securing the sensitive information of healthcare systems.In this article, we proposed a novel security solution achieving equality test and aggregation techniques using identity-based signcryption construction for telemedicine systems.This solution aims to overcome the spreading of contiguous deceases such as COVID-19 through WBAN-based telemedicine applications.The main advantage of this work is that it can be practically implemented in telemedicine systems securely using WBANs infrastructure.The performance evaluation and analysis showed that the proposed scheme is efficient and secure against several attacks considering adversarial models under some hard problem assumptions in the ROM.The gap in this article is to reduce the computational cost and communication overhead to a minimum.This can be achieved by using more lightweight public-key cryptosystems and providing aggregate group and ring signature schemes for some heterogeneous wireless networks (HWNs) applications.Also, our future work will focus on the security of telemedicine systems by developing homomorphic, multiparty computation, and private set intersection (PSI) techniques that can be efficiently implemented in lightweight WBAN-based telemedicine systems.

Definition 1 : 1 ) 7 ) 8 )
The proposed WBAN-19 scheme is secure against IND-ASC-CCA2 in the random oracle if the advantage of A 1 to win against our proposed scheme is negligible.This definition can be demonstrated by the following game.Setup: It runs by Ch to set the public parameters params and the master secret key s.Ch gives params to A 1 and keeps s secret.2) Phase 1: A 1 can adaptively have access to the following oracles.3) KeyGen-Queries: A 1 makes a query in ID i , Ch answers with the corresponding private key X IDi to A 1 .4) Unsigncrypt-Queries: A 1 makes a query in the message M i and the identities (ID i , ID B ).A 1 sends the signcryption C i ; it is valid, then Ch answers with the corresponding message M i .5) AggregateUnsigncrypt-Queries: A 1 sends the aggregate signcryption C agg ; if it is valid, then Ch answers with all the corresponding messages M i , for (i = 1, 2, . . ., n). 6) Challenge: After running the above queries adaptively, A 1 sends ([M 0i , M 1i ], ID i , ID B ) for (i = 1, 2, . . ., n), then Ch checks if ID B is one of the targeted identities.If not, Ch aborts.Otherwise, Ch chooses a random b i ∈ 0, 1, for (i = 1, 2, . . ., n) and signcrypts M bi using the sender's private key X IDA and the receiver's public key Q IDB , then Ch answers with the aggregate signcryption C * agg to A 1 .Phase 2: Same as in (Phase 1) except that A 1 cannot make unsigcrypt-query on the challenge aggregate signcryption C * agg .Output: A 1 outputs b i for (i = 1, 2, . . ., n).A 1 wins the game if b i = b i for (i = 1, 2, . . ., n).The advantage of A 1 winning the game is negligible.Definition 2: The plaintext remains secure knowing the trapdoor and the adversary's corresponding ciphertext.Accordingly, the WBAN-19 scheme is OW-CCA2 in the random oracle if the advantage of A 2 to win against our scheme, i.e., Pr[M = M ] is negligible.This definition can be demonstrated by the following game.

1 )
Setup: Ch takes a security parameter k as input to generate the system parameter params and sends it to A 2 , then keeps the master key s secure.2) Phase 1: A 2 can adaptively have access to the following oracles.3) KeyGen-Queries: Ch runs the KeyGen algorithm to generate the private key X IDi .Then, Ch sends it to A 2 .4) Trapdoor-Queries: Ch can get X IDi and generate the corresponding trapdoor by executing the Trapdoor algorithm from the KeyGen-queries.Then, Ch sends it to A 2 .5) Unsigncrypt-Queries: Ch runs the Unsigncrypt algorithm.Then, Ch sends the plaintext M i to A 2 .6) Challenge: Ch chooses a plaintext M * ∈ M randomly and runs the Signcrypt algorithm to get the corresponding ciphertext C.Then, Ch sends it to A 2 .7) Phase 2: Ch answers similarly to Phase 1, except that A 2 Unsigncrypt-Queries: When receiving a query with C agg and the receiver's identity ID B .If i = , then Ch returns M i .If i = , then Ch inputs C agg , R i , μ i , from the above queries, computes M i = V i ⊕μ i , and checks if there exists at least n of ID i and M i corresponding to C agg .If so, then abort.Otherwise, Ch verifies the equation.e(W agg , P) = e(U i , H 1 then adds (U i , d i ) into the list H 3 -List.d) KeyGen-Queries: When receiving a query with X IDi .Then, Ch checks if i = , Ch aborts.Otherwise, Ch recovers a i from H 1 -List, computes X IDi = a i P 0 , then sends X IDi to A 1 .e) 2, . . ., n, Ch check if ID i = ID , then aborts.Otherwise, Ch randomly picks h ∈ [1, n] and checks if i = h.If not, Ch picks randomly b ∈ {0, 1} and signcrypts the message M bi as follows: and picks W * i and Z * i .Finally, Ch sends the challenge aggregate signcryption C * agg to A 1 .4) Phase 2: This phase is identical to Phase 1; the only difference is that A 1 cannot query the secret key and the plaintext of the targeted signcryption C * agg .5) Output: A 1 outputs the guess b * i ∈ {0, 1} * , then Ch obtains (a i , R i , μ i ) from the lists H 1 -List and H 2 -List.
When receiving a query with X IDi .Then Ch checks if i = , Ch aborts.Otherwise, Ch recovers a i from H 1 -List, computes X IDi = a i P 0 , then sends X IDi to A 2 .e) Trapdoor-Queries: When receiving such query, if i = , Ch sends (γ X IDi ) to A 2 .f) Unsigncrypt-Queries: When receiving a query with C i and the receiver's identify ID B , Ch inputs C i , R i , μ i , from the above queries, then computes 1} * , and U * i = a i P, then Ch sends the targeted signcryptionC * i = (U * i , V * i , W * i , Z * i ) to A 2 .4)Phase2: This phase is identical to Phase 1 except that the Unsigncrypt-queries A 2 cannot make any queries on the challenge plaintext M * i .5) Output: A 2 outputs the guess M i ∈ {0, 1} * , then Ch obtains (a i , R i , μ i ) from the lists H 1 -List and H 2 -List.The following equation can achieve the CDHP solution: Ui = a i P, and Z i = a i μ i P 0 .Therefore, Ch can solve the CDHP problem with a nonnegligible advantage, and the proposed WBAN-19 scheme is OW-CCA2.Theorem 3: The proposed WBAN-19 scheme is secure against existentially EUF-CMA under the ROM; if the CDHP assumption holds.Proof: Assume A 3 is an adversary against our scheme, and there exists a challenger Ch claims to solve the CDHP problem in polynomial time and with a nonnegligible advantage.Thus, A 3 and Ch perform the following steps.1) Setup: This algorithm runs by the Challenger Ch and generates the public parameters (params) as follows.2) Ch Chooses two groups,G 1 and G 2 , then computer P 0 = sP and sends params to A 1 .3) Queries: Ch responses to A 3 queries are as follows.a) H-Queries: Ch answers to A 3 as same as in Theorem 1. Then Ch creates the lists H 1 -List, H 2 -List, and H 3 -List to simulate H 1 , H 2 , and H 3 .b) Signcrypt-Queries: When receiving queries on the signcryption, Ch Checks if i = , if yes, then Ch computes the corresponding signcryption and sends it to A 3 .Otherwise, Ch computes the following using H 1 -List, H 2 -List, and H 3 -List: Selects randomly r and picks W i and Z i , then Ch outputs the signcryption of M i asC i = (U i , V i , W i , Z i ).4) Forgery: A 3 outputs the aggregate signcryption C agg = (U i , V i , Z i , W agg ), for (i = 1, . .., n)as a valid signcryption of the message M i and the identities ID i , ID B , if at least one of the chosen identities is the target identity, i.e., (i = ), then A 3 wins the game.Otherwise, Ch can compute X IDi = a i αβP and e(X IDi , P) = e(P, P) a i αβ as the solution of the CDHP problem.

TABLE IV COMPARISONS
OF SECURITY PROPERTIES