nach oben

Journal of Medical Systems

Erschienen in:

01.05.2014 | MOBILE SYSTEMS

An Improved Anonymous Authentication Scheme for Telecare Medical Information Systems

verfasst von: Fengtong Wen, Dianli Guo

Erschienen in: Journal of Medical Systems | Ausgabe 5/2014

Einloggen, um Zugang zu erhalten

Abstract

Telecare medical information system (TMIS) constructs an efficient and convenient connection between patients and the medical server. The patients can enjoy medical services through public networks, and hence the protection of patients’ privacy is very significant. Very recently, Wu et al. identified Jiang et al.’s authentication scheme had some security drawbacks and proposed an enhanced authentication scheme for TMIS. However, we analyze Wu et al.’s scheme and show that their scheme suffers from server spoofing attack, off-line password guessing attack, impersonation attack. Moreover, Wu et al.’s scheme fails to preserve the claimed patient anonymity and its password change phase is unfriendly and inefficient. Thereby, we present a novel anonymous authentication scheme for telecare medical information systems to eliminate the aforementioned faults. Besides, We demonstrate the completeness of the proposed scheme through the BAN logic. Furthermore, the security of our proposed scheme is proven through Bellare and Rogaways model. Compared with the related existing schemes, our scheme is more secure.

Das, M.L. Two-factor user authentication in wireless sensor networks. IEEE Trans. Wirel. Commun. 8(3):1086–1090, 2009

Hwang, M.S., and Li, L.H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1):28–30, 2000

Lee, N.Y., and Chiu, Y.C., Improved remote authentication scheme with smart card. Comput. Stand. Interfac. 27(2): 177-180, 2005

Wen, F.T., Susilo, W., and Yang, G.M., A robust smart card-based anonymous user authentication protocol for wireless communications. Secur. Comm. Netw., doi:10.1002/sec.816, 2013

Wen, F.T., Susilo, W, and Yang, G.M., A secure and effective anonymous user authentication scheme for roaming service in global mobility networks. Wireless Pers. Commun. 73(3):993–1004, 2013

Yang, G., Wong, D.S., Wang, H., and Deng, X., Two-factor mutual authentication based on smart cards and passwords. J. Comput. Syst. Sci. 74(7):1160–1172, 2008

Wu, Z.Y., Lee, Y.C., Lai, F., Lee, H.C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012

He, D.B., Chen, J.H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012

Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012

10.

Zhu, Z., An effcient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3833–3838, 2012

11.

Chen, H.M., Lo, J.W., and Yeh, C.K., An effcient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012

12.

Khan, M.K., Kim, S.K., and Alghathbar, K., Cryptanalysis and security enhancement of a more effcient & secure dynamic ID-based remote user authentication scheme. Comput. Commun. 34(3):305–309, 2011

13.

Jiang, Q., Ma, J.F., Ma, Z., and Li, G.S., A privacy enhanced authentication scheme for telecare medical information systems. J. Med. Syst. 2013. doi:10.1007/s10916-012-9897-0

14.

Wu, F., and Xu, L.L., Security analysis and improvement of a privacy authentication scheme for telecare medical information systems. J. Med. Syst. doi:10.1007/s10916-013-9958-z, 2013

15.

D. Boneh, The Decision Diffe-Hellman Problem. In Proc. Third Algorithmic Number Theory Symposium, Springer press,1998, pp.48-63

16.

Mihir, B., and Phillip, R., Entity authentication and key distribution. Proceedings on Advances in Cryptology (CRYPTO’93): Springer press, 22–26, 1993

17.

Kumari, S., Khan, M.K., and Kumar, R., Cryptanalysis and improvement of a privacy enhanced scheme for telecare medical information systems. J. Med. Syst. doi:10.1007/s10916-013-9952-5, 2013

18.

Kocher, P., Jaffe, J., and Jun, B., Differential power analysis. Proceedings of Advances in Cryptology: Santa Barbara, CA, USA., 388–397, 1999

19.

Messerges, T.S., Dabbish, E.A., and Sloan, E.A., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002

20.

Burrows, M., Abadi, M., and Needham, R., A logic of authentication. ACM Trans. Comput. Syst. 8(1):18–36, 1990

21.

Chang, Y.F., Yu, S.H., and Shiao, D.R., An uniqueness and anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37:9902, 2013

Titel: An Improved Anonymous Authentication Scheme for Telecare Medical Information Systems
verfasst von: Fengtong Wen
Dianli Guo
Publikationsdatum: 01.05.2014
Verlag: Springer US
Erschienen in: Journal of Medical Systems / Ausgabe 5/2014
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-014-0026-0

Springer Medizin

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Weitere Artikel der Ausgabe 5/2014

Effective Automated Prediction of Vertebral Column Pathologies Based on Logistic Model Tree with SMOTE Preprocessing

An Efficient RFID Authentication Protocol to Enhance Patient Medication Safety Using Elliptic Curve Cryptography

A More Secure Anonymous User Authentication Scheme for the Integrated EPR Information System

A Broadcast-Based Key Agreement Scheme Using Set Reconciliation for Wireless Body Area Networks

Security Enhancement of a Biometric based Authentication Scheme for Telecare Medicine Information Systems with Nonce

Classifying Hospitals as Mortality Outliers: Logistic Versus Hierarchical Logistic Models