Skip to main content
Hauptrubriken
CME Facharzt-Training Webinare Zeitschriften Bücher e.Medpedia Podcast
Service
Jobbörse Info & Hilfe
Fachgebiete
Anästhesiologie Allgemeinmedizin Arbeitsmedizin Augenheilkunde Chirurgie Dermatologie Gynäkologie und Geburtshilfe HNO Innere Medizin Kardiologie Neurologie Onkologie und Hämatologie Orthopädie und Unfallchirurgie Pädiatrie Pathologie Psychiatrie Radiologie Rechtsmedizin Urologie Zahnmedizin
Themen
Klimawandel und Gesundheit Neues aus dem Markt COVID-19 Praxis und Beruf Seltene Erkrankungen GOÄ & EBM Panorama
Sammlungen
Kasuistiken Algorithmen & Infografiken Blickdiagnosen Arthropedia FlapFinder (für Dermatochirurgen) Videos Kongressberichterstattung Medizin für Apothekerinnen und Apotheker Für Ärztinnen und Ärzte in Weiterbildung Für Medizinstudierende
Erweiterte Suche
Anmelden
nach oben
Journal of Medical Systems
Erschienen in: Journal of Medical Systems 5/2014

01.05.2014 | MOBILE SYSTEMS

Security Enhancement of a Biometric based Authentication Scheme for Telecare Medicine Information Systems with Nonce

verfasst von: Dheerendra Mishra, Sourav Mukhopadhyay, Saru Kumari, Muhammad Khurram Khan, Ankita Chaturvedi

Erschienen in: Journal of Medical Systems | Ausgabe 5/2014

Einloggen, um Zugang zu erhalten

Abstract

Telecare medicine information systems (TMIS) present the platform to deliver clinical service door to door. The technological advances in mobile computing are enhancing the quality of healthcare and a user can access these services using its mobile device. However, user and Telecare system communicate via public channels in these online services which increase the security risk. Therefore, it is required to ensure that only authorized user is accessing the system and user is interacting with the correct system. The mutual authentication provides the way to achieve this. Although existing schemes are either vulnerable to attacks or they have higher computational cost while an scalable authentication scheme for mobile devices should be secure and efficient. Recently, Awasthi and Srivastava presented a biometric based authentication scheme for TMIS with nonce. Their scheme only requires the computation of the hash and XOR functions.pagebreak Thus, this scheme fits for TMIS. However, we observe that Awasthi and Srivastava’s scheme does not achieve efficient password change phase. Moreover, their scheme does not resist off-line password guessing attack. Further, we propose an improvement of Awasthi and Srivastava’s scheme with the aim to remove the drawbacks of their scheme.
Literatur
1.
Latré, B., Braem, B., Moerman, I., Blondia, C., Demeester, P., A survey on wireless body area networks. Wirel. Netw. 17(1):1-18, 2011.
2.
Khan, M. K., Kumari, S., An authentication scheme for secure access to healthcare services. J. Med. Syst. 37(4):1-12, 2013.
3.
Srivastava, K., Awasthi, A. K., Mittal, R., A review on remote user authentication schemes using smart cards. In: Quality, Reliability, Security and Robustness in Heterogeneous Networks. Springer (2013) 729–749.
4.
Cao, T., Zhai, J., Improved dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1-7, 2013.
5.
Chen, H. M., Lo, J. W., Yeh, C. K., An efficient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907-3915, 2012.
6.
Chen, Y. Y., Lu, J. C., Jan, J. K., A secure ehr system based on hybrid clouds. J. Med. Syst. 36(5):3375–3384, 2012.
7.
Das, A. K., Bruhadeshwar, B., An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system. J. Med. Syst. 37(5):1–17, 2013.
8.
Debiao, H., Jianhua, C., Rui, Z., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.
9.
Guo, R., Wen, Q., Shi, H., Jin, Z., Zhang, H., An efficient and provably-secure certificateless public key encryption scheme for telecare medicine information systems. J. Med. Syst. 37(5):1–11, 2013.
10.
Jiang, Q., Ma, J., Ma, Z., Li, G., A privacy enhanced authentication scheme for telecare medical information systems. J. Med. Syst. 37(1):1-8, 2013.
11.
Jiang, Q., Ma, J., Lu, X., Tian, Y., Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J. Med. Syst. 38(2):1–18, 2014.
12.
Kumari, S., Khan, M. K., Kumar, R., Cryptanalysis and improvement of a privacy enhanced scheme for telecare medical information systems. J. Med. Syst. 37(4):1–11, 2013.
13.
Lee, T. F. An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. J. Med. Syst. 37(6):1–9, 2013.
14.
Lee, T. F., Liu, C. M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 37(3):1–8, 2013.
15.
Lin, S. S., Hung, M. H., Tsai, C .L., Chou, L. P., Development of an ease-of-use remote healthcare system architecture using rfid and networking technologies. J. Med. Syst. 36(6):3605–3619, 2012.
16.
Pu, Q., Wang, J., Zhao, R., Strong authentication scheme for telecare medicine information systems. J. Med. Syst. 36(4):2609–2619, 2012
17.
Siddiqui, Z., Abdullah, A. H., Khan, M. K., Alghamdi, A. S., Smart environment as a service: Three factor cloud based user authentication for telecare medical information system. J. Med. Syst. 38(1):1–14, 2014.
18.
Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., Chung, Y., A secure authentication scheme for telecare medicine information systems. J. med. syst. 36(3):1529–1535, 2012.
19.
Xie, Q., Zhang, J., Dong, N., Robust anonymous authentication scheme for telecare medical information systems. J. med. syst. 37(2):1–8, 2013.
20.
Xu, X., Zhu, P., Wen, Q., Jin, Z., Zhang, H., He, L., A secure and efficient authentication and key agreement scheme based on ecc for telecare medicine information systems. J. Med. Syst. 38(1):1–7, 2014.
21.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3833–3838, 2012.
22.
Boyd, C., and Mathuria, A., Protocols for authentication and key establishment. Springer (2003)
23.
Leng, L., Teoh, A. B. J., Li, M., Khan, M. K., A remote cancelable palmprint authentication proto- col based on multi-directional two-dimensional palmphasor-fusion. Secur. Commun. Networks, doi:10.​1002/​sec.​900, 2013.
24.
Bowyer, K. W., Hollingsworth, K. P., Flynn, P. J., A survey of iris biometrics research: 2008–2010. In: Handbook of iris recognition. Springer (2013) 15–54
25.
Li, C. T., Hwang, M. S., An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1–5, 2010.
26.
Li, X., Niu, J. W., Ma, J., Wang, W. D., Liu, C. L., Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 34(1):73–79, 2011.
27.
Truong, T. T., Tran, M. T., Duong, A. D., Robust biometrics based remote user authentication scheme using smart cards. In: 15th IEEE International Conference on Network-Based Information Systems (NBiS’2012), pp. 384–391, 2012
28.
Awasthi, A. K, and Srivastava, K., A biometric authentication scheme for telecare medicine information systems with nonce.J. Med. Syst. 37(5):1–4, 2013.CrossRef
29.
Jin, A. T. B, Ling, D. N. C, Goh, A., Biohashing: two factor authentication featuring fingerprint data and tokenised random number.Pattern recognit. 37(11):2245–2255, 2004.CrossRef
30.
Zhou, X., and Kalker, T., On the security of biohashing. In: IS&T/SPIE Electronic Imaging, International Society for Optics and Photonics. pp. 75410–75410, 2010.
31.
Leng, L., and Zhang, J., Palmhash code vs. palmphasor code. Neurocomput. 108:1–12, 2013.
32.
Belguechi, R., Rosenberger, C., Ait-Aoudia, S.: Biohashing for securing minutiae template. In: 20th IEEE International Conference on Pattern Recognition (ICPR’2010), pp. 1168–1171, 2010.
33.
Lumini, A., and Nanni, L., An improved biohashing for human authentication. Pattern Recognit. 40(3):1057–1065, 2007.
34.
Yang, C.: Integration of biometrics and pin pad on smart card. PhD thesis, University of Newcastle Upon Tyne 2011.
35.
Leng, L., Zhang, J., Khan, M. K., Chen, X., Ji, M., Alghathbar, K., Cancelable palmcode generated from randomized gabor filters for palmprint template protection. Sci. Res. Ess. 6(4):784–792, 2011.
36.
Brier, E., Clavier, C., Olivier, F., Correlation power analysis with a leakage model. In: Cryptographic Hardware and Embedded Systems (CHES’2004), pp. 16–29. Springer, 2004.
37.
Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M. T. M., On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In: Advances in Cryptology-(CRYPTO’2008), pp. 203–220. Springer, 2008.
38.
Kocher, P., Jaffe, J., Jun, B., Differential power analysis. In: Advances in Cryptology (CRYPTO’99), pp. 388–397. Springer, 1999.
39.
Messerges, T. S., Dabbish, E. A., Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Consum. Electron. 51(5):541–552, 2002
40.
Xu, J., Zhu, W. T., Feng, D. G., An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfaces 31(4):723–728, 2009.
41.
Yang, C. C., Yang, H. W., Wang, R. C., Cryptanalysis of security enhancement for the timestampbased password authentication scheme using smart cards. IEEE Trans. Consum. Electron. 50(2):578–579, 2004.
42.
Chang, Y. F., Yu, S. H., Shiao, D. R., A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(2):1–9, 2013
43.
Liao, Y. P., and Wang, S. S., A secure dynamic id based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(1):24–29, 2009
44.
Potlapally, N. R., Ravi, S., Raghunathan, A., Jha, N. K., A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Trans. Mob. Comput. 5(2):128–143, 2006
45.
Wong, D. S., Fuentes, H. H., Chan, A. H., The performance measurement of cryptographic primitives on palm devices. In: Proceedings 17th IEEE Annual Computer Security Applications Conference (ACSAC’2001), pp. 92–101, 2001.
Metadaten
Titel
Security Enhancement of a Biometric based Authentication Scheme for Telecare Medicine Information Systems with Nonce
verfasst von
Dheerendra Mishra
Sourav Mukhopadhyay
Saru Kumari
Muhammad Khurram Khan
Ankita Chaturvedi
Publikationsdatum
01.05.2014
Verlag
Springer US
Erschienen in
Journal of Medical Systems / Ausgabe 5/2014
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-014-0041-1

Weitere Artikel der Ausgabe 5/2014

Journal of Medical Systems 5/2014 Zur Ausgabe

Transactional Processing Systems

Secure Verifier-Based Three-Party Authentication Schemes without Server Public Keys for Data Exchange in Telecare Medicine Information Systems

MOBILE SYSTEMS

An Improved Anonymous Authentication Scheme for Telecare Medical Information Systems

Systems-Level Quality Improvement

A Secure RFID Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptosystem

Systems-Level Quality Improvement

Effective Automated Prediction of Vertebral Column Pathologies Based on Logistic Model Tree with SMOTE Preprocessing

Patient Facing Systems

A Stationary Wavelet Transform Based Approach to Registration of Planning CT and Setup Cone beam-CT Images in Radiotherapy

Systems-Level Quality Improvement

Heart Motion Uncertainty Compensation Prediction Method for Robot Assisted Beating Heart Surgery – Master–slave Kalman Filters Approach