Skip to main content
Hauptrubriken
CME Facharzt-Training Webinare Zeitschriften Bücher e.Medpedia Podcast
Service
Jobbörse Info & Hilfe
Fachgebiete
Anästhesiologie Allgemeinmedizin Arbeitsmedizin Augenheilkunde Chirurgie Dermatologie Gynäkologie und Geburtshilfe HNO Innere Medizin Kardiologie Neurologie Onkologie und Hämatologie Orthopädie und Unfallchirurgie Pädiatrie Pathologie Psychiatrie Radiologie Rechtsmedizin Urologie Zahnmedizin
Themen
Klimawandel und Gesundheit Neues aus dem Markt COVID-19 Praxis und Beruf Seltene Erkrankungen GOÄ & EBM Panorama
Sammlungen
Kasuistiken Algorithmen & Infografiken Blickdiagnosen Arthropedia FlapFinder (für Dermatochirurgen) Videos Kongressberichterstattung Medizin für Apothekerinnen und Apotheker Für Ärztinnen und Ärzte in Weiterbildung Für Medizinstudierende
Erweiterte Suche
Anmelden
nach oben
Journal of Medical Systems
Erschienen in: Journal of Medical Systems 9/2014

01.09.2014 | Systems-Level Quality Improvement

A Secure Chaotic Maps and Smart Cards Based Password Authentication and Key Agreement Scheme with User Anonymity for Telecare Medicine Information Systems

verfasst von: Chun-Ta Li, Cheng-Chi Lee, Chi-Yao Weng

Erschienen in: Journal of Medical Systems | Ausgabe 9/2014

Einloggen, um Zugang zu erhalten

Abstract

Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.’s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.’s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.’s scheme. In this paper, we found that both Lee’s and Jiang et al.’s authentication schemes have a serious security problem in that a registered user’s secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee’s scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee’s and Jiang et al.’s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.
Literatur
1.
Awasthi, A.K., and Srivastava, K., A Biometric Authentication Scheme for Telecare Medicine Information Systems with Nonce. J. Med. Syst. 37(5):9964, 2013.CrossRef
2.
Chang, C.C., and Lee, C.Y., A Smart Card-Based Authentication Scheme Uing User Identify Cryptography. Int. J. Netw. Secur. 15 (2):139–147, 2013.
3.
Chang, T.Y., Hwang, M.S., Yang, W.P., A Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol. Inf. Sci. 181 (1):217–226, 2011.CrossRefMathSciNet
4.
Chen, T.Y., Lee, C.C., Hwang, M.S., Jan, J.K., Towards Secure and Efficient User Authentication Scheme Using Smart Card for Multi-Server Environments. J. Supercomput. 66 (2):1008–1032, 2013.CrossRef
5.
Das, A.K., Improving Identity-Based Random Key Establishment Scheme for Large-Scale Hierarchical Wireless Sensor Networks. Int. J. Netw. Secur. 14 (1):1–21, 2012.
6.
Das, A.K., and Bruhadeshwar, B., An Improved and Effective Secure Password-Based Authentication and Key Agreement Scheme Using Smart Cards for the Telecare Medicine Information System. J. Med. Syst. 37 (5):9969, 2013.CrossRef
7.
Guo, C., and Chang, C.C., Chaotic Maps-Based Password-Authenticated Key Agreement Using Smart Cards. Commun. Nonlinear Sci. Numer. Simul. 18 (6):1433–1440, 2013.CrossRefMATHMathSciNet
8.
Hao, X., Wang, J., Yang, Q., Yan, X., Li, P., A Chaotic Map-Based Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 37 (2):9919, 2013.CrossRef
9.
He, D., Chen, J., Zhang, R., A More Secure Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 36 (3):1989–1995, 2012.CrossRef
10.
He, D., Zhao, W., Wu, S., Security Analysis of a Dynamic ID-Based Authentication Scheme for Multi-Server Environment Using Smart Cards. Int. J. Netw. Secur. 15 (5):350–356, 2013.
11.
Hwang, M.S., Lee, C.C., Tzeng, S.F., A New Proxy Signature Scheme for a Specified Group of Verifiers. Inf. Sci. 227 (1):102–115, 2013.CrossRefMATHMathSciNet
12.
Jiang, Q., Ma, J., Lu, X., Tian, Y., Robust Chaotic Map-Based Authentication and Key Agreement Scheme with Strong Anonymity for Telecare Medicine Information Systems. J. Med. Syst. 38 (2):12, 2014.CrossRef
13.
Kar, J., ID-Based Deniable Authentication Protocol Based on Diffie-Hellman Problem on Elliptic Curve. Int. J. Netw. Secur. 15 (5):357–364, 2013.
14.
Lee, T.F., An Efficient Chaotic Map-Based Authentication and Key Agreement Scheme Using Smartcards for Telecare Medicine Information Systems. J. Med. Syst. 37 (6):9985, 2013.CrossRef
15.
Lee, C.C., Li, C.T., Hsu, C.W., A Three-Party Password-Based Authenticated Key Exchange Protocol with User Anonymity Using Extended Chaotic Maps. Nonlinear Dyn. 73 (1-2):125–132, 2013.CrossRefMATHMathSciNet
16.
Lee, C.C., Chen, C.T., Li, C.T., Wu, P.H., A Practical RFID Authentication Mechanism for Digital Television, Telecommunication Systems: Article in press, 2013.
17.
Lee, C.C., Lou, D.C., Li, C.T., Hsu, C.W., An Extended Chaotic-Maps-Based Protocol with Key Agreement for Multiserver Environments. Nonlinear Dyn. 76 (1):853–866, 2014.CrossRefMathSciNet
18.
Li, C.T., and Hwang, M.S., An Efficient Biometrics-Based Remote User Authentication Scheme Using Smart Cards. J. Netw. Comput. Appl. 33 (1):1–5, 2010.CrossRef
19.
Li, C.T., and Hwang, M.S., A Lightweight Anonymous Routing Protocol Without Public Key En/Decryptions for Wireless ad Hoc Networks. Inf. Sci. 181 (23):5333–5347, 2011.CrossRefMATHMathSciNet
20.
Li, C.T., Secure Smart Card Based Password Authentication Scheme with User Anonymity. Inf. Technol. Control. 40 (2):157–162, 2011.
21.
Li, C.T., and Lee, C.C., A Robust Remote User Authentication Scheme Using Smart Card. Inf. Technol. Control. 40 (3):236–245, 2011.
22.
Li, C.T., and Lee, C.C., A Novel User Authentication and Privacy Preserving Scheme with Smart Cards for Wireless Communications. Math. Comput. Model. 55 (1-2):35–44 , 2012.CrossRefMATHMathSciNet
23.
Li, C.T., A New Password Authentication and User Anonymity Scheme Based on Elliptic Curve Cryptography and Smart Card. IET Inf. Secur. 7 (1):3–10, 2013.CrossRef
24.
Li, C.T., Lee, C.C., Weng, C.Y., Fan, C.I., An Extended Multi-Server-Based User Authentication and Key Agreement Scheme with User Anonymity. KSII Trans. Int. Inf. Syst. 7 (1):119–131, 2013.
25.
Li, C.T., Weng, C.Y., Lee, C.C., An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks. Sensors 13 (8):9589–9603, 2013.CrossRef
26.
Li, C.T., Lee, C.C., Weng, C.Y., An Extended Chaotic Maps Based User Authentication and Privacy Preserving Scheme Against DoS Attacks in Pervasive and Ubiquitous Computing Environments. Nonlinear Dyn. 74 (4):1133–1143, 2013.CrossRefMathSciNet
27.
Li, C.T., and Lee, C.C., More Secure Authenticated Group Key Agreement in a Mobile Environment. Inf. Int. Interdiscip. J. 16 (9(B)):6817–6830, 2013.
28.
Li, C.T., and Lee, C.C., A Novel User Authentication and Key Agreement Scheme with Smart Cards Over Insecure Networks. Inf. Int. Interdiscip. J. 17 (4):1271–1284, 2014.
29.
Liao, I.E., Lee, C.C., Hwang, M.S., A Password Authentication Scheme Over Insecure Networks. J. Comput. Syst. Sci. 72 (4):727–740, 2006.CrossRefMATHMathSciNet
30.
Ramasamy, R., and Muniyandi, A.P., An Efficient Password Authentication Scheme for Smart Card. Int. J. Netw. Secur. 14 (3):180–186, 2012.
31.
National Institute of Standards and Technology, US Department of Commerce, Secure Hash Standard, pp. 180–182: US Federal Information Processing Standard Publication, 2002.
32.
Wu, Z.Y., Lee, Y.C., Lai, F., Lee, H.C., Chung, Y., A Secure Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 36 (3):1529–1535, 2012.CrossRef
33.
Xu, X., Zhu, P., Wen, Q., Jin, Z., Zhang, H., He, L., A Secure and Efficient Authentication and Key Agreement Scheme Based on ECC for Telecare Medicine Information Systems. J. Med. Syst. 38 (1):9994, 2013.CrossRef
34.
Yang, L., Ma, J.F., Jiang, Q., Mutual Authentication Scheme with Smart Cards and Password Under Trusted Computing. Int. J. Netw. Secur. 14 (3):156–163, 2012.
Metadaten
Titel
A Secure Chaotic Maps and Smart Cards Based Password Authentication and Key Agreement Scheme with User Anonymity for Telecare Medicine Information Systems
verfasst von
Chun-Ta Li
Cheng-Chi Lee
Chi-Yao Weng
Publikationsdatum
01.09.2014
Verlag
Springer US
Erschienen in
Journal of Medical Systems / Ausgabe 9/2014
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-014-0077-2

Weitere Artikel der Ausgabe 9/2014

Journal of Medical Systems 9/2014 Zur Ausgabe

Education & Training

Brain MR Image Segmentation with Spatial Constrained K-mean Algorithm and Dual-Tree Complex Wavelet Transform

Systems-Level Quality Improvement

Anesthesia Report Card – A Customizable Tool for Performance Improvement

Mobile Systems

A Reliable Architectural Style for Designing Pervasive Healthcare Systems

Systems-Level Quality Improvement

Impact of Ensemble Learning in the Assessment of Skeletal Maturity

Systems-Level Quality Improvement

Analysis of Breast Thermograms Using Gabor Wavelet Anisotropy Index

Systems-Level Quality Improvement

Decision Tree Based Diagnostic System for Moderate to Severe Obstructive Sleep Apnea