Cryptanalysis and Improvement of a User Authentication Scheme Preserving Uniqueness and Anonymity for Connected Health Care

被引：0

作者：

Lili Xu

Fan Wu

机构：

[1] Xiamen University,School of Information Science and Technology

[2] Huaqiao University,Department of Computer Science and Engineering, Xiamen Institute of Technology

来源：

Journal of Medical Systems | 2015年 / 39卷

关键词：

Connected health care; Authentication; Anonymity; Smart card;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

Nowadays, connected health care applications are used more and more in the world. Service through the applications can save the patients’ time and expense, such as telecare medical information system (TMIS) and integrated electronic patient record (EPR) information system. In the applications, preserving patients’ privacy, transmitting messages securely and keeping mutual authentication should all be paid attention. Many authentication schemes have been proposed to make a secure communicating environment. Recently Xie et al. showed that Wen’s scheme was insecure because it was under the off-line password guessing attack and without user anonymity and forward security. They gave a new three-factor authentication scheme and claimed that it was secure. However, we find that Xie et al’s scheme is vulnerable to the De-synchronization attack and the server has too much storage burden in the scheme. Then we present an improved scheme which overcomes the usual weaknesses and keeps ordinary security characters. Compared with recent schemes of the same kind, our scheme is secure and practical.

引用

共 80 条

[1]

Arshad H(2014)Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems J. Med. Syst. 38 136-3915

[2]

Nikooghadam M(2013)Improved dynamic id-based authentication scheme for telecare medical information systems J. Med. Syst. 37 9912-945

[3]

Cao T(2012)An efficient and secure dynamic id-based authentication scheme for telecare medical information systems J Med Syst 36 3907-2255

[4]

Zhai J(2013)A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care J. Med. Syst. 37 9948-408

[5]

Chen HM(2009)Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics IEEE Trans. Inf. Forensics Sec. 4 933-816

[6]

Lo JW(2013)A privacy enhanced authentication scheme for telecare medical information systems J. Med. Syst. 37 9897-3955

[7]

Yeh CK(2004)Biohashing: two factor authentication featuring fingerprint data and tokenised random number Pattern Recogn. 37 2245-2053

[8]

Das AK(2013)An authentication scheme for secure access to healthcare services J. Med. Syst. 37 9954-1932

[9]

Goswami A(2013)An improved biometrics-based remote user authentication scheme with user anonymity BioMed. Res. Int. 2013 491289-2012

[10]

Fan CI(2014)Cryptanalysis and improvement of an efficient and secure dynamic id-based authentication scheme for telecare medical information systems Secur. Commun. Netw. 7 399-552

← 1 2 3 4 5 6 7 8 →