Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

Keynote webinar | Spotlight on medication adherence

LIVE: Thursday 27th June 2024, 18:00-19:30 (CEST)
Join our expert panel to discover why you need to understand the drivers of non-adherence in your patients, and how you can optimize medication adherence in your clinics to drastically improve patient outcomes.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 11/2015

01-11-2015 | Systems-Level Quality Improvement

A Hash Based Remote User Authentication and Authenticated Key Agreement Scheme for the Integrated EPR Information System

Authors: Chun-Ta Li, Chi-Yao Weng, Cheng-Chi Lee, Chun-Cheng Wang

Published in: Journal of Medical Systems | Issue 11/2015

Login to get access

Abstract

To protect patient privacy and ensure authorized access to remote medical services, many remote user authentication schemes for the integrated electronic patient record (EPR) information system have been proposed in the literature. In a recent paper, Das proposed a hash based remote user authentication scheme using passwords and smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various passive and active attacks. However, in this paper, we found that Das’s authentication scheme is still vulnerable to modification and user duplication attacks. Thereafter we propose a secure and efficient authentication scheme for the integrated EPR information system based on lightweight hash function and bitwise exclusive-or (XOR) operations. The security proof and performance analysis show our new scheme is well-suited to adoption in remote medical healthcare services.
Literature
1.
Burrows, M., Abadi, M., Needham, R., A logic of authentication. ACM Trans. Comput. Syst. 8(1):18–36, 1990.CrossRef
2.
Chen, Y., Chou, J.S., Sun, H.M., A novel mutual authentication scheme based on quadratic residues for RFID systems. Computer Networks 52(12):2373–2380, 2008.CrossRef
3.
Das, A.K., A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system. Journal of Medical Systems 39(3):25, 2015.CrossRefPubMed
4.
Guo, P., Wang, J., Li, B., Lee, S., A variable threshold-value authentication architecture for wireless mesh networks. Journal of Internet Technology 15(6):929–936, 2014.
5.
Hao, X., Wang, J., Yang, Q., Yan, X., Li, P., A chaotic map-based authentication scheme for telecare medicine information systems. Journal of Medical Systems 37(2):9919, 2013.CrossRefPubMed
6.
He, D., Zhang, Y., Chen, J., Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wirel. Pers. Commun. 74(2):229–243, 2014.CrossRef
7.
He, D., Kumar, N., Chilamkurti, N., Lee, J.H., Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. Journal of Medical Systems 38(10):116, 2014.CrossRefPubMed
8.
He, D., Kumar, N., Chilamkurti, N., A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci., 2015. doi:10.​1016/​j.​ins.​2015.​02.​010.
9.
He, D., and Zeadally, S., Authentication protocol for ambient assisted living system. IEEE Commun. Mag. 35(1):71–77, 2015.CrossRef
10.
Jiang, Q., Ma, J., Lu, X., Tian, Y., Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. Journal of Medical Systems 38(2):12, 2014.CrossRefPubMed
11.
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis, in Proceedings of Advances in Cryptology (1999)
12.
Lee, T.F., Chang, I.P., Lin, T.H., Wang, C.C., A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system. J. Med. Syst. 37(3):9941, 2013.CrossRefPubMed
13.
Li, C.T., and Hwang, M.S., An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1–5, 2010.CrossRef
14.
Li, C.T., and Lee, C.C., A robust remote user authentication scheme using smart card. Information Technology and Control 40(3):236–245, 2011.CrossRef
15.
Li, C.T., and Lee, C.C., A novel user authentication and privacy preserving scheme with smart cards for wireless communications. Math. Comput. Model. 55(1-2):35–44, 2012.CrossRef
16.
Li, C.T., Lee, C.C., Weng, C.Y., An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments. Nonlinear Dynamics 74(4):1133–1143, 2013.CrossRef
17.
Li, C.T., Lee, C.C., Weng, C.Y., A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. Journal of Medical Systems 38(9):77, 2014.CrossRefPubMed
18.
Li, C.T., Weng, C.Y., Lee, C.C., A secure RFID tag authentication protocol with privacy preserving in telecare medicine information systems. J. Med. Syst. 39(8):77, 2015.CrossRefPubMed
19.
Li, C.T., Lee, C.W., Shen, J.J., An extended chaotic maps based keyword search scheme over encrypted data resist outside and inside keyword guessing attacks in cloud storage services. Nonlinear Dynamics 80(3):1601–1611, 2015.CrossRef
20.
Li, W.T., Ling, C.H., Hwang, M.S., Group rekeying in wireless sensor networks: a survey. International Journal of Network Security 16(6):401–410, 2014.
21.
Liao, I.E., Lee, C.C., Hwang, M.S., A password authentication scheme over insecure networks. J. Comput. Syst. Sci. 72(4):727–740, 2006.CrossRef
22.
Messerges, T.S., Dabbish, E.A., Sloan, R.H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Commun. 51(5):541–552, 2002.
23.
Ramasamy, R., and Muniyandi, A.P., An efficient password authentication scheme for smart card. International Journal of Network Security 14(3):180–186, 2012.
24.
25.
Shen, J., Tan, H., Wang, J., Wang, J., Lee, S., A novel routing protocol providing good transmission reliability in underwater sensor networks. Journal of Internet Technology 16 (1):171–178, 2015.
26.
Wen, F., A more secure anonymous user authentication scheme for the integrated EPR information system. J. Med. Syst. 38 :42, 2014.CrossRefPubMed
27.
Wu, Z.Y., Chung, Y.F., Lai, F., Chen, T.S., A password-based user authentication scheme for the integrated EPR information system. J. Med. Syst. 36(2):631–638, 2012.CrossRefPubMed
28.
Xue, K., and Hong, P., Security improvement on an anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul. 17(7):29691V2977, 2012.CrossRef
29.
Yang, L., Ma, J.F., Jiang, Q., Mutual authentication scheme with smart cards and password under trusted computing. International Journal of Network Security 14(3):156–163, 2012.
30.
Yeh, T.C., Wu, C.H., Tseng, Y.M., Improvement of the RFID authentication scheme based on quadratic residues. Comput. Commun. 34(3):337–341, 2011.CrossRef
Metadata
Title
A Hash Based Remote User Authentication and Authenticated Key Agreement Scheme for the Integrated EPR Information System
Authors
Chun-Ta Li
Chi-Yao Weng
Cheng-Chi Lee
Chun-Cheng Wang
Publication date
01-11-2015
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 11/2015
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-015-0322-3

Other articles of this Issue 11/2015

Journal of Medical Systems 11/2015 Go to the issue

Patient Facing Systems

A Fuzzy Inference System for Closed-Loop Deep Brain Stimulation in Parkinson’s Disease

Patient Facing Systems

Computer-Aided Diagnosis of Parkinson’s Disease Using Enhanced Probabilistic Neural Network

Systems-Level Quality Improvement

An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography

Transactional Processing Systems

FIR: An Effective Scheme for Extracting Useful Metadata from Social Media

Systems-Level Quality Improvement

The Opportunity for Medical Systems to Reduce Health Disparities Among Lesbian, Gay, Bisexual, Transgender and Intersex Patients

Systems-Level Quality Improvement

Combining the ASA Physical Classification System and Continuous Intraoperative Surgical Apgar Score Measurement in Predicting Postoperative Risk