Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

Keynote webinar | Spotlight on medication adherence

LIVE: Thursday 27th June 2024, 18:00-19:30 (CEST)
Join our expert panel to discover why you need to understand the drivers of non-adherence in your patients, and how you can optimize medication adherence in your clinics to drastically improve patient outcomes.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 2/2013

01-04-2013 | Original Paper

On the Security of A Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems

Author: Han-Yu Lin

Published in: Journal of Medical Systems | Issue 2/2013

Login to get access

Abstract

Telecare medical information systems (TMISs) are increasingly popular technologies for healthcare applications. Using TMISs, physicians and caregivers can monitor the vital signs of patients remotely. Since the database of TMISs stores patients’ electronic medical records (EMRs), only authorized users should be granted the access to this information for the privacy concern. To keep the user anonymity, recently, Chen et al. proposed a dynamic ID-based authentication scheme for telecare medical information system. They claimed that their scheme is more secure and robust for use in a TMIS. However, we will demonstrate that their scheme fails to satisfy the user anonymity due to the dictionary attacks. It is also possible to derive a user password in case of smart card loss attacks. Additionally, an improved scheme eliminating these weaknesses is also presented.
Literature
1.
Awasthi, A. K., Comment on a dynamic ID-based remote user authentication scheme. Trans. Cryptol. 1(2):15–16, 2004.MathSciNet
2.
Chen, C., He, D., Chan, S., Bu, S. J., Gao, Y., and Fan, R., Lightweight and provably secure user authentication with anonymity for the global mobility network. Int. J. Commun. Syst. 24(3):347–362, 2011.CrossRef
3.
Chen, H. M., Lo, J. W., and Yeh, C. K., An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.CrossRef
4.
Das, M. L., Saxana, A., and Gulati, V. P., A dynamic ID-based remote user authentication scheme. IEEE Trans. Consum. Electron. 50(2):629–631, 2004.CrossRef
5.
He, D., Chen, J., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2011.
6.
Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron 46(1):28–30, 2000.CrossRef
7.
Juang, W. S., and Wu, J. L., Two efficient two-factor authenticated key exchange protocols in public wireless lans. Comput. Electr. Eng. 1(35):33–40, 2009.CrossRef
8.
Khan, M. K., Kim, S. K., and Alghathbar, K., Cryptanalysis and security enhancement of a more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 34(3):305–309, 2011.CrossRef
9.
Ku, W. C., and Chang, S. T., Impersonation attacks on a dynamic ID-based remote user authentication scheme using smart cards. IEICE Trans. Commun. E88-B(5):2165–2167, 2005.CrossRef
10.
11.
Liao, I., Lee, C. C. and Hwang, M. S., “Security enhancement for a dynamic ID-based remote user authentication scheme, Proceedings of 2005 International Conference on Next Generation Web Services Practices, Seoul, Korea, 2005, pp. 437–440.
12.
Lin, C. L., Sun, H. M., and Hwang, T., Attacks and solutions on strong-password authentication. IEICE Trans. Commun. E84-B(9):2622–2627, 2001.
13.
Misbahuddin, M., and Bindu, C. S., Cryptanalysis of Liao-Lee-Hwang’s dynamic ID scheme. Int. J. Netw. Secur. 2(6):211–213, 2008.
14.
Rivest, R., Shamir, A., and Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2):120–126, 1978.MathSciNetMATHCrossRef
15.
Shimizu, A., A dynamic password authentication method by one way function. Syst. Comput. Jpn. 22(7):32–40, 1991.CrossRef
16.
Shimizu, A., Horioka, T., and Inagaki, H., A password authentication method for contents communication on the Internet. IEICE Trans. Commun. E81-B(8):1666–1673, 1998.
17.
Su, R., and Cao, Z. F., An efficient anonymous authentication mechanism for delay tolerant networks. Comput. Electr. Eng. 3(36):435–441, 2010.CrossRef
18.
Tang, H. B. and Liu, X. S., “Cryptanalysis of a dynamic ID-based remote user authentication with key agreement scheme,” Int. J. Commun. Syst., to appear, 2012.
19.
Tsai, J. L., Wu, T. C., and Tsai, K. Y., New dynamic ID authentication scheme using smart cards. Int. J. Commun. Syst. 23(12):1449–1462, 2010.CrossRef
20.
Wang, R. C., Juang, W. S., and Lei, C. L., Robust authentication and key agreement scheme preserving the privacy of secret key. Comput. Commun. 34(3):274–280, 2011.CrossRef
21.
Wang, Y. Y., Liu, J. Y., Xiao, F. X., and Dan, J., A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 32(4):583–585, 2009.CrossRef
22.
Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.CrossRef
23.
Wen, F., and Li, X., An improved dynamic ID-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38(2):381–387, 2011.CrossRef
24.
Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.CrossRef
25.
Wu, S., Zhu, T., and Pu, Q., Robust smart-cards-based user authentication scheme with user anonymity. Secur. Commun. Netw. 5(2):236–248, 2011.CrossRef
26.
Yoon, E. J., and Yoo, K. Y., “Improving the dynamic ID-based remote mutual authentication scheme”, Proceedings of 2006 OTM Workshops, Lecture Notes in Computer Science, vol. 4277. Springer, Berlin, pp. 499–507, 2006.
27.
Yoon, E. J., Yoo, K. Y., and Ha, K. S., A user friendly authentication scheme with anonymity for wireless communications. Comput. Electr. Eng. 3(37):356–364, 2011.CrossRef
28.
Zhu, Z., An efficient authentication scheme for telcare medical information system. J. Med. Syst. 36(6):3833–3838, 2012.CrossRef
Metadata
Title
On the Security of A Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems
Author
Han-Yu Lin
Publication date
01-04-2013
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 2/2013
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-013-9929-4

Other articles of this Issue 2/2013

Journal of Medical Systems 2/2013 Go to the issue

Original Paper

A Robust and Novel Dynamic-ID-based Authentication Scheme for Care Team Collaboration with Smart Cards

Original Paper

VIKOR Method with Enhanced Accuracy for Multiple Criteria Decision Making in Healthcare Management

Original Paper

An Effective and Secure Key-Management Scheme for Hierarchical Access Control in E-Medicine System

Original Paper

A Reliable RFID Mutual Authentication Scheme for Healthcare Environments

Original Paper

Design and Application of an Information System for the Emergency Observation Room in a Chinese Hospital

Original Paper

Robust Anonymous Authentication Scheme for Telecare Medical Information Systems