Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

Keynote webinar | Spotlight on medication adherence

LIVE: Thursday 27th June 2024, 18:00-19:30 (CEST)
Join our expert panel to discover why you need to understand the drivers of non-adherence in your patients, and how you can optimize medication adherence in your clinics to drastically improve patient outcomes.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 4/2013

01-08-2013 | Original Paper

Cryptanalysis and Improvement of ‘A Privacy Enhanced Scheme for Telecare Medical Information Systems’

Authors: Saru Kumari, Muhammad Khurram Khan, Rahul Kumar

Published in: Journal of Medical Systems | Issue 4/2013

Login to get access

Abstract

To ensure reliable telecare services some user authentication schemes for telecare medical information system (TMIS) have been presented in literature. These schemes are proposed with intent to regulate only authorized access to medical services so that medical information can be protected from misuse. Very recently Jiang et al. proposed a user authentication scheme for TMIS which they claimed to provide enhanced privacy. They made use of symmetric encryption/decryption with cipher block chaining mode (CBC) to achieve the claimed user privacy. Their scheme provides features like user anonymity and user un-traceability unlike its preceding schemes on which it is built. Unluckily, authors overlook some important aspects in designing their scheme due to which it falls short to resist user impersonation attack, guessing attacks and denial of service attack. Besides, its password change phase is not secure; air message confidentiality is at risk and also has some other drawbacks. Therefore, we propose an improved scheme free from problems observed in Jiang et al.’s scheme and more suitable for TMIS.
Literature
1.
2.
Lee, W. B., and Lee, C. D., A cryptographic key management solution for HIPAA privacy/security regulations. IEEE Trans. Inf. Technol. Biomed. 12(1):34–41, 2008.CrossRef
3.
Gritzalis, S., Lambrinoudakis, C., Lekkas, D., and Deftereos, S., Technical guidelines for enhancing privacy and data protection in modern electronic medical environments. IEEE Trans. Inf. Technol. Biomed. 9(3):413–423, 2005.CrossRef
4.
Lambrinoudakis, C., and Gritzalis, S., Managing medical and insurance information through a smart-card-based information system. J. Med. Syst. 24(4):213–234, 2000.CrossRef
5.
6.
Das, M. L., Saxena, A., and Gulati, V. P., A dynamic ID-based remote user authentication scheme. IEEE Trans. Consum. Electron. 50(2):629–631, 2004.CrossRef
7.
Khan, M. K., Kim, S. K., and Alghathbar, K., Cryptanalysis and security enhancement of a more efficient & secure dynamic ID-based remote user authentication scheme. Comput. Commun. 34(3):305–309, 2010.CrossRef
8.
Kumari, S., Gupta, M. K., and Kumar, M., Cryptanalysis and security enhancement of Chen et al’.s remote user authentication scheme using smart card. Cent. Eur. J. Comput. Sci. 2(1):60–75, 2012.CrossRef
9.
Kumar, M., Gupta, M. K., and Kumari, S., An Improved efficient remote password authentication scheme with smart card over insecure networks. Int. J. Netw Secur. 13(3):167–177, 2011.
10.
Khan, M. K., Kumari, S., and Gupta, M. K., More efficient key-hash based fingerprint remote authentication scheme using mobile device. Computing, 2013. doi:10.​1007/​s00607-013-0308-2.
11.
12.
13.
14.
15.
16.
Chen, H. M., Lo, J. W., and Yeh, C. K., An efficient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012. doi:10.​1007/​s10916-012-9862-y.CrossRef
17.
18.
Wang, X. M., Zhang, W. F., Zhang, J. S., and Khan, M. K., Cryptanalysis and improvement on two efficient remote user authentication scheme using cards. Comput. Stand. Interfaces 29(5):507–512, 2007.CrossRef
19.
Dworkin, M., Recommendation for Block Cipher Modes of Operation: Methods and Techniques. NIST Special Publication 800-38A, 2001.
20.
Mao, W., Modern Cryptography: Theory and Practice. Prentice Hall Professional Technical Reference, 2003.
21.
Kocher, P., Jaffe, J., Jun, B., Differential power analysis. Proceedings of Advances in Cryptology. Santa Barbara, CA, U.S.A., 388–397, 1999.
22.
Messerges, T. S., Dabbish, E. A., and Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.MathSciNetCrossRef
23.
Sood, S. K., Sarjee, A. K., Singh, K., An improvement of Liao et al.’s authentication scheme using smart card. IEEE 2nd International Advance Computing Conference (IACC2010), Patiala, India, pp. 240–245, 2010.
Metadata
Title
Cryptanalysis and Improvement of ‘A Privacy Enhanced Scheme for Telecare Medical Information Systems’
Authors
Saru Kumari
Muhammad Khurram Khan
Rahul Kumar
Publication date
01-08-2013
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 4/2013
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-013-9952-5

Other articles of this Issue 4/2013

Journal of Medical Systems 4/2013 Go to the issue

Original Paper

Security analysis and Improvement of a Privacy Authentication Scheme for Telecare Medical Information Systems

Original Paper

A Novel System Architecture for the National Integration of Electronic Health Records: A Semi-Centralized Approach

Original Paper

Benefits and Challenges of Electronic Health Record System on Stakeholders: A Qualitative Study of Outpatient Physicians

Original Paper

Tablet Computer Use by Medical Students in the United States

Original Paper

Synthetic Hardware Performance Analysis in Virtualized Cloud Environment for Healthcare Organization

Original Paper

An Authentication Scheme for Secure Access to Healthcare Services