Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

At a glance: The STEP trials

A round-up of the STEP phase 3 clinical trials evaluating semaglutide for weight loss in people with overweight or obesity.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 4/2013

01-08-2013 | Original Paper

Security analysis and Improvement of a Privacy Authentication Scheme for Telecare Medical Information Systems

Authors: Fan Wu, Lili Xu

Published in: Journal of Medical Systems | Issue 4/2013

Login to get access

Abstract

Nowadays, patients can gain many kinds of medical service on line via Telecare Medical Information Systems(TMIS) due to the fast development of computer technology. So security of communication through network between the users and the server is very significant. Authentication plays an important part to protect information from being attacked by malicious attackers. Recently, Jiang et al. proposed a privacy enhanced scheme for TMIS using smart cards and claimed their scheme was better than Chen et al.’s. However, we have showed that Jiang et al.’s scheme has the weakness of ID uselessness and is vulnerable to off-line password guessing attack and user impersonation attack if an attacker compromises the legal user’s smart card. Also, it can’t resist DoS attack in two cases: after a successful impersonation attack and wrong password input in Password change phase. Then we propose an improved mutual authentication scheme used for a telecare medical information system. Remote monitoring, checking patients’ past medical history record and medical consultant can be applied in the system where information transmits via Internet. Finally, our analysis indicates that the suggested scheme overcomes the disadvantages of Jiang et al.’s scheme and is practical for TMIS.
Literature
1.
Cao, T., and Zhai, J., Improved dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst., 2013. doi:1007/​s10916-012-9912-5.
2.
Chen, H.M., Lo, J.W., Yeh, C.K., An efficient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.CrossRef
3.
Das, M.L., Two-factor user authentication in wireless sensor networks. IEEE Trans. Wirel. Commun. 8(3):1086–1090, 2009.CrossRef
4.
Das, M.L., Saxena, A., Gulati, V.P., A dynamic id-based remote user authentication scheme. IEEE Trans. Consum. Electron. 50(2):629–631, 2004.CrossRef
5.
He, D., Chen, J., Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.CrossRef
6.
Hsieh, W.B., and Leu, J.S., Anonymous authentication protocol based on elliptic curve diffie–hellman for wireless access networks. Wirel. Commun. Mob. Comput., 2012. doi:10.​1002/​wcm.​2252.
7.
8.
Khan, M. K., Kim, S. K., Alghathbar, K., Cryptanalysis and security enhancement of a more efficient & secure dynamic id-based remote user authentication scheme. Comput. Commun. 34(3):305–309, 2011.CrossRef
9.
Kocher, P., Jaffe, J., Jun, B., Differential power analysis. In: Advances in Cryptology(CRYPTO99). pp. 388–397. Springer, 1999.
10.
11.
Messerges, T.S., Dabbish, E.A., Sloan, R.H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.MathSciNetCrossRef
12.
Wang, Y., Liu, J., Xiao, F., Dan, J., A more efficient and secure dynamic id-based remote user authentication scheme. Comput. Commun. 32(4):583–585, 2009.CrossRef
13.
Wei, J., Hu, X., Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.CrossRef
14.
Wen, F., and Li, X., An improved dynamic id-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38(2):381–387, 2011.CrossRef
15.
Wu, Z.Y., Lee, Y.C., Lai, F., Lee, H.C., Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.CrossRef
16.
17.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3833–3838, 2012.CrossRef
Metadata
Title
Security analysis and Improvement of a Privacy Authentication Scheme for Telecare Medical Information Systems
Authors
Fan Wu
Lili Xu
Publication date
01-08-2013
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 4/2013
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-013-9958-z

Other articles of this Issue 4/2013

Journal of Medical Systems 4/2013 Go to the issue

Original Paper

Benefits and Challenges of Electronic Health Record System on Stakeholders: A Qualitative Study of Outpatient Physicians

Original Paper

Synthetic Hardware Performance Analysis in Virtualized Cloud Environment for Healthcare Organization

Original Paper

Cryptanalysis and Improvement of ‘A Privacy Enhanced Scheme for Telecare Medical Information Systems’

Original Paper

EHR Implementation in a New Clinic: A Case Study of Clinician Perceptions

Original Paper

An Approach to Medical Knowledge Sharing in a Hospital Information System Using MCLink

Original Paper

A Novel System Architecture for the National Integration of Electronic Health Records: A Semi-Centralized Approach