Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress 2023 EHA Congress 2023 ASCO Annual Meeting
Clinical Collections
Advances in Alzheimer’s

Keynote webinar | Spotlight on sleep in brain health

LIVE: Thursday 2nd May 2024, 18:00-19:30 (CEST)

Quality sleep is essential for health. But what happens to our brains when sleep patterns are disturbed? Join our experts to explore the interplay between sleep disruption and neurological diseases, and the questions that you need to be asking your patients to help you prevent the harmful effects of sleep deprivation.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 3/2014

01-03-2014 | Research Article

A User Anonymity Preserving Three-Factor Authentication Scheme for Telecare Medicine Information Systems

Author: Zuowen Tan

Published in: Journal of Medical Systems | Issue 3/2014

Login to get access

Abstract

The telecare medicine information system enables the patients gain health monitoring at home and access medical services over internet or mobile networks. In recent years, the schemes based on cryptography have been proposed to address the security and privacy issues in the telecare medicine information systems. However, many schemes are insecure or they have low efficiency. Recently, Awasthi and Srivastava proposed a three-factor authentication scheme for telecare medicine information systems. In this paper, we show that their scheme is vulnerable to the reflection attacks. Furthermore, it fails to provide three-factor security and the user anonymity. We propose a new three-factor authentication scheme for the telecare medicine information systems. Detailed analysis demonstrates that the proposed scheme provides mutual authentication, server not knowing password and freedom of password, biometric update and three-factor security. Moreover, the new scheme provides the user anonymity. As compared with the previous three-factor authentication schemes, the proposed scheme is more secure and practical.
Literature
1.
He, D. B., An efficient remote user authentication and key exchange protocol for mobile client–server environment from pairings. Ad Hoc Netw. 10(6):1009–1016, 2012.CrossRef
2.
Chen, T. H., and Lee, W. B., A new method for using hash function to solve remote user authentication. Comput. Electr. Eng. 34(1):53–62, 2008.CrossRefMATHMathSciNet
3.
Sandirigama, M., Shimizu, A., and Noda, M. T., Simple and secure password authentication protocol. IEICE Trans. Commun. B(6)(E83):1363–1365, 2000.
4.
He, D. B., Chen, Y. T., and Chen, J. H., Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn. 69(3):1149–1157, 2012.CrossRefMATHMathSciNet
5.
He, D. B., Chen, J. H., and Hu, J., An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security. Inf. Fusion 13(3):223–230, 2012.CrossRef
6.
Lamport, L., Password authentication with insecure communication. Commun. ACM 24:28–30, 1981.CrossRef
7.
Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1):28–30, 2000.CrossRef
8.
Li, L., Lin, I., and Hwang, M., A remote password authentication scheme for multi-server architecture using neural networks. IEEE Trans. Neural. Netw 12(6):1498–1504, 2001.CrossRef
9.
Das, M. L., Saxena, A., and Gulati, V. P., A dynamic id-based remote user authentication scheme. IEEE Trans. Consum. Electron 50(2):629–631, 2004.CrossRef
10.
Yoon, E. J., Ryu, E. K., and Yoo, K. Y., Further improvement of an efficient password based remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron 50(2):612–614, 2004.CrossRef
11.
Fan, C. I., and Lin, Y. H., Provably secure remote truly three-factor authentication scheme with privacy protection on biometric. IEEE T. Inf. Forensic Secur. 4(4):933–945, 2009.CrossRef
12.
Bhargav-Spantzel, A., Squicciarini, A. C., Bertino, E., Modi, S., Young, M., and Elliott, S. J., Privacy preserving multi-factor authentication with biometric. J. Comput. Secur 15(5):529–560, 2007.
13.
Pointcheval, D., and Zimmer, S., Multi-factor authenticated key exchange. ACNS 2008 LNCS. 5037:277–295, 2008.
14.
Li, C. T., and Hwang, M.-S., An efficient biometric-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1–5, 2010.CrossRef
15.
He, D. B., Kumar, N., and Lee, J.-H., Enhanced three-factor security protocol for USB Consumer Storage Devices. IEEE Trans. Consum. Electron. 59(4):8111–817, 2013.CrossRef
16.
Lee, J. K., Ryu, S. R., and Yoo, K. Y., Fingerprint-based remote user authentication scheme using smart cards. Electron. Lett. 38(12):554–555, 2002.CrossRef
17.
Lin, C. H., and Lai, Y. Y., A flexible biometric remote user authentication scheme. Comput. Stand. Interfaces 27(1):19–23, 2004.CrossRef
18.
Khan, M. K., and Zhang, J., Improving the security of ‘a flexible biometric remote user authentication scheme. Comput. Stand. Interfaces 29(1):82–85, 2007.CrossRef
19.
Das, A. K., Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Inf. Secur. 5(3):145–151, 2011.CrossRef
20.
Lee, C.-C., and Hsu, C.-W., A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn 71:201–211, 2013.CrossRefMathSciNet
21.
Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 2010. doi:10.​1007/​s10916-010-9614-9.
22.
23.
24.
25.
26.
Khan, M. K., Kim, S.-K., and Alghathbar, K., Cryptanalysis and security enhancement of a more efficient & secure dynamic id-based remote user authentication scheme. Comput. Commun. 34(3):305–309, 2010.CrossRef
27.
Chen, H.-M., Lo, J.-W., and Yeh, C.-K., An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 2012. doi:10.​1007/​s10916-012-9862-y.
28.
Tan, Z. W., An efficient biometric-based authentication scheme for telecare medicine information systems. Przegl. Elektrotech. 89(5):200–204, 2013.
29.
30.
31.
Yang, G. M., Duncan, S. W., Wang, H. X., and Deng, X. T., Two-factor mutual authentication based on smart cards and passwords. J. Comput. Syst. Sci. 74(7):1160–1172, 2008.CrossRefMATH
32.
Messerges, T. S., Dabbish, E. A., and Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.CrossRefMathSciNet
33.
Kocher, P., Jaffe, J., Jun, B., Differential power analysis. In: Advances in Cryptology-CRYPTO'99, Santa Barbara, California, USA, August 15–19, 1999. Lecture Notes in Computer Science, Vol. 1666, Springer, ISBN 3-540-66347-9, pages. 388–397, 1999.
Metadata
Title
A User Anonymity Preserving Three-Factor Authentication Scheme for Telecare Medicine Information Systems
Author
Zuowen Tan
Publication date
01-03-2014
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 3/2014
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-014-0016-2

Other articles of this Issue 3/2014

Journal of Medical Systems 3/2014 Go to the issue

Research Article

Quantitative Analysis for Breast Density Estimation in Low Dose Chest CT Scans

Research Article

Impact of Technological Innovation on a Nursing Home Performance and on the Medication-use Process Safety

Research Article

Radio Frequency Identification (RFID) in Health Care: Privacy and Security Concerns Limiting Adoption

Research Article

A Comparative Study on Classification of Sleep Stage Based on EEG Signals Using Feature Selection and Classification Algorithms