Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress 2023 EHA Congress 2023 ASCO Annual Meeting
Clinical Collections
Advances in Alzheimer’s

At a glance: The ONWARDS insulin icodec trials

A round-up of the ONWARDS phase 3 clinical trials evaluating the novel weekly insulin icodec in people with diabetes.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 9/2014

01-09-2014 | Systems-Level Quality Improvement

A Secure Chaotic Maps and Smart Cards Based Password Authentication and Key Agreement Scheme with User Anonymity for Telecare Medicine Information Systems

Authors: Chun-Ta Li, Cheng-Chi Lee, Chi-Yao Weng

Published in: Journal of Medical Systems | Issue 9/2014

Login to get access

Abstract

Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.’s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.’s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.’s scheme. In this paper, we found that both Lee’s and Jiang et al.’s authentication schemes have a serious security problem in that a registered user’s secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee’s scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee’s and Jiang et al.’s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.
Literature
1.
Awasthi, A.K., and Srivastava, K., A Biometric Authentication Scheme for Telecare Medicine Information Systems with Nonce. J. Med. Syst. 37(5):9964, 2013.CrossRef
2.
Chang, C.C., and Lee, C.Y., A Smart Card-Based Authentication Scheme Uing User Identify Cryptography. Int. J. Netw. Secur. 15 (2):139–147, 2013.
3.
Chang, T.Y., Hwang, M.S., Yang, W.P., A Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol. Inf. Sci. 181 (1):217–226, 2011.CrossRefMathSciNet
4.
Chen, T.Y., Lee, C.C., Hwang, M.S., Jan, J.K., Towards Secure and Efficient User Authentication Scheme Using Smart Card for Multi-Server Environments. J. Supercomput. 66 (2):1008–1032, 2013.CrossRef
5.
Das, A.K., Improving Identity-Based Random Key Establishment Scheme for Large-Scale Hierarchical Wireless Sensor Networks. Int. J. Netw. Secur. 14 (1):1–21, 2012.
6.
Das, A.K., and Bruhadeshwar, B., An Improved and Effective Secure Password-Based Authentication and Key Agreement Scheme Using Smart Cards for the Telecare Medicine Information System. J. Med. Syst. 37 (5):9969, 2013.CrossRef
7.
Guo, C., and Chang, C.C., Chaotic Maps-Based Password-Authenticated Key Agreement Using Smart Cards. Commun. Nonlinear Sci. Numer. Simul. 18 (6):1433–1440, 2013.CrossRefMATHMathSciNet
8.
Hao, X., Wang, J., Yang, Q., Yan, X., Li, P., A Chaotic Map-Based Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 37 (2):9919, 2013.CrossRef
9.
He, D., Chen, J., Zhang, R., A More Secure Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 36 (3):1989–1995, 2012.CrossRef
10.
He, D., Zhao, W., Wu, S., Security Analysis of a Dynamic ID-Based Authentication Scheme for Multi-Server Environment Using Smart Cards. Int. J. Netw. Secur. 15 (5):350–356, 2013.
11.
Hwang, M.S., Lee, C.C., Tzeng, S.F., A New Proxy Signature Scheme for a Specified Group of Verifiers. Inf. Sci. 227 (1):102–115, 2013.CrossRefMATHMathSciNet
12.
Jiang, Q., Ma, J., Lu, X., Tian, Y., Robust Chaotic Map-Based Authentication and Key Agreement Scheme with Strong Anonymity for Telecare Medicine Information Systems. J. Med. Syst. 38 (2):12, 2014.CrossRef
13.
Kar, J., ID-Based Deniable Authentication Protocol Based on Diffie-Hellman Problem on Elliptic Curve. Int. J. Netw. Secur. 15 (5):357–364, 2013.
14.
Lee, T.F., An Efficient Chaotic Map-Based Authentication and Key Agreement Scheme Using Smartcards for Telecare Medicine Information Systems. J. Med. Syst. 37 (6):9985, 2013.CrossRef
15.
Lee, C.C., Li, C.T., Hsu, C.W., A Three-Party Password-Based Authenticated Key Exchange Protocol with User Anonymity Using Extended Chaotic Maps. Nonlinear Dyn. 73 (1-2):125–132, 2013.CrossRefMATHMathSciNet
16.
Lee, C.C., Chen, C.T., Li, C.T., Wu, P.H., A Practical RFID Authentication Mechanism for Digital Television, Telecommunication Systems: Article in press, 2013.
17.
Lee, C.C., Lou, D.C., Li, C.T., Hsu, C.W., An Extended Chaotic-Maps-Based Protocol with Key Agreement for Multiserver Environments. Nonlinear Dyn. 76 (1):853–866, 2014.CrossRefMathSciNet
18.
Li, C.T., and Hwang, M.S., An Efficient Biometrics-Based Remote User Authentication Scheme Using Smart Cards. J. Netw. Comput. Appl. 33 (1):1–5, 2010.CrossRef
19.
Li, C.T., and Hwang, M.S., A Lightweight Anonymous Routing Protocol Without Public Key En/Decryptions for Wireless ad Hoc Networks. Inf. Sci. 181 (23):5333–5347, 2011.CrossRefMATHMathSciNet
20.
Li, C.T., Secure Smart Card Based Password Authentication Scheme with User Anonymity. Inf. Technol. Control. 40 (2):157–162, 2011.
21.
Li, C.T., and Lee, C.C., A Robust Remote User Authentication Scheme Using Smart Card. Inf. Technol. Control. 40 (3):236–245, 2011.
22.
Li, C.T., and Lee, C.C., A Novel User Authentication and Privacy Preserving Scheme with Smart Cards for Wireless Communications. Math. Comput. Model. 55 (1-2):35–44 , 2012.CrossRefMATHMathSciNet
23.
Li, C.T., A New Password Authentication and User Anonymity Scheme Based on Elliptic Curve Cryptography and Smart Card. IET Inf. Secur. 7 (1):3–10, 2013.CrossRef
24.
Li, C.T., Lee, C.C., Weng, C.Y., Fan, C.I., An Extended Multi-Server-Based User Authentication and Key Agreement Scheme with User Anonymity. KSII Trans. Int. Inf. Syst. 7 (1):119–131, 2013.
25.
Li, C.T., Weng, C.Y., Lee, C.C., An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks. Sensors 13 (8):9589–9603, 2013.CrossRef
26.
Li, C.T., Lee, C.C., Weng, C.Y., An Extended Chaotic Maps Based User Authentication and Privacy Preserving Scheme Against DoS Attacks in Pervasive and Ubiquitous Computing Environments. Nonlinear Dyn. 74 (4):1133–1143, 2013.CrossRefMathSciNet
27.
Li, C.T., and Lee, C.C., More Secure Authenticated Group Key Agreement in a Mobile Environment. Inf. Int. Interdiscip. J. 16 (9(B)):6817–6830, 2013.
28.
Li, C.T., and Lee, C.C., A Novel User Authentication and Key Agreement Scheme with Smart Cards Over Insecure Networks. Inf. Int. Interdiscip. J. 17 (4):1271–1284, 2014.
29.
Liao, I.E., Lee, C.C., Hwang, M.S., A Password Authentication Scheme Over Insecure Networks. J. Comput. Syst. Sci. 72 (4):727–740, 2006.CrossRefMATHMathSciNet
30.
Ramasamy, R., and Muniyandi, A.P., An Efficient Password Authentication Scheme for Smart Card. Int. J. Netw. Secur. 14 (3):180–186, 2012.
31.
National Institute of Standards and Technology, US Department of Commerce, Secure Hash Standard, pp. 180–182: US Federal Information Processing Standard Publication, 2002.
32.
Wu, Z.Y., Lee, Y.C., Lai, F., Lee, H.C., Chung, Y., A Secure Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 36 (3):1529–1535, 2012.CrossRef
33.
Xu, X., Zhu, P., Wen, Q., Jin, Z., Zhang, H., He, L., A Secure and Efficient Authentication and Key Agreement Scheme Based on ECC for Telecare Medicine Information Systems. J. Med. Syst. 38 (1):9994, 2013.CrossRef
34.
Yang, L., Ma, J.F., Jiang, Q., Mutual Authentication Scheme with Smart Cards and Password Under Trusted Computing. Int. J. Netw. Secur. 14 (3):156–163, 2012.
Metadata
Title
A Secure Chaotic Maps and Smart Cards Based Password Authentication and Key Agreement Scheme with User Anonymity for Telecare Medicine Information Systems
Authors
Chun-Ta Li
Cheng-Chi Lee
Chi-Yao Weng
Publication date
01-09-2014
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 9/2014
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-014-0077-2

Other articles of this Issue 9/2014

Journal of Medical Systems 9/2014 Go to the issue

Systems-Level Quality Improvement

Understanding Critical Barriers to Implementing a Clinical Information System in a Nursing Home Through the Lens of a Socio-Technical Perspective

Systems-Level Quality Improvement

Decision Tree Based Diagnostic System for Moderate to Severe Obstructive Sleep Apnea

Patient Facing Systems

Modifying the ECC-Based Grouping-Proof RFID System to Increase Inpatient Medication Safety

Mobile Systems

Better Physical Activity Classification using Smartphone Acceleration Sensor

Mobile Systems

Improvement of a Uniqueness-and-Anonymity-Preserving User Authentication Scheme for Connected Health Care

Systems-Level Quality Improvement

A Secure Medical Data Exchange Protocol Based on Cloud Environment