Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

Keynote webinar | Spotlight on medication adherence

LIVE: Thursday 27th June 2024, 18:00-19:30 (CEST)
Join our expert panel to discover why you need to understand the drivers of non-adherence in your patients, and how you can optimize medication adherence in your clinics to drastically improve patient outcomes.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 2/2013

01-04-2013 | Original Paper

Simple Group Password-based Authenticated Key Agreements for the Integrated EPR Information System

Authors: Tian-Fu Lee, I-Pin Chang, Ching-Cheng Wang

Published in: Journal of Medical Systems | Issue 2/2013

Login to get access

Abstract

The security and privacy are important issues for electronic patient records (EPRs). The goal of EPRs is sharing the patients’ medical histories such as the diagnosis records, reports and diagnosis image files among hospitals by the Internet. So the security issue for the integrated EPR information system is essential. That is, to ensure the information during transmission through by the Internet is secure and private. The group password-based authenticated key agreement (GPAKE) allows a group of users like doctors, nurses and patients to establish a common session key by using password authentication. Then the group of users can securely communicate by using this session key. Many approaches about GAPKE employ the public key infrastructure (PKI) in order to have higher security. However, it not only increases users’ overheads and requires keeping an extra equipment for storing long-term secret keys, but also requires maintaining the public key system. This investigation presents a simple group password-based authenticated key agreement (SGPAKE) protocol for the integrated EPR information system. The proposed SGPAKE protocol does not require using the server or users’ public keys. Each user only remembers his weak password shared with a trusted server, and then can obtain a common session key. Then all users can securely communicate by using this session key. The proposed SGPAKE protocol not only provides users with convince, but also has higher security.
Literature
1.
2.
Wu, Z., Chung, Y., Lai, F., and Chen, T., A password-based user authentication scheme for the integrated EPR information system. J. Med. Syst. 36(2):631–638, 2012.CrossRef
3.
Lee, W. B., and Lee, C. D., A cryptographic key management solution for HIPAA privacy/security regulations. IEEE Trans. Inf. Technol. Biomed. 12(1):34–41, 2008.CrossRef
4.
Van Der Haak, M., Wolff, A. C., Brandner, R., Drings, P., Wannenmacher, M., and Wetter, T., Data security and protection in cross-institutional electronic patient records. Int. J. Med. Inform. 70(2–3):14, 2003.
5.
Tsai, F. S., Security issues in e-healthcare. J. Med. Biol. Eng. 30(4):209–214, 2010.CrossRef
6.
7.
Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst., 2010. doi:10.​1007/​s10916-010-9614-9.
8.
Tzeng, W.-G., Tzeng, Z.-J., Round-efficient conference key agreement protocols with provable security. Proc. of Advances in Cryptology –ASIACRYPT 2000. LNCS 1976, 614–627, 2000.
9.
Tzeng, W.-G., A secure fault-tolerant conference-key agreement protocol. IEEE Trans. Comput. 51(4):373–379, 2002.MathSciNetCrossRef
10.
Boyd, C., Nieto, J. M. G., Round-optimal contributory conference key agreement. Public Key Cryptography - PKC 2003. LNCS 2567, 161–174, 2003.
11.
Lee, T.-F., Hwang, T., Improvement of the round-optimal conference key agreement protocol of Boyd and Nieto. 16th Information Security Conference. 98–102, 2006.
12.
Lee, T.-F., Wen, H.-A., Hwang, T., A weil pairing-based round-efficient and fault-tolerant group key agreement protocol for sensor networks. IEEE Press - Sensor Network Operations. 571–579, 2006.
13.
Jeong, I., and Lee, D., Key agreement for key hypergraph. Comput. Secur. 26:452–458, 2007.CrossRef
14.
Lee, T.-F., Wen, H.-A., Jin, Y.-C., Chen, C.-S., Password-based group key agreement with server’s public key for Hypergraphs. 2008 Symposium on Applications of Information, Management and Communication Technology, 2008.
15.
Lee, S.M., Hwang, J.-Y., Lee, D.-H., Efficient password-based group key exchange. TrustBus 2004: Trust and Privacy in Digital Business, 1st International Conference. LNCS 3184, 191–199, 2004.
16.
Abdalla, M., Bresson, E. l., Chevassut, O., Pointcheval, D., Password-based group key exchange in a constant number of rounds. Public Key Cryptography - PKC 2006. LNCS 3958, 427–442, 2006.
17.
Dutta, R., and Barua, R., Password-based encrypted group key agreement. Int. J. Netw. Secur. 3(1):30–41, 2006.
18.
Abdalla, M., Pointcheval, D., Simple password-based authenticated key protocols. Topics in Cryptology - CT-RSA 2005. LNCS 3376, 191–208, 2005.
19.
20.
Kim, H.-J., Lee, S.-M., Lee, D.-H., Constant-round authenticated group key exchange for dynamic groups. Advances in Cryptology – ASIACRYPT 2004. LNCS 3329, 245–259, 2004.
21.
Bresson, E., Chevassut, O., Pointcheval, D., Provably authenticated group Diffie-Hellman key exchange – the dynamic case. Advances in Cryptology– ASIACRYPT 2001. LNCS 2248, 290–309, 2001.
22.
Bresson, E., Chevassut, O., Pointcheval, D., Group Diffie-Hellman key exchange secure against dictionary attacks. Advances in Cryptology– ASIACRYPT 2002. LNCS 2501, 497–514, 2002.
23.
Bresson, E., Chevassut, O., Pointcheval, D., Dynamic group Diffie-Hellman key exchange under standard assumptions. Advances in Cryptology – EUROCRYPT 2002. LNCS 2332, 321–336, 2002.
Metadata
Title
Simple Group Password-based Authenticated Key Agreements for the Integrated EPR Information System
Authors
Tian-Fu Lee
I-Pin Chang
Ching-Cheng Wang
Publication date
01-04-2013
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 2/2013
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-012-9916-1

Other articles of this Issue 2/2013

Journal of Medical Systems 2/2013 Go to the issue

Original Paper

Intelligent Medical Disease Diagnosis Using Improved Hybrid Genetic Algorithm - Multilayer Perceptron Network

Original Paper

An Effective and Secure Key-Management Scheme for Hierarchical Access Control in E-Medicine System

Original Paper

Evaluating Acceptance and User Experience of a Guideline-based Clinical Decision Support System Execution Platform

Original Paper

A Uniqueness-and-Anonymity-Preserving Remote User Authentication Scheme for Connected Health Care

Original Paper

Barriers to the Widespread Adoption of Health Data Standards: An Exploratory Qualitative Study in Tertiary Healthcare Organizations in Saudi Arabia

Original Paper

An Automated Diagnosis System of Liver Disease using Artificial Immune and Genetic Algorithms