Abstract
It is not always possible for a patient to go to a doctor in critical or urgent period. Telecare Medical Information Systems (TMIS) provides a facility by which a patient can communicate to a doctor through a medical server via internet from home. To hide the secret information of both parties (a server and a patient), an authentication mechanism is needed in TMIS. In 2013, Khan and Kumari proposed the authentication schemes for TMIS. In this paper, we have shown that Khan and Kumari’s scheme is insecure against off-line password guessing attack. We have also shown that Khan and Kumari’s scheme does not provide any security if the password of a patient is compromised. To improve the security and efficiency, a new authentication scheme for TMIS has been proposed in this paper. Further, the proposed scheme can resist all possible attacks and has better performance than the related schemes published earlier.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Lamport, L., Password authentication with insecure communication. Commun. ACM 24(11):770–772, 1981.
Hwang, M.S., and Li, L.H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1):28–30, 2000.
Lee, N.Y., Wu, C.N., Wang, C.C., Authenticated multiple key exchange protocols based on elliptic curves and bilinear pairings. Comput. Electr. Eng. 34(1):12–20, 2008.
Yang, J.H., and Chang, C.C., An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Comput. Secur. 28(3–4):138–143, 2009.
Wang, R.C., Juang, W.S., Lei, C.L., Provably secure and efficient identification and key agreement protocol with user anonymity. J. Comput Syst. Sci. 77(4):790–798, 2011.
He, D., Chen, J., Chen, Y., A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur. Commun. Netw. 5(12):1423–1429, 2012.
Wu, Z.Y., Lee, Y.C., Lai, F., Lee, H.C., Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.
Shor, P., Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5):1484–1509, 1997.
He, D., Chen, J., Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.
Wei, J., Hu, X., Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6): 3833–3838, 2012.
Rivest, R.L., Shamir, A., Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2):120–126, 1978.
Khan, M.K., and Kumari, S., Authentication scheme for secure access to healthcare services. J. Med. Syst. 37(4):1–12, 2013.
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO’99), LNCS, vol. 1666, pp. 388–397 (1999)
Messerges, T.S., Dabbish, E.A., Sloan, R.H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.
Potlapally, N., Ravi, S., Raghunathan, A., Jha, N., A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Trans. Mobile Comput. 5(2):128–143, 2006.
Author information
Authors and Affiliations
Corresponding author
Additional information
This article is part of the Topical Collection on Transactional Processing Systems
Rights and permissions
About this article
Cite this article
Giri, D., Maitra, T., Amin, R. et al. An Efficient and Robust RSA-Based Remote User Authentication for Telecare Medical Information Systems. J Med Syst 39, 145 (2015). https://doi.org/10.1007/s10916-014-0145-7
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10916-014-0145-7