Abstract
The security of an authentication and integrity scheme for digital mammography images is a critical issue to ensure patients’ privacy are protected. In [1], Zhou et al claimed that their scheme is effective in a telemammography environment. After careful reviewing, we outline five weaknesses of the proposed scheme that could lead to a possible threat of the application during practical implementations. These flaws mainly lie in the cryptographic primitives used. We also recommend viable countermeasures and propose better cryptographic primitives for the improvements of the scheme.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zhou X Q, Huang H K, Lou S L (2001) Authenticity and integrity of digital mammography images. IEEE Trans Med Imaging 20(8):784–791DOI 10.1109/42.938246
DICOM standard at http://DICOM.nema.org
The MD5 message-digest algorithm at http://www.faqs.org/rfcs/rfc1321.html
National Institute of Standards and Technology (2000) Digital signature standard. FIPS PUB 186-2
National Institute of Standards and Technology (1993) Announcing the standard for data encryption standard (DES). FIPS PUB 46-2
Lin E, Delp E (1999) A review of fragile image watermarks, Proc Multimedia and Security Workshop (ACM Multimedia’ 99) 25–29
Zhu B B, Swanson M D (2003) Multimedia information retrieval and management: Technological fundamentals and applications, (chapter) Multimedia authentication and watermarking. Springer 148–177
Lenstra A K (2005) Further progress in hashing cryptanalysis
National Institute of Standards and Technology (1995) Secure hash standard. FIPS 180-1
Boneh D, Joux A, Nguyen P Q (2000) Why textbook ElGamal and RSA encryption are insecure, Proc. vol. 6, Intl Conference on the Theory & Application of Cryptology & Information Security, Kyoto, Japan, 2000, pp 30–43
Data encryption standard at http://en.wikipedia.org/wiki/Data_Encryption_Standard
Announcing approval of the withdrawal of FIPS 463 Data Encryption Standard (DES) at http://csrc.nist.gov/publications/fips/05-9945-DESWithdrawl.pdf
Kerckhoffs A (1883) La cryptographie militaire. J. des Sciences Militaires 8: 5–38
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Goh, A.W.T., Razali, E., Phan, R.C.W., Wong, M.L.D. (2008). On the Security of Zhou et al.’s Authentication and Integrity Scheme for Digital Mammography Images. In: Abu Osman, N.A., Ibrahim, F., Wan Abas, W.A.B., Abdul Rahman, H.S., Ting, HN. (eds) 4th Kuala Lumpur International Conference on Biomedical Engineering 2008. IFMBE Proceedings, vol 21. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69139-6_215
Download citation
DOI: https://doi.org/10.1007/978-3-540-69139-6_215
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69138-9
Online ISBN: 978-3-540-69139-6
eBook Packages: EngineeringEngineering (R0)