Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care
- PMID: 24994512
- DOI: 10.1007/s10916-014-0091-4
Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care
Abstract
Patient's privacy-preserving, security and mutual authentication between patient and the medical server are the important mechanism in connected health care applications, such as telecare medical information systems and personally controlled health records systems. In 2013, Wen showed that Das et al.'s scheme is vulnerable to the replay attack, user impersonation attacks and off-line guessing attacks, and then proposed an improved scheme using biometrics, password and smart card to overcome these weaknesses. However, we show that Wen's scheme is still vulnerable to off-line password guessing attacks, does not provide user's anonymity and perfect forward secrecy. Further, we propose an improved scheme to fix these weaknesses, and use the applied pi calculus based formal verification tool ProVerif to prove the security and authentication.
Similar articles
-
Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care.J Med Syst. 2015 Feb;39(2):10. doi: 10.1007/s10916-014-0179-x. Epub 2015 Jan 29. J Med Syst. 2015. PMID: 25631840
-
Robust anonymous authentication scheme for telecare medical information systems.J Med Syst. 2013 Apr;37(2):9911. doi: 10.1007/s10916-012-9911-6. Epub 2013 Jan 16. J Med Syst. 2013. PMID: 23321972
-
A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.J Med Syst. 2013 Jun;37(3):9948. doi: 10.1007/s10916-013-9948-1. Epub 2013 May 10. J Med Syst. 2013. PMID: 23660745
-
A Survey of Authentication Schemes in Telecare Medicine Information Systems.J Med Syst. 2017 Jan;41(1):14. doi: 10.1007/s10916-016-0658-3. Epub 2016 Nov 30. J Med Syst. 2017. PMID: 27900653 Review.
-
A Systematic Review on Password Guessing Tasks.Entropy (Basel). 2023 Sep 7;25(9):1303. doi: 10.3390/e25091303. Entropy (Basel). 2023. PMID: 37761602 Free PMC article. Review.
Cited by
-
Provably secure and lightweight blockchain based cross hospital authentication scheme for IoMT-based healthcare.Sci Rep. 2025 Feb 22;15(1):6461. doi: 10.1038/s41598-025-90219-5. Sci Rep. 2025. PMID: 39987251 Free PMC article.
-
An Efficient and Practical Smart Card Based Anonymity Preserving User Authentication Scheme for TMIS using Elliptic Curve Cryptography.J Med Syst. 2015 Nov;39(11):180. doi: 10.1007/s10916-015-0351-y. Epub 2015 Oct 3. J Med Syst. 2015. PMID: 26433889
-
Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care.J Med Syst. 2015 Feb;39(2):10. doi: 10.1007/s10916-014-0179-x. Epub 2015 Jan 29. J Med Syst. 2015. PMID: 25631840
-
An improved authenticated key agreement protocol for telecare medicine information system.Springerplus. 2016 May 3;5:555. doi: 10.1186/s40064-016-2018-7. eCollection 2016. Springerplus. 2016. PMID: 27218005 Free PMC article.
-
Three-factor anonymous authentication and key agreement scheme for Telecare Medicine Information Systems.J Med Syst. 2014 Dec;38(12):136. doi: 10.1007/s10916-014-0136-8. Epub 2014 Oct 29. J Med Syst. 2014. PMID: 25352490
References
Publication types
MeSH terms
LinkOut - more resources
Full Text Sources
Other Literature Sources
Research Materials
Miscellaneous
