Abstract
Telecare medical information systems (TMIS), with the explosive growth of communication technology and physiological monitoring devices, are applied increasingly to enable and support healthcare delivery services. In order to safeguard patients’ privacy and tackle the illegal access, authentication schemes for TMIS have been investigated and designed by many researchers. Many of them are promising for adoption in practice, nevertheless, they still have security flaws. In this paper, we propose a novel remote authentication scheme for TMIS using self-certified public keys, which is formally secure in the ID-mBJM model. Besides, the proposed scheme has better computational efficiency. Compared to the related schemes, our protocol is more practical for telemedicine system.
Similar content being viewed by others
References
Das, M.L., Two-factor user authentication in wireless sensor networks. IEEE Trans. Wirel. Commun. 8(3): 1086–1090, 2009.
Wen, F.T., Susilo, W., Yang, G.M., A robust smart card-based anonymous user authentication protocol for wireless communications. Security Comm. Networks 7(6):987C993, 2013.
Guo, D.L., and Wen, F.T., Analysis and improvement of a robust smart card based-authentication scheme for multi-server architecture. Wireless Pers. Commun. 78(1):475–490, 2014.
Wu, C., Lee, B., Tsaur, W., A secure authentication scheme with anonymity for wireless communications. IEEE Commun. Lett. 12(10):722–723, 2008.
Li, X., Wen, Q., Zhang, H., Jin, Z., An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks. Int. J. Netw. Manag. 23(5):311–324, 2013.
Wu, Z.Y., Lee, Y.C., Lai, F., Lee, H.C., Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.
He, D.B., Chen, J.H., Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.
Wei, J., Hu, X., Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36 (6):3597–3604, 2012.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6): 3833–3838, 2012.
Pu, Q., Wang, J., Zhao, R.Y., Strong authentication scheme for telecare medicine information systems. J. Med. Syst. 36 (4):2609–2619, 2012.
Chen, H.M., Lo, J.W., Yeh, C.K., An efficient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.
Cao, T.J., and Zhai, J.X., Improved dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst., 2013. doi:10.1007/s10916-012-9912-5.
Xie, Q., Zhang, J., Dong, N., Robust anonymous authentication scheme for telecare medical information systems. J. Med. Syst., 2013. doi:10.1007/s10916-012-9911-6.
Lin, H.Y., On the security of a dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst., 2013. doi:10.1007/s10916-013-9929-4.
Jiang, Q., Ma, J.F., Ma, Z., Li, G.S., A privacy enhanced authentication scheme for telecare medical information systems. J. Med. Syst., 2013. doi:10.1007/s10916-012-9897-0.
Wu, F., and Xu, L., Security analysis and improvement of a privacy authentication scheme for telecare medical information systems. J. Med. Syst., 2014. doi:10.1007/s10916-013-9958-z.
Wen, F., and Guo, D., An improved anonymous authentication scheme for telecare medical information systems. J. Med. Syst., 2014. doi:10.1007/s10916-014-0026-0.
Li, T., Lee, C., Weng, C., A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. J. Med. Syst., 2014. doi:10.1007/s10916-014-0077-2.
Das, A.K., and Goswami, A., An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function. J. Med. Syst., 2014. doi:10.1007/s10916-014-0027-z.
Islam, S.K., and Biswas, G.P., A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J. Syst. Softw. 84(11):1892C 1898, 2011.
Li, C.T., A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card. IET Inforamtion. Security 7(1):3–10, 2013.
Liu, J., Zhang, Z., Chen, X., Kwak, K., Certificateless remote anonymous authentication schemes for wireless body sensor networks. IEEE Trans. Parallel Distrib. Syst. 25(2):332–342, 2014.
Zhao, Z., An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. J. Med. Syst., 2014. doi:10.1007/s10916-014-0013-5.
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. Proceedings of Advances in Cryptology, Santa Barbara, CA, U.S.A., pp. 388–397 (1999)
Messerges, T.S., Dabbish, E.A., Sloan, E.A., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.
Chang, Y.F., Yu, S.H., Shiao, D.R., An uniqueness-andanonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37:9902, 2013.
Joux, A., A one round protocol for tripartite Diffie? CHellman 4th International Symposium on Algorithmic Number Theory, Lecture Notes in Comput. Sci. Vol. 1838, p. 385C394. New York: Springer, 2000.
Boneh, D., and Franklin, M., Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3): 586C615, 2003.
Wang, S., Cao, Z., Choo, K., Wang, L., An improved identity-based key agreement protocol and its security proof. Info. Sci. 179:307–318, 2009.
Kudla, C., Special signature schemes and key agreement protocols, PH.D. Thesis: Royal Holloway University of London , 2006.
Kudla, C., and Paterson, K.: Modular security proofs for key agreement protocols. In: Proceedings ASIACRYPT’05, LNCS, Vol. 3788, pp. 549–565 (2005)
Acknowledgments
The authors are grateful to the editor and anonymous reviewers for their valuable suggestions, which improved the paper. This work is supported by NSFC (Grant Nos. 61300181, 61202434), the Fundamental Research Funds for the Central Universities (Grant No. 2015RC23).
Author information
Authors and Affiliations
Corresponding author
Additional information
This article is part of the Topical Collection on Systems-Level Quality Improvement
Rights and permissions
About this article
Cite this article
Guo, D., Wen, Q., Li, W. et al. A Novel Authentication Scheme Using Self-certified Public Keys for Telecare Medical Information Systems. J Med Syst 39, 62 (2015). https://doi.org/10.1007/s10916-015-0245-z
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10916-015-0245-z