Design Flaws and Cryptanalysis of a Standard Mutual Authentication Protocol for Cloud Computing-Based Healthcare System
As the connectivity of the people with the Internet is increasing the use of the healthcare system. Due to this technology, it is possible to save time and expenditure of the patients. In medical communication, security and privacy are an important concern. Authentication is the essential validating part of secure information and network communication. A mutual authentication scheme for cloud-assisted medical system is published by Mohit et al. (J Med Syst 41(4):50, 2017. https://doi.org/10.1007/s10916-017-0699-2). We have examined this protocol and found some design flaws and security issues in cloud environment. This protocol is vulnerable in different steps and phases. The proposed work shows that Mohit et al. framework inefficient in different phases. Therefore, mutual authentication and session key could not possible in these phases in telecare medical information system (TMIS). Finally, we provide solutions of Mohit et al. scheme.
KeywordsCloud computing Cryptanalysis Telecare medicine information systems Security
- 2.R. Amin, Cryptanalysis and efficient dynamic id based remote user authentication scheme in multi-server environment using smart card., IJ Network Security 18 (1) (2016) 172–181Google Scholar
- 3.D. Mishra, V. Kumar, S. Mukhopadhyay, A pairing-free identity based authentication framework for cloud computing, in: International Conference on Network and System Security, Springer, 2013, pp. 721–727Google Scholar
- 6.V. Kumar, M. Ahmad, P. Kumar, An identity-based authentication framework for big data security, in: Proceedings of 2nd International Conference on Communication, Computing and Networking, Springer, 2019, pp. 63–71Google Scholar
- 7.Kumar V, Kumari A (2013) New identity-based secure authenticated framework in ecc. ISST Journal of Mathematics and Computing System 3(2):41–44Google Scholar
- 10.Wazid M, Das AK, Kumari S, Li X, Wu F (2016) Design of an efficient and provably secure anonymity preserving three-factor user authentication and key agreement scheme for tmis. Security and Communication Networks 9(13):1983–2001Google Scholar