Design Flaws and Cryptanalysis of a Standard Mutual Authentication Protocol for Cloud Computing-Based Healthcare System

  • Adesh Kumari
  • M. Yahya Abbasi
  • Vinod KumarEmail author
  • Mansaf Alam
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 612)


As the connectivity of the people with the Internet is increasing the use of the healthcare system. Due to this technology, it is possible to save time and expenditure of the patients. In medical communication, security and privacy are an important concern. Authentication is the essential validating part of secure information and network communication. A mutual authentication scheme for cloud-assisted medical system is published by Mohit et al. (J Med Syst 41(4):50, 2017. We have examined this protocol and found some design flaws and security issues in cloud environment. This protocol is vulnerable in different steps and phases. The proposed work shows that Mohit et al. framework inefficient in different phases. Therefore, mutual authentication and session key could not possible in these phases in telecare medical information system (TMIS). Finally, we provide solutions of Mohit et al. scheme.


Cloud computing Cryptanalysis Telecare medicine information systems Security 


  1. 1.
    Kumar V, Jangirala S, Ahmad M (2018) An efficient mutual authentication framework for healthcare system in cloud computing. Journal of medical systems 42(8):142CrossRefGoogle Scholar
  2. 2.
    R. Amin, Cryptanalysis and efficient dynamic id based remote user authentication scheme in multi-server environment using smart card., IJ Network Security 18 (1) (2016) 172–181Google Scholar
  3. 3.
    D. Mishra, V. Kumar, S. Mukhopadhyay, A pairing-free identity based authentication framework for cloud computing, in: International Conference on Network and System Security, Springer, 2013, pp. 721–727Google Scholar
  4. 4.
    Chaudhry SA, Khan MT, Khan MK, Shon T (2016) A multiserver biometric authentication scheme for tmis using elliptic curve cryptography. Journal of medical systems 40(11):230CrossRefGoogle Scholar
  5. 5.
    Debiao H, Jianhua C, Rui Z (2012) A more secure authentication scheme for telecare medicine information systems. Journal of Medical Systems 36(3):1989–1995CrossRefGoogle Scholar
  6. 6.
    V. Kumar, M. Ahmad, P. Kumar, An identity-based authentication framework for big data security, in: Proceedings of 2nd International Conference on Communication, Computing and Networking, Springer, 2019, pp. 63–71Google Scholar
  7. 7.
    Kumar V, Kumari A (2013) New identity-based secure authenticated framework in ecc. ISST Journal of Mathematics and Computing System 3(2):41–44Google Scholar
  8. 8.
    V. Kumar, M. Ahamad, A. Kumari, P. Kumar, A study of pairing-free identity based mutual authentication protocol for cloud computing, Int. journal of Engineering Research and Application 7 (7) (2017) 10–14CrossRefGoogle Scholar
  9. 9.
    Kumar V, Ahmad M, Kumari A (2019) A secure elliptic curve cryptography based mutual authentication protocol for cloud-assisted TMIS. Telemat Inform 38:100–117CrossRefGoogle Scholar
  10. 10.
    Wazid M, Das AK, Kumari S, Li X, Wu F (2016) Design of an efficient and provably secure anonymity preserving three-factor user authentication and key agreement scheme for tmis. Security and Communication Networks 9(13):1983–2001Google Scholar
  11. 11.
    Sureshkumar V, Anitha R, Rajamanickam N, Amin R (2017) A lightweight two-gateway based payment protocol ensuring accountability and unlinkable anonymity with dynamic identity. Computers & Electrical Engineering 57:223–240CrossRefGoogle Scholar
  12. 12.
    Gope P, Amin R (2016) A novel reference security model with the situation based access policy for accessing ephr data. Journal of medical systems 40(11):242CrossRefGoogle Scholar
  13. 13.
    Mohit P, Amin R, Karati A, Biswas G, Khan MK (2017) A standard mutual authentication protocol for cloud computing based health care system. Journal of medical systems 41(4):50CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  • Adesh Kumari
    • 1
  • M. Yahya Abbasi
    • 1
  • Vinod Kumar
    • 2
    Email author
  • Mansaf Alam
    • 3
  1. 1.Department of MathematicsJamia Millia IslamiaNew DelhiIndia
  2. 2.Department of Applied Sciences and HumanitiesJamia Millia IslamiaNew DelhiIndia
  3. 3.Department of Computer ScienceJamia Millia IslamiaNew DelhiIndia

Personalised recommendations