Abstract
The security provisioning of increasing healthcare data is of critical importance. The e-health clouds can be seen as a move towards an efficient management of such a big volume of healthcare data. Many schemes have been presented to bring more security and privacy along with efficiency, in the handling of data for booming e-health industry. Recently, in this connection, Jiang et al. (J Supercomput 1–24 doi:10.1007/s11227-015-1610-x, 2016) presented a three-factor authentication protocol for e-health clouds. In this letter, we identify a serious flaw in the mutual authentication phase of the scheme, since an adversary may launch a denial-of-service attack (DoS) against the service providing server. Finally, we suggest a modification in the scheme to overcome the DoS attack.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Wu F, Xu L, Kumari S, Li X (2015) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput Electr Eng. doi:10.1016/j.compeleceng.2015.02.015
Jiang Q, Khan MK, Lu X, Ma J, He D (2016) A privacy preserving three-factor authentication protocol for e-Health clouds. J Supercomput 1–24. doi:10.1007/s11227-015-1610-x
Kilinc HH, Yanik T (2014) A survey of SIP authentication and key agreement schemes. IEEE Commun Surv Tutor 16(2):1005–1023
Author information
Authors and Affiliations
Corresponding author
Additional information
Research has been done with maiden name Shahzad Ashraf, publication was made with the (new) name Shahzad Ashraf Chaudhry.
Rights and permissions
About this article
Cite this article
Irshad, A., Ashraf Chaudhry, S. Comments on “A privacy preserving three-factor authentication protocol for e-health clouds”. J Supercomput 73, 1504–1508 (2017). https://doi.org/10.1007/s11227-016-1837-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-016-1837-1