Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems
作者: Hamed Arshad , Abbas Rasoolzadegan
DOI: 10.1007/S10916-016-0585-3
关键词:
摘要: Authentication and key agreement schemes play a very important role in enhancing the level of security telecare medicine information systems (TMISs). Recently, Amin Biswas demonstrated that authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks privileged insider also does not provide user anonymity. They an improved scheme, claiming it resists various attacks. However, this paper demonstrates Biswas's defenseless against replay perfect forward secrecy. This shows al.'s only suffers from weaknesses pointed out Biswas, but Moreover, proposes novel overcome mentioned weaknesses. Security performance analyses show overcomes weaknesses, more efficient than previous schemes.
springer.com
acm.org
um.ac.ir
sci-hub.se 参考文章(56)
Yen Sung-Ming, Liao Kuo-Hong, Shared authentication token secure against replay and weak key attacks Information Processing Letters. ,vol. 62, pp. 77- 80 ,(1997) , 10.1016/S0020-0190(97)00046-X
Ruhul Amin, G. P. Biswas, An Improved RSA Based User Authentication and Session Key Agreement Protocol Usable in TMIS Journal of Medical Systems. ,vol. 39, pp. 1- 14 ,(2015) , 10.1007/S10916-015-0262-Y
Ruhul Amin, SK Hafizul Islam, G. P. Biswas, Muhammad Khurram Khan, Xiong Li, Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems Journal of Medical Systems. ,vol. 39, pp. 1- 21 ,(2015) , 10.1007/S10916-015-0318-Z
SK Hafizul Islam, Design and analysis of an improved smartcard-based remote user password authentication scheme International Journal of Communication Systems. ,vol. 29, pp. 1708- 1719 ,(2016) , 10.1002/DAC.2793
D.V. Klein, Foiling the cracker: A survey of, and improvements to, password security Programming and Computer Software. ,vol. 17, ,(1992)
Ya-Fen Chang, Wei-Liang Tai, Hung-Chin Chang, Untraceable dynamic-identity-based remote user authentication scheme with verifiable password update International Journal of Communication Systems. ,vol. 27, pp. 3430- 3440 ,(2014) , 10.1002/DAC.2552
Yannick Chevalier, Luca Compagna, Jorge Cuellar, Paul Hankes Drielsma, Jacopo Mantovani, Sebastian Mödersheim, Laurent Vigneron, None, A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols Workshop on Specification and Automated Processing of Security Requirements - SAPS'2004. ,(2004)
Wei-Chi Ku, Chien-Ming Chen, Hui-Lung Lee, Cryptanalysis of a Variant of Peyravian-Zunic's Password Authentication Scheme IEICE Transactions on Communications. ,vol. 86, pp. 1682- 1684 ,(2003)
Debiao He, Sherali Zeadally, Baowen Xu, Xinyi Huang, An Efficient Identity-Based Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks IEEE Transactions on Information Forensics and Security. ,vol. 10, pp. 2681- 2691 ,(2015) , 10.1109/TIFS.2015.2473820
Saru Kumari, Mridul K. Gupta, Muhammad Khurram Khan, Xiong Li, An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement Security and Communication Networks. ,vol. 7, pp. 1921- 1932 ,(2014) , 10.1002/SEC.906