Open AccessEnabling Telecare Medical Information Systems With Strong Authentication and Anonymity
Author(s) -
Hu Xiong,
Junyi Tao,
Chen Yuan
Publication year - 2017
Publication title -
ieee access
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.587
H-Index - 127
ISSN - 2169-3536
DOI - 10.1109/access.2017.2678104
Subject(s) - aerospace , bioengineering , communication, networking and broadcast technologies , components, circuits, devices and systems , computing and processing , engineered materials, dielectrics and plasmas , engineering profession , fields, waves and electromagnetics , general topics for engineers , geoscience , nuclear engineering , photonics and electrooptics , power, energy and industry applications , robotics and control systems , signal processing and analysis , transportation
Telecare medical information system (TMIS) is highly desirable to users by allowing them to remotely access medical services or medical information and security, such as authentication and privacy preserving of users is challenging. Recently, some smart card-based password authentication (two-factor authentication) schemes have been proposed. In this paper, we use Chaudhry et al.'s scheme as a case study and demonstrate that a family of two-factor authentication schemes for the TMIS are not secure against offline dictionary attack and fail to revoke the stolen/lost smart card. Furthermore, an improved two-factor authentication scheme with anonymity has been proposed to remedy the weakness of these schemes. The security analysis of the proposed solution is formally given with the random oracle model and Burrows-Abadi-Needham logic.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom