An enhanced scheme for mutual authentication for healthcare services

Küçük Resim

Dosyalar

1-s2.0-S2352864821000377-main.pdf (1.38 MB)

Tarih

2022

Yazarlar

Dergi Başlığı

Dergi ISSN

Cilt Başlığı

Yayıncı

KEAI PUBLISHING LTD, 16 DONGHUANGCHENGGEN NORTH ST, BEIJING, DONGCHENG DISTRICT 100717, PEOPLES R CHINA

Erişim Hakkı

info:eu-repo/semantics/openAccess
Attribution-NonCommercial-NoDerivs 3.0 United States

Özet

With the advent of state-of-art technologies, the Telecare Medicine Information System (TMIS) now offers fast and convenient healthcare services to patients at their doorsteps. However, this architecture engenders new risks and challenges to patients' and the server's confidentiality, integrity and security. In order to avoid any resource abuse and malicious attack, employing an authentication scheme is widely considered as the most effective approach for the TMIS to verify the legitimacy of patients and the server. Therefore, several authentication protocols have been proposed to this end. Very recently, Chaudhry et al. identified that there are vulnerabilities of impersonation attacks in Islam et al.'s scheme. Therefore, they introduced an improved protocol to mitigate those security flaws. Later, Qiu et al. proved that these schemes are vulnerable to the man-in-the-middle, impersonation and offline password guessing attacks. Thus, they introduced an improved scheme based on the fuzzy verifier techniques, which overcome all the security flaws of Chaudhry et al.'s scheme. However, there are still some security flaws in Qiu et al.'s protocol. In this article, we prove that Qiu et al.'s protocol has an incorrect notion of perfect user anonymity and is vulnerable to user impersonation attacks. Therefore, we introduce an improved protocol for authentication, which reduces all the security flaws of Qiu et al.'s protocol. We also make a comparison of our protocol with related protocols, which shows that our introduced protocol is more secure and efficient than previous protocols.

Açıklama

Anahtar Kelimeler

Authentication protocol, Security protocol, Anonymous protocol, Impersonation attack, TMIS

Kaynak

Digital Communications and Networks

WoS Q Değeri

Q1

Scopus Q Değeri

Q1

Cilt

8

Sayı

2

Künye

Bağlantı

https://hdl.handle.net/11363/6022
 https://doi.org/

Koleksiyon

Web of Science ve Scopus Atıf Dizinlerindeki Yayınlar
Scopus İndeksli Yayınlar Koleksiyonu
WoS İndeksli Yayınlar Koleksiyonu