Cryptanalysis and Improvement of RSA-based Authentication Scheme for Telecare Medical Information Systems

Keewon Kim (김기원)

doi:10.9708/jksci.2020.25.02.093

Cryptanalysis and Improvement of RSA-based Authentication Scheme for Telecare Medical Information Systems

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2020, 25(2), pp.93-103
DOI : 10.9708/jksci.2020.25.02.093
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science
Received : November 7, 2019
Accepted : January 27, 2020
Published : February 28, 2020

Keewon Kim ¹

¹단국대학교

Accredited

ABSTRACT

The telecare medical information system (TMIS) supports convenient and rapid health-care services. A secure and efficient authentication and key agreement scheme for TMIS provides safeguarding electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Giri et al. proposed an RSA-based remote user authentication scheme using smart cards for TMIS and claimed that their scheme could resist various malicious attacks. In this paper, we point out that their scheme is still vulnerable to lost smart card attacks and replay attacks and propose an improved scheme to prevent the shortcomings. As compared with the previous authentication schemes for TMIS, the proposed scheme is more secure and practical.

KEYWORDS

Telecare Medical Information System, Password Based Authentication, Smart Card, Security, Biometric

Citation status

* References for papers published after 2023 are currently being built.

[journal] C. Lambrinoudakis / 2000 / Managing Medical and Insurance Information Through a Smart-card-based Information System / Journal of Medical Systems / Springer Science and Business Media LLC 24(4) : 213~234

[journal] Leslie Lamport / 1981 / Password authentication with insecure communication / Communications of the ACM / Association for Computing Machinery (ACM) 24(11) : 770~772

[journal] Min-Shiang Hwang / 2000 / A new remote user authentication scheme using smart cards / IEEE Transactions on Consumer Electronics / Institute of Electrical and Electronics Engineers (IEEE) 46(1) : 28~30

[journal] Ya-Fen Chang / 2004 / A secure one-time password authentication scheme using smart cards without limiting login times / ACM SIGOPS Operating Systems Review / Association for Computing Machinery (ACM) 38(4) : 80~90

[journal] Zhen-Yu Wu / 2012 / A Secure Authentication Scheme for Telecare Medicine Information Systems / Journal of Medical Systems / Springer Science and Business Media LLC 36(3) : 1529~1535

[journal] He Debiao / 2012 / A More Secure Authentication Scheme for Telecare Medicine Information Systems / Journal of Medical Systems / Springer Science and Business Media LLC 36(3) : 1989~1995

[journal] Jianghong Wei / 2012 / An Improved Authentication Scheme for Telecare Medicine Information Systems / Journal of Medical Systems / Springer Science and Business Media LLC 36(6) : 3597~3604

[journal] Zhian Zhu / 2012 / An Efficient Authentication Scheme for Telecare Medicine Information Systems / Journal of Medical Systems / Springer Science and Business Media LLC 36(6) : 3833~3838

[journal] R. L. Rivest / 1978 / A method for obtaining digital signatures and public-key cryptosystems / Communications of the ACM / Association for Computing Machinery (ACM) 21(2) : 120~126

[journal] Muhammad Khurram Khan / 2013 / An Authentication Scheme for Secure Access to Healthcare Services / Journal of Medical Systems / Springer Science and Business Media LLC 37(4) : 9954~

[journal] Debasis Giri / 2015 / An Efficient and Robust RSA-Based Remote User Authentication for Telecare Medical Information Systems / Journal of Medical Systems / Springer Science and Business Media LLC 39(1) : 145~

[confproc] P. Kocher / 1999 / Differential Power Analysis / CRYPTO 99, LNCS 1666 : 388~397

[journal] T.S. Messerges / 2002 / Examining smart-card security under the threat of power analysis attacks / IEEE Transactions on Computers / Institute of Electrical and Electronics Engineers (IEEE) 51(5) : 541~552

[confproc] E. Brier / 2004 / Correlation Power Analysis with a Leakage Model / CHES 2004, LNCS 3156 : 16~29

[confproc] T. Eisenbarth / 2008 / On the Power of Power Analysis in the Real World : A Complete Break of the Keeloq Code Hopping Scheme / CRYPTO 08, LNCS 5157 : 203~220

[book] C. Boyd / 2003 / Protocols for Authentication and Key Establishment / Springer

[journal] Chou-Chen Yang / 2004 / Cryptanalysis of security enhancement for the timestamp-based password authentication scheme using smart cards / IEEE Transactions on Consumer Electronics / Institute of Electrical and Electronics Engineers (IEEE) 50(2) : 578~579

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

Cryptanalysis and Improvement of RSA-based Authentication Scheme for Telecare Medical Information Systems

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

Cryptanalysis and Improvement of RSA-based Authentication Scheme for Telecare Medical Information Systems

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (3)

REFERENCES (17) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.