Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications
- 30 November 2016
- journal article
- research article
- Published by Springer Science and Business Media LLC in Journal of Medical Systems
- Vol. 40 (12), 268-268:12
- https://doi.org/10.1007/s10916-016-0629-8
Abstract
Benefited from the development of network and communication technologies, E-health care systems and telemedicine have got the fast development. By using the E-health care systems, patient can enjoy the remote medical service provided by the medical server. Medical data are important privacy information for patient, so it is an important issue to ensure the secure of transmitted medical data through public network. Authentication scheme can thwart unauthorized users from accessing services via insecure network environments, so user authentication with privacy protection is an important mechanism for the security of E-health care systems. Recently, based on three factors (password, biometric and smart card), an user authentication scheme for E-health care systems was been proposed by Amin et al., and they claimed that their scheme can withstand most of common attacks. Unfortunate, we find that their scheme cannot achieve the untraceability feature of the patient. Besides, their scheme lacks a password check mechanism such that it is inefficient to find the unauthorized login by the mistake of input a wrong password. Due to the same reason, their scheme is vulnerable to Denial of Service (DoS) attack if the patient updates the password mistakenly by using a wrong password. In order improve the security level of authentication scheme for E-health care application, a robust user authentication scheme with privacy protection is proposed for E-health care systems. Then, security prove of our scheme are analysed. Security and performance analyses show that our scheme is more powerful and secure for E-health care systems when compared with other related schemes.Keywords
This publication has 31 references indexed in Scilit:
- Applying biometrics to design three‐factor remote user authentication scheme with key agreementSecurity and Communication Networks, 2013
- An enhanced smart card based remote user password authentication schemeJournal of Network and Computer Applications, 2013
- Security flaws in two improved remote user authentication schemes using smart cardsInternational Journal of Communication Systems, 2012
- Secure Dynamic Identity-Based Authentication Scheme Using Smart CardsInformation Security Journal: A Global Perspective, 2011
- Cryptanalysis and security enhancement of a ‘more efficient & secure dynamic ID-based remote user authentication scheme’Computer Communications, 2011
- Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cardsJournal of Network and Computer Applications, 2011
- Advanced smart card based password authentication protocolComputer Standards & Interfaces, 2010
- A more efficient and secure dynamic ID-based remote user authentication schemeComputer Communications, 2009
- An improved smart card based password authentication scheme with provable securityComputer Standards & Interfaces, 2008
- Examining smart-card security under the threat of power analysis attacksIEEE Transactions on Computers, 2002