Abstract
User authentication and privacy is quite essential in telecare medicine information systems (TMIS) for a secure and efficient access of the healthcare services. Very recently, in 2014, Li et al. proposed an efficient chaotic maps and smart cards based password authentication and key agreement scheme TMIS (Journal of Medical Systems). In this paper, we analyze that though the Li et al. scheme is computationally efficient, it has several security weaknesses. As for example, it has design flaws in both login authentication phase and in password change phase. Moreover, it cannot resist denial-of-service attack and adopts incorrect strategy in design of server status table. As a result, the Li et al. scheme is not suitable for practical applications. Finally, we hint at some possible improvements that can be adopted by their scheme to make it more secured against various possible known attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chang, C.C., Lee, C.Y.: A smart card-based authentication scheme uing user identify cryptography. Int. J. Netw. Secur. 15(2), 139–147 (2013)
Das, A.K.: Improving identity-based random key establishment scheme for large-scale hierarchical wireless sensor networks. Int. J. Netw. Secur. 14(1), 121 (2012)
He, D., Zhao, W., Wu, S.: Security analysis of a dynamic ID-based authentication scheme for multi-server environment using smart cards. Int. J. Netw. Secur. 15(5), 350–356 (2013)
Kar, J.: ID-based deniable authentication protocol based on diffie-hellman problem on elliptic curve. Int. J. Netw. Secur. 15(5), 357–364 (2013)
Lee, C.C., Lou, D.C., Li, C.T., Hsu, C.W.: An extended chaotic-maps-based protocol with key agreement for multiserver environments. Nonlinear Dyn. 76(1), 853–866 (2014)
Li, C.T., Hwang, M.S.: An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1), 15 (2010)
Lee, C.C., Li, C.T., Hsu, C.W.: A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps. Nonlinear Dyn. 73(1–2), 125–132 (2013)
Guo, C., Chang, C.C.: Chaotic Maps-Based PasswordAuthenticated Key Agreement Using Smart Cards. Commun. Nonlinear Sci. Numer. Simul. 18(6), 1433–1440 (2013)
Hao, X., Wang, J., Yang, Q., Yan, X., Li, P.: A chaotic map based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(2), 9919 (2013)
Jiang, Q., Ma, J., Lu, X., Tian, Y.: Robust Chaotic mapbased authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J. Med. Syst. 38(2), 12 (2014)
Lee, T.F.: An efficient chaotic map-based authentication and key agreement scheme using smartcards for telecare medicine information systems. J. Med. Syst. 37(6), 9985 (2013)
Kocarev, L., Tasev, Z.: Public-key encryption based on Chebyshev maps. Proc. Int. Symp. Circ. Syst. 3:III-28–III-31 (2003)
Bergamo, P., DArco, P., Santis, A., Kocarev, L.: Security of public-key cryptosystems based on Chebyshev polynomials. IEEE Trans. Circ. Syst.-I 52:1382–1393 (2005)
Li, C.T., Lee, C.C., Weng, C.Y.: A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. J. Med. Syst. 38, 77 (2014). doi:10.1007/s10916-014-0077-2
Zhang, L.: Cryptanalysis of the public key encryption based on multiple chaotic systems. Chaos. Soliton. Fract. 37(3), 669–674 (2008)
Das, A.K., Goswami, A.: An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function. J. Med. Syst. 38, 27 (2014). doi:10.1007/s10916-014-0027-z
Mishra, D., Srinivas, J., Mukhopadhyay, S.: A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systemss. J. Med. Syst. 38, 120 (2014). doi:10.1007/s10916-014-0120-3
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer India
About this paper
Cite this paper
Roy, S., Chatterjee, S. (2016). Cryptanalysis of a Chaotic Map-Based Authentication and Key Agreement Scheme for Telecare Medicine Information Systems. In: Das, S., Pal, T., Kar, S., Satapathy, S., Mandal, J. (eds) Proceedings of the 4th International Conference on Frontiers in Intelligent Computing: Theory and Applications (FICTA) 2015. Advances in Intelligent Systems and Computing, vol 404. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2695-6_44
Download citation
DOI: https://doi.org/10.1007/978-81-322-2695-6_44
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2693-2
Online ISBN: 978-81-322-2695-6
eBook Packages: EngineeringEngineering (R0)