Abstract
Nowadays, users/patients may gain desired medical services on-line because of the rapid development of computer network technologies. Conventional healthcare services are provided by a single server. However, care team collaboration by integrating services is the key to improve financial and clinical performance. How a user/patient accesses desired medical services provided by multiple servers becomes a challenge to realize care team collaboration. User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In this paper, we first discuss the perceived security drawbacks of pervasive smart-card-based remote user authentication schemes. Then, we propose a novel dynamic-ID-based user authentication scheme based on elliptic curve cryptosystem (ECC) for multi-server environment with smart cards. The proposed scheme ensures user anonymity and computational efficiency and complies with essential requirements of a secure smart-card-based authentication scheme for multi-server environment to enable care team collaboration.
Similar content being viewed by others
References
Lamport, L., Password authentication with insecure communication. Commun. ACM 24(11):770–772, 1981.
Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1):28–30, 2000.
Wang, X. M., Zhang, W. F., Zhang, J. S., and Khan, M. K., Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards. Comput. Stand. Interfaces 29(5):507–512, 2007.
Sun, H. M., An efficient remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(4):958–961, 2000.
Wang, R. C., Juang, W. S., and Lei, C. L., Robust authentication and key agreement scheme preserving the privacy of secret key. Comput. Commun. 34(3):274–280, 2011.
Wen, F., and Li, X., An improved dynamic ID-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38(2):381–387, 2012.
Lin, I. C., Hwang, M. S., and Li, L. H., A new remote user authentication scheme for multi-server architecture. Futur. Gener. Comput. Syst. 19(1):13–22, 2003.
Chang, C. C. and Lee, J. S., An efficient and secure multi-server password authentication scheme using smart cards. Proceedings of 3rd International Conference on Cyberworlds (CW 2004), Tokyo, Japan; Nov. 2004. p. 417–22.
Juang, W. S., Efficient Multi-server password authenticated key agreement using smart cards. IEEE Trans. Consum. Electron. 50(1):251–255, 2004.
Liao, Y. P., and Wang, S. S., A secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(1):24–29, 2009.
Hsiang, H. C., and Shih, W. K., Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(8):1118–1123, 2009.
Lee, C. C., Lin, T. H., and Chang, R. X., A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Syst. Appl. 38(11):13863–13870, 2011.
Kocher, P., Jaffe, J. and Jun, B., Differential power analysis. Proceedings of the 19th Annual International Cryptology Conference (CRYPTO’99), Santa Barbara, California, USA; Aug. 1999. p. 388–97.
Messerges, T. S., Dabbish, E. A., and Sloan, R. H., Examining smart card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.
Chang, Y. F. and Chang, P. Y., Comments on a dynamic-ID-based remote user authentication scheme for multi-server environment using smart cards. Proceedings of the 6th International Conference on Genetic and Evolutionary Computing (ICGEC 2012), Kitakyushu, Japan; August 2012. p. 59–62.
Hsu, C. L., and Chuang, Y. H., A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks. Inform. Sci. 179(4):422–429, 2009.
Wang, R. C., Juang, W. S., and Lei, C. L., Provably secure and efficient identification and key agreement protocol with user anonymity. J. Comput. Syst. Sci. 77(4):790–798, 2011.
Rivest, R. L., Shamir, A., and Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2):120–126, 1978.
ElGamal, T., A public key cryptosystem and a signature scheme based on discreet logarithms. IEEE Trans. Inf. Theory 31(4):469–481, 1985.
Miller, V. S., Use of elliptic curves in cryptography. Proceedings of the 5th Annual International Cryptology Conference (CRYPTO’85), Santa Barbara, California, USA; Aug. 1986. p. 417–26.
Koblitz, N., Elliptic curve cryptosystems. Math. Comput. 48(177):203–209, 1987.
Jena, D., Jena, S. K., Mohanty, D., and Panigrahy, S. K., A novel remote user authentication scheme using smart card based on ECDLP. Proceedings of the 3rd International Conference on Advanced Computer Control (ICACC 2009), Singapore; Jan. 2009. p. 246–9.
Yunting, H., An efficient authenticated key exchange protocol for wireless LAN networks. Energy Procedia 13:9138–9144, 2011.
Gura, N., Patel, A., Wander, A., Eberle, H. and Shantz, S. C., Comparing elliptic curve cryptography and RSA on 8-bit CPUs. Proceedings of the 6th Workshop on Cryptographic Hardware and Embedded Systems (CHES 2004), Cambridge, MA, USA; Aug. 2004. p. 925–43.
Krawczyk, H. and Rabin, T. Chameleon signature. Proceedings of the 2000 Network and Distributed System Security Symposium (NDSS 2000), San Diego, California, USA; Feb. 2000. p. 143–54.
Chen, X., Zhang, F., Tian, H., Wei, B., Susilo, W., Mu, Y., Lee, H., and Kim, K., Efficient generic on-line/off-line (threshold) signatures without key exposure. Inform. Sci. 178(21):4192–4203, 2008.
Liu, J. K., Baek, J., Zhou, J., Yang, Y., and Wong, J. W., Efficient online/offline identity-based signature for wireless sensor network. Int. J. Inf. Secur. 9(4):287–296, 2010.
Acknowledgments
This work was supported in part by National Science Council under the grants NSC 99-2410-H-025-010-MY2, NSC 101-2410-H-025 -009 -MY2, and NSC 101-2622-E-029-002-CC3.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Chang, YF., Chen, CC. & Chang, PY. A Robust and Novel Dynamic-ID-based Authentication Scheme for Care Team Collaboration with Smart Cards. J Med Syst 37, 9909 (2013). https://doi.org/10.1007/s10916-012-9909-0
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10916-012-9909-0