Skip to main content

Advertisement

Springer Nature Link
Log in

A Secure Biometrics-based Authentication Scheme for Telecare Medicine Information Systems

  • Original Paper
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

    We’re sorry, something doesn't seem to be working properly.

    Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Abstract

The telecare medicine information system (TMIS) allows patients and doctors to access medical services or medical information at remote sites. Therefore, it could bring us very big convenient. To safeguard patients’ privacy, authentication schemes for the TMIS attracted wide attention. Recently, Tan proposed an efficient biometrics-based authentication scheme for the TMIS and claimed their scheme could withstand various attacks. However, in this paper, we point out that Tan’s scheme is vulnerable to the Denial-of-Service attack. To enhance security, we also propose an improved scheme based on Tan’s work. Security and performance analysis shows our scheme not only could overcome weakness in Tan’s scheme but also has better performance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Lambrinoudakis, C., and Gritzalis, S., Managing medical and insura nce information through a smart-card-based information system. Journal of Medical Systems 24(4):213–234, 2000.

    Article  Google Scholar 

  2. Lamport, L., Password authentication with insecure communication. Commun ACM 24:28–30, 1981.

    Article  Google Scholar 

  3. He, D., Chen, J., and Hu, J., Further improvement of Juang et al.'s password-authenticated key agreement scheme using smart cards. Kuwait Journal of Science & Engineering 38(2A):55–68, 2011.

    MathSciNet  Google Scholar 

  4. He, D., Chen, J., and Chen, Y., A secure mutual authentication scheme for session initiation scheme using elliptic curve cryptography. Security and Communication Networks 5(12):1423–1429, 2012.

    Article  Google Scholar 

  5. He, D., Chen, Y., and Chen, J., Cryptanalysis and improvement of an extended chaotic maps-based key agreement scheme. Nonlinear Dynamics 69(3):1149–1157, 2012.

    Article  MathSciNet  MATH  Google Scholar 

  6. He, D., Chen, J., and Hu, J., Improvement on a smart card based password authentication scheme. Journal of Internet Technology 13(3):405–410, 2012.

    Google Scholar 

  7. He, D., An efficient remote user authentication and key exchange scheme for mobile client–server environment from pairings. Ad Hoc Networks 10(6):1009–1016, 2012.

    Article  Google Scholar 

  8. He, D., Chen, J., and Hu, J., An ID-based client authentication with key agreement scheme for mobile client–server environment on ECC with provable security. Information Fusion 13(3):223–230, 2012.

    Article  Google Scholar 

  9. Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. Journal of Medical Systems 36:1529–35, 2012.

    Article  Google Scholar 

  10. He, D. B., Chen, J. H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. Journal of Medical Systems 36:1989–1995, 2012.

    Article  Google Scholar 

  11. Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. Journal of Medical Systems 36:3597–3604, 2012.

    Article  Google Scholar 

  12. Zhu, Z., An Efficient authentication scheme for telecare medicine information systems. Journal of Medical Systems 36:3833–3838, 2012.

    Article  Google Scholar 

  13. Khan, M., and Kumari, S., An Authentication Scheme for Secure Access to Healthcare Services. Journal of medical systems, 2012. doi:10.1007/s10916-013-9954-3.

    Google Scholar 

  14. Jiang, Q., Ma, J., Ma, Z., et al., A privacy enhanced authentication scheme for telecare medical information systems. Journal of medical systems, 2013. doi:10.1007/s10916-012-9897-0.

    Google Scholar 

  15. Lee, T., Chang, I., Lin, T., et al., A Secure and Efficient Password-Based User Authentication Scheme Using Smart Cards for the Integrated EPR Information System. Journal of medical systems, 2013. doi:10.1007/s10916-013-9941-8.

    Google Scholar 

  16. Cao, T., and Zhai, J., Improved Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems. Journal of medical systems, 2013. doi:10.1007/s10916-012-9912-5.

    Google Scholar 

  17. Kumari, S., Khan, M., and Kumar, R., Cryptanalysis and Improvement of ‘A Privacy Enhanced Scheme for Telecare Medical Information Systems. Journal of medical systems, 2012. doi:10.1007/s10916-013-9952-5.

    Google Scholar 

  18. Tan, Z., An efficient biometrics-based authentication scheme for telecare medicine information systems. Przeglad Elektrotechniczny 89(5):200–204, 2013.

    Google Scholar 

  19. Li, C.-T., and Hwang, M.-S., An efficient biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications 33:1–5, 2010.

    Article  Google Scholar 

  20. Menezes, A. J., Vanstone, S. A., and Van Oorschot, P. C., Handbook of Applied Cryptography, CRC Press. Inc. Boca Raton, FL, USA, 1996.

    Book  Google Scholar 

Download references

Acknowledgments

The authors thank Prof. R.R. Grams and the anonymous reviewers for their valuable comments. This research was supported in part by National Science foundation of China (No.61201180), Beijing Natural Science Foundation (N0.4132055), and Excellent Young Scholars Research Fund of Beijing Institute of Technology.

Conflict of Interest

The authors declare that they have no conflict of interest.

Author information

Authors and Affiliations

  1. National Key Laboratory of Mechatronic Engineering and Control, Beijing Institute of Technology, School of Mechatronical Engineering, Beijing, China

    Xiaopeng Yan, Weiheng Li, Ping Li, Jiantao Wang, Xinhong Hao & Peng Gong

Authors
  1. Xiaopeng Yan
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Weiheng Li
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Ping Li
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Jiantao Wang
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Xinhong Hao
    View author publications

    You can also search for this author inPubMed Google Scholar

  6. Peng Gong
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Peng Gong.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Yan, X., Li, W., Li, P. et al. A Secure Biometrics-based Authentication Scheme for Telecare Medicine Information Systems. J Med Syst 37, 9972 (2013). https://doi.org/10.1007/s10916-013-9972-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-013-9972-1

Keywords