Skip to main content
SpringerLink
Log in

Provably secure lightweight client authentication scheme with anonymity for TMIS using chaotic hash function

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Telecare medicine information system (TMIS) is recognized as an important tool for improving the quality and protection of healthcare services. In addition to protecting the privacy of patients, many authentication techniques are being introduced in TMIS. After investigations, it is observed that many authentication techniques have security breaches. In this article, we propose an efficient, secure and lightweight authentication scheme for TMIS using chaotic hash function to achieve user anonymity. Chaotic hash function constitutes potential security a set in modern cryptography with its random behavior. Also, we provide the security proof in the random oracle (RO) model and proof of correctness of algorithm is presented using (Burrows–Abadi–Needham) BAN logic for proposed scheme. The comprehensive formal and informal security review demonstrate that the security of our scheme is resistive against known potential attacks. Additionally, our presented authentication scheme performs significantly better as compared to other existing schemes in the literature and also it is efficient on the basis on high security and low cost for computational and communication.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Sood SK, Sarjee AK, Singh K (2010) Anjour improvement of Liao et al.’s authentication scheme using smart card. In: 2010 IEEE 2nd International Advance Computing Conference (IACC2010), pp 240–245

  2. He D, Kumar N, Chilamkurti N, Lee JH (2014) Lightweight ECC based RFID authentication integrated with an ID verifier transfer protocol. J Med Syst 38(10):1–6

    Article  Google Scholar 

  3. Hwang MS, Li LH (2000) A new remote user authentication scheme using smart cards. IEEE Trans Consum Electron 46(1):28–30

    Article  Google Scholar 

  4. Lee TF, Chang JB, Chan CW, Liu HC (2010) Password-based mutual authentication scheme using smart cards. In: The E-learning and Information Technology Symposium (EITS 2010)

  5. Li CT, Lee CC, Weng CY (2014) A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecaremedicine information systems. J Med Syst 38(9):77

    Article  Google Scholar 

  6. He D, Kumar N, Chilamkurti N (2015) A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf Sci. https://doi.org/10.1016/j.ins.2015.02.010

    Article  Google Scholar 

  7. He D, Zeadally S (2015) Authentication protocol for ambient assisted living system. IEEE Commun Mag 35(1):71–77

    Article  Google Scholar 

  8. Chen CL, Yang TT, Chiang ML, Shih TF (2014) A privacy authentication scheme based on cloud for medical environment. J Med Syst 38(11):143

    Article  Google Scholar 

  9. Wu ZY, Lee YC, Lai F, Lee HC, Chung Y (2012) A secure authentication scheme for telecare medicine information systems. J Med Syst 36(3):1529–1535

    Article  Google Scholar 

  10. He DB, Chen JH, Zhang R (2012) A more secure authentication scheme for telecare medicine information systems. J Med Syst 36:1989–1995

    Article  Google Scholar 

  11. Chen C, He D, Chan S, Bu SJ, Gao Y, Fan R (2011) Lightweight and provably secure user authentication with anonymity for the global mobility network. Int J Commun Syst 24(3):347–362

    Article  Google Scholar 

  12. Lin HY (2013) On the security of adynamic ID-based authentication scheme for telecaremedical information systems. J Med Syst 37:9929

    Article  Google Scholar 

  13. Cao T, Zhai J (2013) Improved dynamic ID-based authentication scheme for telecare medical information systems. J Med Syst 37:9912

    Article  Google Scholar 

  14. Khan MK, Kumari S (2014) Cryptanalysis and improvement of “An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems.” Secur Commun Netw 7(2):399–408

    Article  Google Scholar 

  15. Lee T-F, Chang I-P, Lin T-H, Wang C-C (2013) A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system. J Med Syst 37(3):9941

    Article  Google Scholar 

  16. Wen F (2014) A more secure anonymous user authentication scheme for the integrated EPR information system. J Med Syst 38(5):42

    Article  Google Scholar 

  17. Das A (2015) A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system. J Med Syst 39:25

    Article  Google Scholar 

  18. He D, Zeadally S (2015) An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet Things J 2(1):72–83

    Article  Google Scholar 

  19. Lu Y, Li L, Peng H, Yang Y (2015) An enhanced biometric based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. J Med Syst 39(3):1–8

    Article  Google Scholar 

  20. Abdellaoui A, Khamlichi YI, Chaoui H (2016) A robust authentication scheme for telecare medicine information system. Proc Comput Sci 98:584–589

    Article  Google Scholar 

  21. Chaudhry SA, Mahmood K, Naqvi H, Khan MK (2015) An improved and secure biometric authentication scheme for telecare medicine information systems based on elliptic curve cryptography. J Med Syst 39:175. https://doi.org/10.1007/s10916-015-0335-y

    Article  Google Scholar 

  22. Chaudhry SA, Khan MT, Khan MK, Shon T (2016) A multiserver biometric authentication scheme for TMIS using elliptic curve cryptography. J Med Syst 40:230. https://doi.org/10.1007/s10916-016-0592-4

    Article  Google Scholar 

  23. Chaudhry SA, Naqvi H, Khan MK (2018) An enhanced lightweight anonymous biometric based authentication scheme for TMIS. Multimed Tools Appl 77:5503–5524. https://doi.org/10.1007/s11042-017-4464-9

    Article  Google Scholar 

  24. Sutrala AK, Das AK, Odelu V, Wazid M, Kumari S (2016) Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems. Comput Methods Prog Biomed 135:167–185

    Article  Google Scholar 

  25. Liu W, Xie Qi, Wang S, Bin Hu (2016) An improved authenticated key agreement protocol for telecare medicine information system. Springer Plus 5:555. https://doi.org/10.1186/s40064-016-2018-7

    Article  Google Scholar 

  26. Masdari M, Ahmadzadeh S (2017) A survey and taxonomy of the authentication schemes in telecare medicine information systems. J Netw Comput Appl 87:1–19

    Article  Google Scholar 

  27. Fan Wu, Li X, Sangaiah AK, Lili Xu, Kumari S, Liuxi Wu, Shen J (2018) A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Future Gener Comput Syst 82:727–737

    Article  Google Scholar 

  28. Li X, Niub J, Kumaric S, Wud F, Chooe K-K (2018) A robust biometrics based three-factor authentication scheme for global mobility networks in smart city. Future Gener Comput Syst 83:607–618

    Article  Google Scholar 

  29. Chandrakar P, Om H (2017) A secure and robust anonymous three-factor remote user authentication scheme for multi-server environment using ECC. Comput Commun. https://doi.org/10.1016/j.comcom.2017.05.009

    Article  Google Scholar 

  30. Hafizul Islam SK, Obaidat MS, Vijayakumar P, Abdulhay E, Fagen Li M, Reddy KC (2018) A robust and efficient password-based conditional privacy preserving authentication and group-key agreement protocol for VANETs. Future Gener Comput Syst 84:216–227

    Article  Google Scholar 

  31. Cui J, Zhang J, Zhong H, Shi R, Yan Xu (2018) An efficient certificate less aggregate signature without pairings for vehicular ad hoc networks. Inf Sci. https://doi.org/10.1016/j.ins.2018.03.060

    Article  MATH  Google Scholar 

  32. Jiang Qi, Ma J, Yang C, Ma X, Shen J, Chaudhry SA (2017) Efficient end-to-end authentication protocol for wearable health monitoring systems. Comput Electr Eng 63:182–195

    Article  Google Scholar 

  33. Challa S, Das AK, Gope P, Kumar N, Wu F, Vasilakos AV (2018) Design and analysis of authenticated key agreement scheme in cloud-assisted cyber-physical systems. Future Gener Comput Syst. https://doi.org/10.1016/j.future.2018.04.019

    Article  Google Scholar 

  34. Ostad-Sharif A, Abbasinezhad-Mood D, Nikooghadam M (2019) Efficient utilization of elliptic curve cryptography in design of a three-factor authentication protocol for satellite communications. Comput Commun 147:85–97

    Article  Google Scholar 

  35. Wei J, Liu W, Hu X (2018) On the security and improvement of privacy-preserving 3-factor authentication scheme for TMIS. Int J Commun Syst. e3767

  36. Chandrakar P, Om H (2018) An extended ECC-based anonymity-preserving 3-factor remote authentication scheme usable in TMIS. Int J Commun Syst e3540

  37. Radhakrishnan N, Karuppiah M (2018) An efficient and secure remote user mutual authentication scheme using smart cards for Telecare medical information systems. Inform Med Unlocked. https://doi.org/10.1016/j.imu.2018.02.003

    Article  Google Scholar 

  38. Alzahrani BA, Irshad A (2018) A secure and efficient TMIS-based authentication scheme improved against Zhang et al’.s scheme. Arab J Sci Eng 43:8239–8253. https://doi.org/10.1007/s13369-018-3494-6

    Article  Google Scholar 

  39. Zhang LP, Zhu SH (2015) Robust ECC-based authenticated key agreement scheme with privacy protection for telecare medicine information systems. J Med Syst 39(5):1–13

    Article  Google Scholar 

  40. Soni P, Pal AK, Hafizul Islam SK (2019) An improved three-factor authentication scheme for patient monitoring using WSN in remote health-care system. Comput Methods Progr Biomed 182:105054

    Article  Google Scholar 

  41. Renuka KM, Kumari S, Li S (2019) Design of a secure three-factor authentication scheme for smart healthcare. J Med Syst 43:133. https://doi.org/10.1007/s10916-019-1251-3

    Article  Google Scholar 

  42. Qiao H, Dong X, Shen Y (2019) Authenticated key agreement scheme with strong anonymity for multi-server environment in TMIS. J Med Syst 43:321. https://doi.org/10.1007/s10916-019-1442-y

    Article  Google Scholar 

  43. Ostad-Sharif A, Abbasinezhad-Mood D, Nikooghadam M (2019) An enhanced anonymous and unlinkable user authentication and key agreement protocol for TMIS by utilization of ECC. Int J Commun Syst 2019:e3913. https://doi.org/10.1002/dac.3913

    Article  Google Scholar 

  44. Dharminder D, Mishra D, Li X (2020) Construction of RSA-based authentication scheme in authorized access to healthcare services. J Med Syst 44:6. https://doi.org/10.1007/s10916-019-1471-6

    Article  Google Scholar 

  45. Lo J-W, Chun-Yueh Wu, Chiou S-F (2020) A lightweight authentication and key agreement scheme for telecare medicine information system. J Internet Technol 21(1):263–272

    Google Scholar 

  46. Arshad H, Rasoolzadegan A (2016) Design of a secure authentication and key agreement scheme preserving user privacy usable in telecare medicine information systems. J Med Syst 40:237

    Article  Google Scholar 

  47. Liu W, Liu J, Wu Q, Qin B, Naccache D, Ferradi H (2018) Efficient subtree-based encryption for fuzzy-entity data sharing. Soft Comput 22(23):7961–7976

    Article  MATH  Google Scholar 

  48. Meshram C, Lee CC, Meshram SG, Meshram A (2020) OOS-SSS: an efficient online/offline subtree-based short signature scheme using Chebyshev chaotic maps for wireless sensor network. IEEE Access 8(1):80063–80073

    Article  Google Scholar 

  49. Meshram C, Lee CC, Ranadive AS, Li CT, Meshram SG, Tembhurne JV (2020) A subtree-based transformation model for cryptosystem using chaotic maps under cloud computing environment for fuzzy user data sharing. Int J Commun Syst 33(7):e4307

    Article  Google Scholar 

  50. Meshram C, Lee CC, Meshram SG, Khan MK (2019) An identity-based encryption technique using subtree for fuzzy user data sharing under cloud computing environment. Soft Comput 23(24):13127–13138

    Article  MATH  Google Scholar 

  51. Xiao D, Liao X, Deng S (2005) One-way hash function construction based on the chaotic map with changeable-parameter. Chaos Solitons Fract 241:65–71

    Article  MathSciNet  MATH  Google Scholar 

  52. Das AK, Goswami A (2014) An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function. J Med Syst 38:27

    Article  Google Scholar 

  53. Messerges TS, Dabbish EA, Sloan RH (2002) Examining smart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  MATH  Google Scholar 

  54. Witteman M (2002) Advances in smartcard security. Inf Secur Bull 7:11–22

    Google Scholar 

  55. Burrows M, Abadi M, Needham R (1990) A logic of authentication. ACM Trans Comput Syst 8(1):18–36

    Article  MATH  Google Scholar 

  56. Sarkar P (2010) A simple and generic construction of authenticated encryption with associated data. ACM Trans Inf Syst Secur 13(4):33

    Article  Google Scholar 

  57. Chang YF, Yu SH, Shiao DR (2013) An uniqueness-andanonymitypreserving remote user authentication scheme for connected health care. J Med Syst 37:9902

    Article  Google Scholar 

  58. Li CT, Lee CC, Weng CY, Fan CI (2013) An extended multi-server-based user authentication and key agreement scheme with user anonymity. KSII Trans Int Inform Syst 7:119–131

    Google Scholar 

  59. Li CT (2013) A new password authentication and user anonymity scheme based on elliptic curve cryptography and smart card. IET Inform Secur 7:3–10

    Article  Google Scholar 

  60. Shin-Yan C, Ying Z, Liu J (2016) Improvement of a privacy authentication scheme based on cloud for medical environment. J Med Syst 40:101

    Article  Google Scholar 

  61. Niloofar R, Nazari M (2018) An efficient improvement remote user mutual authentication and session key agreement scheme for E-health care systems. Multimed Tools Appl 77:55–88

    Article  Google Scholar 

  62. Arezou O-S, Abbasinezhad-Mood D, Nikooghadam M (2019) An enhanced anonymous and unlinkable user authentication and key agreement protocol for TMIS by utilization of ECC. Int J Commun Syst 32:e3913

    Article  Google Scholar 

  63. He D, Kumar N, Lee JH, Sherratt RS (2014) Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Trans Consum Electron 60(1):30–37

    Article  Google Scholar 

Download references

Acknowledgements

Supported by Visvesvaraya PhD Scheme, MeitY, Govt. of India. No. MEITY-PHD-3039.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Information Technology, Nagpur, India

    Vishesh P. Gaikwad & Jitendra V. Tembhurne

  2. Department of Post Graduate Studies and Research in Mathematics, Jayawanti Haksar Government Post-Graduation College, College of Chhindwara University, Betul, M.P, 460001, India

    Chandrashekhar Meshram

  3. Department of Library and Information Science, Research and Development Center for Physical Education, Health, and Information Technology, Fu Jen Catholic University, New Taipei, 24205, Taiwan, ROC

    Cheng-Chi Lee

  4. Department of Photonics and Communication Engineering, Asia University, Wufeng Shiang, Taichung, 413, Taiwan, ROC

    Cheng-Chi Lee

Authors
  1. Vishesh P. Gaikwad
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jitendra V. Tembhurne
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chandrashekhar Meshram
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Cheng-Chi Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cheng-Chi Lee.

Ethics declarations

Conflict of interest

All authors declare that they have no conflict of interest.

Human and animal rights

The paper does not contain any studies with human participants or animals performed by any of the authors.

Informed consent

Informed consent was obtained from all individual participants included in the study.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gaikwad, V.P., Tembhurne, J.V., Meshram, C. et al. Provably secure lightweight client authentication scheme with anonymity for TMIS using chaotic hash function. J Supercomput 77, 8281–8304 (2021). https://doi.org/10.1007/s11227-020-03553-y

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-020-03553-y

Keywords

Search

Navigation