Abstract
Secure verified-based three-party authentication scheme for data exchange in telecare medicine information systems enables two users only store their verifiers computed from their actual password in authentication server’s database. Then the authentication server can verify the users’ verifiers and help them to exchange electronic medical records or electronic health records securely and conveniently. This investigation presents an efficient and secure verified-based three-party authentication scheme for data exchange in telecare medicine information systems. The proposed scheme does not use server’s public keys and includes the key confirmation without extra numbers of messages and rounds. Compared to related verified-based approaches, the proposed scheme possesses higher security, has lower computational cost and fewer transmissions, and thus is suitable for the telecare medicine information systems.
Similar content being viewed by others
References
Lambrinoudakis, C., and Gritzalis, S., Managing medical and insurance information through a smart-card-based information system. J. Med. Syst. 24(4):213–234, 2000.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3833–3838, 2012.
Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.
He, D. B., Chen, J. H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.
Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.
Lee, T.-F., and Liu, C.-M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 37(3):9933, 2013. 1–8.
Hao, X., Wang, J., Yang, Q., Yan, X., and Li, P., A chaotic map-based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(2):9919, 2013. 1–7.
Lee, T.-F., Chang, I.-P., Lin, T.-H., and Wang, C.-C., A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system. J. Med. Syst. 37(3):9941, 2013. 1–7.
Lee, T.-F., An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. J. Med. Syst. 37(6):9985, 2013. 1–9.
Yeh, H.-T., Sun, H.-M., and Hwang, T., Efficient three-party authentication and key agreement protocols resistant to password guessing attacks. Inf. Sci. Eng. 19(6):1059–1070, 2003.
Lee, S.-W., Kim, H.-S., and Yoo, K.-Y., Efficient verifier-based key agreement protocol for three parties without server’s public key. Appl. Math. Comput. 167(2):996–1003, 2005.
Lee, T.-F., Liu, J. L., Sung, M.-J., Yang, S.-B., and Chen, C.-M., Communication-efficient three-party protocols for authentication and key agreement. Comput. Math. Appl. 58:641–648, 2009.
Wang, R.-C., and Mo, K.-R., Security enhancement on efficient verifier-based key agreement protocol for three parties without server’s public key. Int. Math. Forum 1(20):965–972, 2006.
Kwon, J.-O., Jeong, I.-R., Sakurai, K., and Lee, D.-H., Efficient verifier-based password-authenticated key exchange in the three-party setting. Comput. Stand. Interfaces 29(5):513–520, 2007.
Diffie, W., and Hellman, M., New directions in cryptography. IEEE Trans. Inf. Theory 22(6):644–654, 1976.
Bellare, M., Pointcheval, D., and Rogaway, P., Authenticated key exchange secure against dictionary attacks. Proc. of Advances in Cryptology–Eurocrypt 2000. Lect. Notes Comput. Sci 1807: 122–138, 2000.
Boyko, V., MacKenzie, P., and Patel, S., Provably secure password based authenticated key exchange protocols using Diffie-Hellman. Proc. of Advances in Cryptology–Eurocrypt 2000. Lect. Notes Comput. Sci 1807: 156–171, 2000.
Abdalla, M., Fouque, P. A., and Pointcheval, D., Password-based authenticated key exchange in the three-party setting. Lect. Notes Comput. Sci 3386:65–84, 2005.
Abdalla, M., and Pointcheval, D., Simple password-based authenticated key protocols. Topics in Cryptology–CT-RSA 2005. Lect. Notes Comput. Sci 3376:191–208, 2005.
Impagliazzo, I., and Shoup, V., A note on an encryption scheme of Kurosawa and Desmedt. Available at http://eprint.iacr.org/2004/194, 2004.
Shoup, V., Sequences of games: A tool for taming complexity in security proofs. Available at http://www.shoup.net, 2005.
Lee, T.-F., and Hwang, T., Simple password-based three-party authenticated key exchange without server public keys. Inf. Sci. 180(9):1702–1714, 2010.
Acknowledgments
The authors would like to thank the anonymous referees for their valuable comments and suggestions. This research was supported by National Science Council under the grants NSC102-2221-E-320-003 and TCRPP102010.
Author information
Authors and Affiliations
Corresponding author
Additional information
This article is part of the Topical Collection on Transactional Processing Systems
Rights and permissions
About this article
Cite this article
Lin, TH., Lee, TF. Secure Verifier-Based Three-Party Authentication Schemes without Server Public Keys for Data Exchange in Telecare Medicine Information Systems. J Med Syst 38, 30 (2014). https://doi.org/10.1007/s10916-014-0030-4
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10916-014-0030-4