Skip to main content
SpringerLink
Log in

A Privacy Preserving Secure and Efficient Authentication Scheme for Telecare Medical Information Systems

  • Patient Facing Systems
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.’s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Mishra, D., Das, A. K., and Mukhopadhyay, S., A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards. Expert Syst. Appl. 41(18):8129–8143, 2014

  2. Chaturvedi, A., Mishra, D., and Mukhopadhyay, S., Improved biometric-based three-factor remote user authentication scheme with key agreement using smart card. In: Information Systems Security. pp. 63–77. Springer, 2013

  3. He, D., Chen, Y., and Chen, J., Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn. 69(3):1149–1157, 2012

  4. Mishra, D., Cryptanalysis of sun and cao’s remote authentication scheme with user anonymity, arXiv preprint arXiv:1310.6422

  5. He, D., Chen, J., and Zhang, R., Weaknesses of a dynamic id-based remote user authentication scheme. Int. J. Electron. Secur. Digit. Forensic 3(4):355–362, 2010

  6. Uslu, A. M., and Stausberg, J., Value of the electronic patient record: an analysis of the literature. J. Biomed. Inform. 41(4): 675–682, 2008

  7. He, D., Kumar, N., Chen, J., Lee, C.-C., Chilamkurti, N., and Yeo, S.-S., Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Systems 1–12, 2013. doi:10.1007/s00530-013-0346-9

  8. Mishra, D., Srinivas, J., and Mukhopadhyay, S., A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(10). doi:10.1007/s10916-014-0120-3

  9. He, D., Kumar, N., Chilamkurti, N., and Lee, J.-H., Lightweight ecc based rfid authentication integrated with an id verifier transfer protocol. J. Med. Syst. 38(10):1–6, 2014

  10. Mishra, D., Mukhopadhyay, S., Chaturvedi, A., Kumari, S., and Khan, M. K., Cryptanalysis and improvement of yan et al.’s biometric-based authentication scheme for telecare medicine information systems. J. Med. Syst. 38(6):1–12, 2014

  11. Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3833–3838, 2012

  12. Mishra, D., Mukhopadhyay, S., Kumari, S., Khan, M. K., and Chaturvedi, A., Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce. J. Med. Syst. 38(5):1–11, 2014

  13. Li, X., Niu, J., Khurram Khan, M., and Liao, J., An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. 36(5):1365–1371, 2013

  14. Debiao, H., Jianhua, C., and Rui, Z., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012

  15. Mishra, D., On the security flaws in id-based password authentication schemes for telecare medical information systems. J. Med. Syst. 39(1):1–16, 2015

  16. Srivastava, K., Awasthi, A. K., and Mittal, R., A review on remote user authentication schemes using smart cards. In: Quality, Reliability, Security and Robustness in Heterogeneous Networks. pp. 729–749. Springer, 2013

  17. Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012

  18. Wu, Z.-Y., Lee, Y.-C., Lai, F., Lee, H.-C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1536, 2012

  19. Chen, H.-M., Lo, J.-W., and Yeh, C.-K., An efficient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012

  20. Xie, Q., Zhang, J., and Dong, N., Robust anonymous authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–8, 2013

  21. Cao, T., and Zhai, J., Improved dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–7, 2013

  22. Lin, H.-Y., On the security of a dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–5, 2013

  23. Mishra, D., A study on id-based authentication schemes for telecare medical information system, arXiv preprint arXiv:1311.0151

  24. Burrows, M., Abadi, M., and Needham, R. M., A logic of authentication. Proc. R. Soc. Lond. A Math. Phys. Sci. 426(1871):233–271, 1989

  25. Syverson, P., and Cervesato, I., The logic of authentication protocols. In: Foundations of Security Analysis and Design. pp. 63–137. Springer, 2001

  26. Lee, T.-F., Chang, I.-P., Lin, T.-H., and Wang, C.-C., A secure and efficient password-based user authentication scheme using smart cards for the integrated epr information system. J. Med. Syst. 37(3):1–7, 2013

  27. Li, C.-T., and Hwang, M.-S., An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1–5, 2010

  28. Li, X., Niu, J.-W., Ma, J., Wang, W.-D., and Liu, C.-L., Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 34(1):73–79, 2011

  29. Truong, T. T., Tran, M.-T., and Duong, A.-D., Robust biometrics-based remote user authentication scheme using smart cards. In: Network-Based Information Systems (NBiS), 2012 15th International Conference on, IEEE. pp. 384–391. 2012

  30. Chang, Y.-F., Yu, S.-H., and Shiao, D.-R., A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(2):1–9, 2013

  31. Yan, X., Li, W., Li, P., Wang, J., Hao, X., and Gong, P., A secure biometrics-based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(5): 1–6, 2013. doi:10.1007/s10916-013-9972-1

  32. Liao, Y.-P., and Wang, S.-S., A secure dynamic id based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(1):24–29, 2009

  33. Potlapally, N. R., Ravi, S., Raghunathan, A., and Jha, N. K., A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Trans. Mob. Comput. 5(2):128–143, 2006

  34. Wong, D. S., Fuentes, H. H., and Chan, A. H., The performance measurement of cryptographic primitives on palm devices. In: Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual, IEEE. pp. 92–101. 2001

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering and Applications, National Institute of Technical Teacher’s Training and Research, Bhopal, India

    Raghavendra Mishra

  2. Department of Applied Sciences, MMM University of Technology, Gorakhpur, India

    Amit Kumar Barnwal

Authors
  1. Raghavendra Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amit Kumar Barnwal
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Raghavendra Mishra.

Additional information

Conflict of interests

The authors declare that they have no conflict of interest.

This article is part of the Topical Collection on Patient Facing Systems

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mishra, R., Barnwal, A.K. A Privacy Preserving Secure and Efficient Authentication Scheme for Telecare Medical Information Systems. J Med Syst 39, 54 (2015). https://doi.org/10.1007/s10916-015-0215-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-015-0215-5

Keywords

Search

Navigation