Computation-Efficient Three-Party Encrypted Key Exchange for Telecare Medicine Information Systems
Pages 167 - 171
Abstract
A three-party encrypted key exchange (3PEKE) protocol for telecare medicine information systems (TMISs) enables two communicating parties, such as patients, doctors, nurses and health visitors, sharing a long-lived secret only with a trusted third party- Medical Center Server (MCS) to exchange confidential and authenticated Electronic Medical Records (EMRs) and Electronic Health Records (EHRs) with another party over an insecure network. Recently, Lee et al. presented an improved 3PEKE protocol to solve the weaknesses of previous protocols. However, this study states that Lee et al.'s improved 3PEKE protocol still has some security faults such that their protocol cannot execute correctly and fails to resist password guessing attacks. This study also develops an enhanced protocol which is based on Lee et al.'s improved 3PEKE protocol. Additionally, the enhanced protocol protects the user's password by using a one-time key shared with the MCS, eliminates the redundant computations, and rearranges the messages. Compared with related protocols, the enhanced protocol not only has higher security, but also increases efficiency in computation and transmission.
References
[1]
Chang, C.C., and Chang, Y.F., A novel three-party encrypted key exchange protocol, Computer Standards & Interfaces, 26 (5), (2004), 471--476.
[2]
Bellare, M, Halevi, S, Sahai, A, and Vadhan, S,. Many-to-one trapdoor functions and their relations to public-key cryptosystems, Proceedings of the CRYPTO'98, of LNCS, 1462, (1998), 283--298.
[3]
Goldreich, O, and Levin, L., A hard-core predicate for all one-way functions, Proceedings of the 21st ACM Symposium on the Theory of Computing, (1989), 25--32.
[4]
Impagaliazzo, R, and Rudich, S., Limits on the provable consequences of one-way permutations, Proceedings of the 21st ACM Symposium on the Theory of Computing, (1989), 44--61.
[5]
Chen, H.B., and Chen, T.H., Lee W.B., and Chang C.C., Security enhancement for a three-party encrypted key exchange protocol against undetectable online password guessing attacks, Computer Standards & Interfaces, 30, (2008), 95--99.
[6]
Yoon, E.J., and Yoo, K.Y., Improving the novel three-party encrypted key exchange protocol, Computer Standards & Interfaces, 30, (2008), 309--314.
[7]
Lo, N.W., and Yeh K.H., Cryptanalysis of two three-party encrypted key exchange protocols, Computer Standards & Interfaces, 31, (2009), 1167--1174.
[8]
Chang, Y.F., A practical three-party encrypted key exchange protocol with round efficiency, International Journal of Innovative Computing, Information and Control, 4 (4), (2008) 953--960.
[9]
Lee, C.C., and Y.F. Chang, On security of a practical three-party key exchange protocol with round efficiency, Information Technology and Control, 37(4), (2008), 333--335.
[10]
Lee, C.C., Chen, S.D., and Chen, C.L., A computation-efficient three-party encrypted key exchange protocol, Applied Mathematics & Information Sciences, 6(3), (2012), 573--579.
[11]
Diffie, W., and Hellman M., New directions in cryptography, IEEE Transactions on Information Theory, 22 (6), (1976), 644--654.
Index Terms
- Computation-Efficient Three-Party Encrypted Key Exchange for Telecare Medicine Information Systems
Recommendations
Cryptanalysis of two three-party encrypted key exchange protocols
Due to the simplicity of maintaining human memorable passwords without any assistant storage device, password-based three-party encrypted key exchange (3PEKE) protocol has become one of the most promising research fields on user authentication and ...
Three-party encrypted key exchange: attacks and a solution
Password-based mechanism is the widely used method for authentication since it allows people to choose their own passwords without any assistant device to generate or store. However, people are used to choose easy-to-remember passwords such that ...
N-Party encrypted diffie-hellman key exchange using different passwords
ACNS'05: Proceedings of the Third international conference on Applied Cryptography and Network SecurityWe consider the problem of password-authenticated group Diffie-Hellman key exchange among N parties, N–1 clients and a single-server, using different passwords. Most password-authenticated key exchange schemes in the literature have focused on an ...
Comments
Information & Contributors
Information
Published In
May 2019
207 pages
ISBN:9781450371995
DOI:10.1145/3340037
Copyright © 2019 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
In-Cooperation
- University of Electronic Science and Technology of China: University of Electronic Science and Technology of China
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 17 May 2019
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- Tzu Chi University
Conference
ICMHI 2019
ICMHI 2019: The third International Conference on Medical and Health Informatics 2019
May 17 - 19, 2019
Xiamen, China
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 72Total Downloads
- Downloads (Last 12 months)3
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
Cited By
View allView Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in