An efficient and privacy-preserving mutual authentication with key agreement scheme for telecare medicine information system

Chen, Yulei; Chen, Jianhua

doi:10.1007/s12083-021-01260-w

Cited by 14 publications

(3 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this section, we employ BAN logic, a widely recognized security analysis technique used in numerous studies such as [30] and [31], to conduct an exhaustive evaluation of our proposed scheme. By leveraging the thorough framework of BAN logic, which encompasses analysis rules, goals, assumptions, and derivations, we are able to rigorously assess the scheme's robustness against various security vulnerabili-ties.…”

Section: B Formal Security Analysis Using Ban Logicmentioning

confidence: 99%

Enhanced Lightweight Medical Sensor Networks Authentication Scheme Based on Blockchain

Kang,

Woo,

Ryu

2024

IEEE Access

View full text Add to dashboard Cite

In the rapidly evolving environment of wireless medical sensor networks (WMSN) and the internet of medical things (IoMT), remote medical support has seen unprecedented advancements. It is essential that the data relayed from the sensors must be trustworthy and unaltered, and that the sensors themselves are genuine. Wireless networks, however, have inherent vulnerabilities. In addition, since WMSN is directly linked to patients' lives, its continuous availability is crucial. Considerable efforts have been made to maintain the integrity and authenticity of such data. However, many studies have failed to address the problem of a single point of failure (SPOF). This issue has been particularly detrimental to patients who require ongoing management. To address this issue and ensure the protection of the authenticity and integrity of patient data, we suggest the implementation of an authentication scheme based on blockchain technology. In 2022, Yu et al. introduced a blockchain-integrated authentication and key generation scheme for WMSN using Physical Unclonable Functions (PUFs), effectively addressing the SPOF problem by conducting mutual authentication through smart contracts without relying on centralized servers. Our research found that this scheme inadvertently shared critical parameters, including challenge-response pairs and important private keys, with the blockchain network, making it vulnerable to various breaches. We present an enhanced protocol designed to mitigate these security challenges. By limiting the data interaction with smart contracts and ensuring only relevant parties access crucial parameters, our approach reduces the risk of public information disclosure on the blockchain. This not only mitigates the SPOF issue but also efficiently helps in prevention of physical attacks. We prove that our proposed system prevents known security vulnerabilities through informal and formal analysis using the Scyther, Proverif, and BAN logic. Furthermore, the proposed scheme offers 67.37% reduction in computation costs and 3.67% in communication costs, presenting an efficient and secure solution for WMSN in the IoMT landscape.

show abstract

Section: B Formal Security Analysis Using Ban Logicmentioning

confidence: 99%

Enhanced Lightweight Medical Sensor Networks Authentication Scheme Based on Blockchain

Kang,

Woo,

Ryu

2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…BhanuChander et al 20 presented a safe and light RFID‐tag‐based authentication technique to increase security in the Telecare medicine information system while respecting privacy. Yulei Chen et al 21 proposed ECC based on efficient and privacy‐preserving mutual authentication with a key agreement scheme for telecare medicine information system. It uses a formal method under the random oracle (RO) model and uses the traditional heuristic discussion to prove the strength of the scheme against known attacks.…”

Section: Related Workmentioning

confidence: 99%

Cryptanalysis and improvement of REAS‐TMIS: Resource‐efficient authentication scheme for telecare medical information system

Kumar

Amin

Brindha

2022

Security and Privacy

View full text Add to dashboard Cite

Recently, Tanveer et al. proposed a resource‐efficient authentication scheme for telecare medical information systems employing the authenticated key exchange. Tanveer et al. vehemently claimed that the protocol is safe against smart card stolen attacks, password guessing attacks, anonymity and untraceability, replay attacks, man‐in‐the‐middle attacks, impersonation attacks, and so forth. We have scrutinized the Tanveer et al. protocol. Based on his attack model, we have analyzed that this protocol is not secured against session key disclosure attacks, privileged insider attacks, and medical server impersonation attacks. We have also discussed improvement mechanisms to protect the mentioned security threats.

show abstract

“…Simultaneously, authentication schemes are used in many areas to ensure secure communications [2][3][4] . So far, many authentication and key agreement schemes have been proposed for TMIS [5][6][7][8][9][10] .…”

Section: Introductionmentioning

confidence: 99%

Analysis and Improvement of a Privacy-Preserving Authentication Scheme for Telecare Medical Information System Environment

NIU,

KANG,

et al. 2023

Wuhan Univ. J. Nat. Sci.

View full text Add to dashboard Cite

Telecare Medical Information System (TMIS) can provide various telemedicine services to patients. However, information is communicated over an open channel. An attacker may intercept, replay, or modify this information. Therefore, many authentication schemes are proposed to provide secure communication for TMIS. Recently, Yu et al proposed a privacy-preserving authentication scheme in the Internet of Medical Things (IoMT)-enabled TMIS environments. They emphasize that their scheme is resistant to various attacks and ensures anonymity. Unfortunately, this paper demonstrates that Yu et al's scheme is vulnerable to impersonation attacks, replay attacks, and tracking attacks and cannot mutually authenticate. To overcome the shortcomings of Yu et al's scheme, we mainly improve the authentication and key agreement process and propose a corresponding improved scheme. We also compare the improved scheme with several existing authentication schemes in terms of security and computational efficiency.

show abstract

An efficient and privacy-preserving mutual authentication with key agreement scheme for telecare medicine information system

Cited by 14 publications

References 33 publications

Enhanced Lightweight Medical Sensor Networks Authentication Scheme Based on Blockchain

Enhanced Lightweight Medical Sensor Networks Authentication Scheme Based on Blockchain

Cryptanalysis and improvement of REAS‐TMIS: Resource‐efficient authentication scheme for telecare medical information system

Analysis and Improvement of a Privacy-Preserving Authentication Scheme for Telecare Medical Information System Environment

Contact Info

Product

Resources

About