Improvement of a Privacy Authentication Scheme Based on Cloud for Medical Environment

Chiou, Shin-Yan; Ying, Zhaoqin; Liu, Junqiang

doi:10.1007/s10916-016-0453-1

Cited by 81 publications

(95 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To evaluate execution time of our scheme with other existing schemes, the hash function, bio-hash function, symmetric key encryption or decryption operation, modular exponentiation operation, elliptic curve point multiplication, and bilinear operation take 0.0005, 0.02102, 0.0087, 0.522, 0.0503, and 0.0621 seconds, respectively. 59,60 As in the work of He et al, 68 the execution time for a fuzzy extractor function is near about equal to an elliptic curve point multiplication. The estimated computational time of the protocols of Amin and Biswas, 30 Irshad et al, 51 Li et al, 18 Maitra et al, 19 Li et al, 52 Lin et al, 53 Maitra and Giri, 54 Pippal et al, 16 Wen et al, 55 Yoon and Yoo, 56 and Amin and Biswas, 44 and our proposed protocol are 0.05404, 0.7684, 2.098, 0.0652, 0.4164, 0.2609, 0.0438, 3.658, 0.095, 0.2112, 0.98304, and 0.8701 seconds, respectively.…”

Section: Computation Cost and Estimated Time Comparisonmentioning

confidence: 77%

“…Our proposed protocol has computation costs 7 T h +2 T p m +1 T f e and 23 T h +13 T p m +1 T f e for the registration phase and the login and authentication phase, respectively, whereas the other schemes have 24 T h +2 T b h , 24 T h +12 T p m +6 T s +2 T f e , 20 T h +4 T m e , 26 T h +6 T s , 28 T h +6 T p m +2 T f e , 15 T h +4 T p m +6 T s , 18 T h +4 T s , 9 T h +7 T m e , 16 T h +10 T s , 20 T h +4 T p m , and 24 T h +16 T p m +2 T b p +2 T b h operations, respectively, for performing the registration phase and the authentication phase. To evaluate execution time of our scheme with other existing schemes, the hash function, bio‐hash function, symmetric key encryption or decryption operation, modular exponentiation operation, elliptic curve point multiplication, and bilinear operation take 0.0005, 0.02102, 0.0087, 0.522, 0.0503, and 0.0621 seconds, respectively . As in the work of He et al, the execution time for a fuzzy extractor function is near about equal to an elliptic curve point multiplication.…”

Section: Performance Comparisonmentioning

confidence: 87%

See 1 more Smart Citation

Cryptanalysis and improvement of a biometric‐based remote user authentication protocol usable in a multiserver environment

Chandrakar

2017

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Recently, Amin and Biswas have discussed a bilinear pairing–based three‐factor remote user authentication protocol, claiming it to be secured against various attacks. We scrutinize this protocol and find that it is vulnerable to identity guessing attack, password guessing attack, user untraceability attack, user‐server impersonation attack, new smart card issue attack, and privileged insider attack. In this paper, we propose an elliptic curve cryptography and biometric‐based remote user authentication protocol for a multiserver environment by overcoming these drawbacks. We conduct its informal and formal security analysis to show that it resists all known security attacks. The Burrows‐Abadi‐Needham (BAN) logic verifies that our protocol facilitates mutual authentication and session key agreement securely. We simulate it using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to certify that it can be protected from passive and active threats, including replay and man‐in‐the‐middle attacks. Furthermore, the proposed protocol provides more security attributes and better complexity in terms of smart card storage cost, computation cost, estimated time, and communication cost, as compared with the related existing protocols.

show abstract

Section: Computation Cost and Estimated Time Comparisonmentioning

confidence: 77%

Section: Performance Comparisonmentioning

confidence: 87%

Cryptanalysis and improvement of a biometric‐based remote user authentication protocol usable in a multiserver environment

Chandrakar

2017

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…Any identity communicates with each other via an insecure public channel, offering adversaries opportunities to intercept. In the following, we present the assumptions of the attacker model [18][19][20][21].…”

Section: Attacker Modelmentioning

confidence: 99%

An Efficient Three-Party Authentication Scheme for Data Exchange in Medical Environment

Chiou

Lin

2018

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

Compared with traditional paper medical records, electronic medical records have many advantages such as easy transmission, high efficiency, better accuracy, and easier storage. The further development and penetration of electronic medical records will raise increasingly critical transmitted-data accuracy and security issues. Previous studies have proposed a verifier-based three-party authentication scheme and to provide high efficiency and security, with low computation and transmission costs. However, this protocol fails to achieve anonymity, is vulnerable to tracking attacks, and is inefficient. In this paper, we propose a new authentication scheme which provides patient anonymity and resistance to tracking attacks, while reducing computation and communication costs. The proposed system is easier to implement and is more suitable for use in remote electronic medical record exchange systems.

show abstract

“…The execution time as considered in [35,36], for the different cryptographic operation (performed by user U i and the gateway node GW N with a computer system having windows 7 operating system, Intel (R) core (TM) 2 Quad CPU Q8300, @2.50 Hz processor, and 2 GB RAM) are listed in following Table 25. We assumed the time for executing a fuzzy extractor is the same as that for executing a hash function because the fuzzy extractor [27] can be constructed from universal hash functions or error-correcting codes requiring only lightweight operations.…”

Section: Relative Performance Based On Computational Costmentioning

confidence: 99%

Fuzzy Extractor and Elliptic Curve Based Efficient User Authentication Protocol for Wireless Sensor Networks and Internet of Things

Maurya

Sastry

2017

Information

View full text Add to dashboard Cite

Abstract:To improve the quality of service and reduce the possibility of security attacks, a secure and efficient user authentication mechanism is required for Wireless Sensor Networks (WSNs) and the Internet of Things (IoT). Session key establishment between the sensor node and the user is also required for secure communication. In this paper, we perform the security analysis of A.K.Das's user authentication scheme (given in 2015), Choi et al.'s scheme (given in 2016), and Park et al.'s scheme (given in 2016). The security analysis shows that their schemes are vulnerable to various attacks like user impersonation attack, sensor node impersonation attack and attacks based on legitimate users. Based on the cryptanalysis of these existing protocols, we propose a secure and efficient authenticated session key establishment protocol which ensures various security features and overcomes the drawbacks of existing protocols. The formal and informal security analysis indicates that the proposed protocol withstands the various security vulnerabilities involved in WSNs. The automated validation using AVISPA and Scyther tool ensures the absence of security attacks in our scheme. The logical verification using the Burrows-Abadi-Needham (BAN) logic confirms the correctness of the proposed protocol. Finally, the comparative analysis based on computational overhead and security features of other existing protocol indicate that the proposed user authentication system is secure and efficient. In future, we intend to implement the proposed protocol in real-world applications of WSNs and IoT.

show abstract

Improvement of a Privacy Authentication Scheme Based on Cloud for Medical Environment

Cited by 81 publications

References 19 publications

Cryptanalysis and improvement of a biometric‐based remote user authentication protocol usable in a multiserver environment

Cryptanalysis and improvement of a biometric‐based remote user authentication protocol usable in a multiserver environment

An Efficient Three-Party Authentication Scheme for Data Exchange in Medical Environment

Fuzzy Extractor and Elliptic Curve Based Efficient User Authentication Protocol for Wireless Sensor Networks and Internet of Things

Contact Info

Product

Resources

About