Cargando…
An improved authenticated key agreement protocol for telecare medicine information system
In telecare medicine information systems (TMIS), identity authentication of patients plays an important role and has been widely studied in the research field. Generally, it is realized by an authenticated key agreement protocol, and many such protocols were proposed in the literature. Recently, Zha...
Autores principales: | , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
Springer International Publishing
2016
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4854862/ https://www.ncbi.nlm.nih.gov/pubmed/27218005 http://dx.doi.org/10.1186/s40064-016-2018-7 |
_version_ | 1782430260016447488 |
---|---|
author | Liu, Wenhao Xie, Qi Wang, Shengbao Hu, Bin |
author_facet | Liu, Wenhao Xie, Qi Wang, Shengbao Hu, Bin |
author_sort | Liu, Wenhao |
collection | PubMed |
description | In telecare medicine information systems (TMIS), identity authentication of patients plays an important role and has been widely studied in the research field. Generally, it is realized by an authenticated key agreement protocol, and many such protocols were proposed in the literature. Recently, Zhang et al. pointed out that Islam et al.’s protocol suffers from the following security weaknesses: (1) Any legal but malicious patient can reveal other user’s identity; (2) An attacker can launch off-line password guessing attack and the impersonation attack if the patient’s identity is compromised. Zhang et al. also proposed an improved authenticated key agreement scheme with privacy protection for TMIS. However, in this paper, we point out that Zhang et al.’s scheme cannot resist off-line password guessing attack, and it fails to provide the revocation of lost/stolen smartcard. In order to overcome these weaknesses, we propose an improved protocol, the security and authentication of which can be proven using applied pi calculus based formal verification tool ProVerif. |
format | Online Article Text |
id | pubmed-4854862 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2016 |
publisher | Springer International Publishing |
record_format | MEDLINE/PubMed |
spelling | pubmed-48548622016-05-23 An improved authenticated key agreement protocol for telecare medicine information system Liu, Wenhao Xie, Qi Wang, Shengbao Hu, Bin Springerplus Research In telecare medicine information systems (TMIS), identity authentication of patients plays an important role and has been widely studied in the research field. Generally, it is realized by an authenticated key agreement protocol, and many such protocols were proposed in the literature. Recently, Zhang et al. pointed out that Islam et al.’s protocol suffers from the following security weaknesses: (1) Any legal but malicious patient can reveal other user’s identity; (2) An attacker can launch off-line password guessing attack and the impersonation attack if the patient’s identity is compromised. Zhang et al. also proposed an improved authenticated key agreement scheme with privacy protection for TMIS. However, in this paper, we point out that Zhang et al.’s scheme cannot resist off-line password guessing attack, and it fails to provide the revocation of lost/stolen smartcard. In order to overcome these weaknesses, we propose an improved protocol, the security and authentication of which can be proven using applied pi calculus based formal verification tool ProVerif. Springer International Publishing 2016-05-03 /pmc/articles/PMC4854862/ /pubmed/27218005 http://dx.doi.org/10.1186/s40064-016-2018-7 Text en © Liu et al. 2016 Open AccessThis article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. |
spellingShingle | Research Liu, Wenhao Xie, Qi Wang, Shengbao Hu, Bin An improved authenticated key agreement protocol for telecare medicine information system |
title | An improved authenticated key agreement protocol for telecare medicine information system |
title_full | An improved authenticated key agreement protocol for telecare medicine information system |
title_fullStr | An improved authenticated key agreement protocol for telecare medicine information system |
title_full_unstemmed | An improved authenticated key agreement protocol for telecare medicine information system |
title_short | An improved authenticated key agreement protocol for telecare medicine information system |
title_sort | improved authenticated key agreement protocol for telecare medicine information system |
topic | Research |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4854862/ https://www.ncbi.nlm.nih.gov/pubmed/27218005 http://dx.doi.org/10.1186/s40064-016-2018-7 |
work_keys_str_mv | AT liuwenhao animprovedauthenticatedkeyagreementprotocolfortelecaremedicineinformationsystem AT xieqi animprovedauthenticatedkeyagreementprotocolfortelecaremedicineinformationsystem AT wangshengbao animprovedauthenticatedkeyagreementprotocolfortelecaremedicineinformationsystem AT hubin animprovedauthenticatedkeyagreementprotocolfortelecaremedicineinformationsystem AT liuwenhao improvedauthenticatedkeyagreementprotocolfortelecaremedicineinformationsystem AT xieqi improvedauthenticatedkeyagreementprotocolfortelecaremedicineinformationsystem AT wangshengbao improvedauthenticatedkeyagreementprotocolfortelecaremedicineinformationsystem AT hubin improvedauthenticatedkeyagreementprotocolfortelecaremedicineinformationsystem |