Secure Privacy-Preserving Biometric Authentication Scheme for Telecare Medicine Information Systems

Journal of Medical Systems

Volumn 38, Issue 11, 2014, Pages

  Li, Xuelei ^a   Wen, Qiaoyan ^a   Li, Wenmin ^a   Zhang, Hua ^a   Jin, Zhengping ^a  

^a BEIJING UNIVERSITY OF POSTS AND TELECOMMUNICATIONS   (China)

Author keywords

Anonymity; Authentication; Biometric; Key agreement; Telecare medicine information system

Indexed keywords

ARTICLE; BIOMETRY; CONFIDENTIALITY; DATA EXTRACTION; ENTROPY; FUZZY SYSTEM; HUMAN; IDENTITY THEFT; MEDICAL INFORMATION SYSTEM; PRIVACY; PROBABILITY; REGISTRATION; TELECARE MEDICINE INFORMATION SYSTEM; TELEMEDICINE; COMPUTER SECURITY; DEVICES; ELECTRONIC MEDICAL RECORD; INFORMATION SYSTEM;

BIOMETRIC IDENTIFICATION; COMPUTER SECURITY; CONFIDENTIALITY; ELECTRONIC HEALTH RECORDS; HUMANS; INFORMATION SYSTEMS; TELEMEDICINE;

EID: 84919949740     PISSN: 01485598     EISSN: 1573689X     Source Type: Journal    
DOI: 10.1007/s10916-014-0139-5     Document Type: Article

References (34)

1. Hsu, C. L., Lee, M. R., and Su, C. H., The role of privacy protection in healthcare information systems adoption. J. Med. Syst. 37(5):1–12, 2013.
2. Touati, F., and Tabish, R., U-Healthcare System: State-of-the-Art Review and Challenges. J. Med. Syst. 37(3):1–20, 2013.
3. Anderson, K. B., Durbin, E., and Salinger, M. A., Identity theft. J. Econom. Perspect. 22(2):171–192, 2008.
4. Jain, A. K., and Nandakumar, K., Biometric authentication: system security and user privacy. IEEE Comput. 45(11):87–92, 2012.
5. Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electr. 46(1):28–30, 2000.
6. Chien, H. Y., Jan, J. K., and Tseng, Y. M., An efficient and practical solution to remote authentication: smart card. Comput. Secur. 21(4):372–375, 2002.
7. Awasthi, A. K., Srivastava, K., and Mittal, R. C., An improved timestamp-based remote user authentication scheme. Comput. Electr. Eng. 37(6):869–874, 2011.
8. Li, X., Niu, J., Khurram Khan, M., and Liao, J., An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. 36(5):1365–1371, 2013.
9. Wen, F., Susilo, W., and Yang, G., A robust smart card-based anonymous user authentication protocol for wireless communications. Secur. Commun. Netw. 2013. DOI: 10.1002/sec.816.
10. Das, M. L., Saxena, A., and Gulati, V. P., A dynamic ID-based remote user authentication scheme. IEEE Trans. Consum. Electr. 50(2):629–631, 2004.
11. Awasthi, A.K., Comment on a dynamic ID-based remote user authentication scheme. arXiv preprint cs/0410011, 2004. Available on: http://arxiv.org/ftp/cs/papers/0410/0410011.pdf.
12. Li, X., Ma, J., Wang, W., Xiong, Y., and Zhang, J., A novel smart card and dynamic ID based remote user authentication scheme for multi-server environment. Mathematical and Computer Modelling 58(1–2):85–95, 2013.
13. Wen, F., and Li, X., An improved dynamic ID-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38(2):381–387, 2012.
14. Lee, T. F., and Liu, C. M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 37(3):1–8, 2013.
15. Kocher, P., Jaffe, J., and Jun, B., Differential power analysis. Advances in Cryptology-CRYPTO 99:388–397, 1999.
16. Messerges, T. S., Dabbish, E. A., and Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.
17. Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., and Shalmani, M. T. M., On the power of power analysis in the real world: A complete break of the KeeLoq code hopping scheme. Advances in Cryptology-CRYPTO 08:203–220, 2008.
18. Chen, H. M., Lo, J. W., and Yeh, C. K., An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.
19. Cao, T., and Zhai, J., Improved dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–7, 2013.
20. Xie, Q., Zhang, J., and Dong, N., Robust anonymous authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–8, 2013.
21. Fan, C. I., and Lin, Y. H., Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics. IEEE Trans. Inf. Foren. Sec. 4(4):933–945, 2009.
22. Li, C. T., and Hwang, M. S., An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1–5, 2010.
23. Li, X., Niu, J., Ma, J., Wang, W., and Liu, C., Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications 34(1):73–79, 2011.
24. Li, X., Niu, J., Wang, Z., Chen, C., Applying biometrics to design three-factor remote user authentication scheme with key agreement. Security and Communication Networks, 2013, in press, DOI: 10.1002/sec.767.
25. Li, X., Niu, J., Khan, M., Liao, J., Zhao, X., Robust three-factor remote user authentication scheme with key agreement for multimedia systems. Security and Communication Networks, 2013, in press, DOI: 10.1002/sec.961.
26. Huang, X., Xiang, Y., Chonka, A., Zhou, J., and Deng, R. H., A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans. Parallel Distrib. Syst. 22(8):1390–1397, 2011.
27. Das, A. K., and Bruhadeshwar, B., An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system. J. Med. Syst. 37(5):1–17, 2013.
28. He, D., Chen, J., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.
29. Awasthi, A. K., and Srivastava, K., A biometric authentication scheme for telecare medicine information systems with nonce. J. Med. Syst. 37(5):1–4, 2013.
30. Mishra, D., and Mukhopadhyay, S., Security enhancement of biometric authentication scheme for telecare medicine information systems with nonce. arXiv preprint arXiv:1309.4690, 2013. Available on: http://arxiv.org/pdf/1309.4690v2.pdf.
31. Dodis, Y., Ostrovsky, R., Reyzin, L., and Smith, A., Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1):97–139, 2008.
32. Burrows, M., Abadi, M., and Needham, R., A logic of authentication. Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences 426(1871):233–271, 1989.
33. Halevi, S., and Krawczyk, H., Public-key cryptography and password protocols. ACM Transactions on Information and System Security (TISSEC) 2(3):230–268, 1999.
34. Li, X., Wen, Q., Zhang, H., and Jin, Z., An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks. International Journal of Network Management 23(5):311–324, 2013.