A Secure and Robust Password-Based Remote User Authentication Scheme Using Smart Cards for the Integrated EPR Information System

Journal of Medical Systems

Volumn 39, Issue 3, 2015, Pages

  Das, Ashok Kumar ^a  

^a INTERNATIONAL INSTITUTE OF INFORMATION TECHNOLOGY   (India)

Author keywords

AVISPA; Hash function; Integrated EPR information system; Mutual authentication; Password; Security; Smart cards; User authentication

Indexed keywords

ARTICLE; AUTOANALYSIS; ELECTRONIC MEDICAL RECORD; HUMAN; INTERNET; INTERPERSONAL COMMUNICATION; MEDICAL INFORMATION SYSTEM; REGISTRATION; SMART CARD; COMPUTER INTERFACE; COMPUTER SECURITY; CONFIDENTIALITY; DEVICES; INFORMATION SYSTEM; ORGANIZATION AND MANAGEMENT; STANDARDS;

COMPUTER SECURITY; CONFIDENTIALITY; ELECTRONIC HEALTH RECORDS; HUMANS; INFORMATION SYSTEMS; USER-COMPUTER INTERFACE;

EID: 84922455207     PISSN: 01485598     EISSN: 1573689X     Source Type: Journal    
DOI: 10.1007/s10916-015-0204-8     Document Type: Article

References (29)

1. Aumasson, J.P., Henzen, L., Meier, W., Plasencia, M.N., Quark: A lightweight hash. In: Workshop on Cryptographic Hardware and Embedded Systems (CHES 2010), LNCS, vol. 6225, pp. 1–15, 2010.
2. AVISPA, Automated Validation of Internet Security Protocols and Applications, 2013. Accessed on January 2013. http://www.avispa-project.org/.
3. AVISPA, AVISPA Web Tool, 2014. Accessed on April 2014. http://www.avispa-project.org/web-interface/expert.php/.
4. Basin, D., Modersheim, S., OFMC, L. Vigano., A symbolic model checker for security protocols. Int. J. Inf. Secur. 4(3):181–208, 2005.
5. Chang, Y.-F., Yu, S.-H., Shiao, D.-R., An uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(2):1–9, 2013.
6. Chatterjee, S., and Das, A.K., An effective ECC-based user access control scheme with attribute-based encryption for wireless sensor networks. Secur. Commun. Netw., 2014. doi:10.1002/sec.1140.
7. Das, A.K, Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Inf. Secur. 5(3):145–151, 2011.
8. Das, A.K., A random key establishment scheme for multi-phase deployment in large-scale distributed sensor networks. Int. J. Inf. Secury. 11(3):189–211, 2012.
9. Das, A.K., A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications. Netw. Sci. 2(1-2):12–27, 2013.
10. Das, A.K., A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Netw. Appl., 2014. doi:10.1007/s12083-014-0324-9.
11. Das, A.K., Chatterjee, S., Sing, J.K., A novel efficient access control scheme for large-scale distributed wireless sensor networks. Int. J. Found. Comput. Sci. 24(5):625–653, 2013.
12. Das, A.K., and Goswami, A., A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(3):1–16, 2013.
13. Das, A.K., Massand, A., Patil, S., A novel proxy signature scheme based on user hierarchical access control policy. J. King Saud University - Comput. Inform. Sci. 25(2):219–228, 2013.
14. Das, M.L., Two-factor user authentication in wireless sensor networks. IEEE Trans. Wirel. Commun. 8(3):1086–1090, 2009.
15. Dolev, D., and Yao, A., On the security of public key protocols. IEEE Trans. Inf. Theory 29(2):198–208, 1983.
16. Kocher, P., Jaffe, J., Jun, B., Differential power analysis. In: Proceedings of Advances in Cryptology - CRYPTO’99, LNCS, vol. 1666, pp. 388–397, 1999.
17. Lee, T.-F., Chang, I.-P., Lin, T.-H., Wang, C.-C., A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system. J. Med. Syst. 37(3), 2013.
18. Manuel, S., Classification and generation of disturbance vectors for collision attacks against SHA-1. Des. Codes Crypt. 59(1-3):247–263, 2011.
19. Messerges, T.S., Dabbish, E.A., Sloan, R.H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.
20. Mishra, D., On the security flaws in id-based password authentication schemes for telecare medical information systems. J. Med. Syst. 39(1), 2014.
21. Mishra, D., Das, A.K., Mukhopadhyay, S., A secure and efficient ECC-based user anonymity-preserving session initiation authentication protocol using smart card, 2014. doi:10.1007/s12083-014-0321-z.
22. Mishra, D., Mukhopadhyay, S., Kumari, S., Khan, M.K., Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce. J. Med. Sys 38(5), 2014.
23. Mishra, D., Srinivas, J., Mukhopadhyay, S., A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Sys 38(10), 2014.
24. Sarkar, P., A simple and generic construction of authenticated encryption with associated data. ACM Trans Inf. Syst. Secur. 13(4):33, 2010.
25. Stallings, W., Cryptography and network security: Principles and practices. 3 ed. Englewood Cliffs: Prentice Hall, 2003.
26. Secure Hash Standard: Secure hash standard, FIPS PUB 180-1, National Institute of Standards and Technology (NIST), U.S. Department of Commerce, April 1995 (1995)
27. Stinson, D.R., Some observations on the theory of cryptographic hash functions. Des. Codes Crypt. 38(2):259–277, 2006.
28. Wen, F., A more secure anonymous user authentication scheme for the integrated EPR information system. J. Med. Syst. 38(5):42, 2014.
29. Wu, Z.Y., Chung, Y.-F., Lai, F., Chen, T.-S., A password-based user authentication scheme for the integrated EPR information system. J. Med. Syst. 36(2):631–638, 2012.