An Improved RSA Based User Authentication and Session Key Agreement Protocol Usable in TMIS

Journal of Medical Systems

Volumn 39, Issue 8, 2015, Pages

  Amin, Ruhul ^a   Biswas, G P ^a  

^a INDIAN SCHOOL OF MINES   (India)

Author keywords

Authentication; AVISPA tool; RSA cryptosystem; Smart card; User anonymity

Indexed keywords

ARTICLE; COMPUTER LANGUAGE; COMPUTER SECURITY; COMPUTER SIMULATION; COST; MEDICAL INFORMATION SYSTEM; NOMENCLATURE; RADIOFREQUENCY IDENTIFICATION; RELIABILITY; RSA CRYPTOSYSTEM; SMART CARD; TELECARE MEDICAL INFORMATION SYSTEM; TELECONSULTATION; ALGORITHM; CONFIDENTIALITY; DEVICES; HUMAN; INFORMATION SYSTEM; TELEMEDICINE;

ALGORITHMS; COMPUTER SECURITY; CONFIDENTIALITY; HUMANS; INFORMATION SYSTEMS; TELEMEDICINE;

EID: 84933506630     PISSN: 01485598     EISSN: 1573689X     Source Type: Journal    
DOI: 10.1007/s10916-015-0262-y     Document Type: Article

References (46)

1. Amin, R., Cryptanalysis and an efficient secure id-based remote user authentication using smart card. Int. J. Comput. Appl. 75(13):43–48, 2013.
2. Amin, R., and Biswas, G. P.: Anonymity preserving secure hash function based authentication scheme for consumer usb mass storage device. In: 3rd International Conference on Computer, Communication, Control and Information Technology (C3IT), 2015, pp. 1–6. doi:10.1109/C3IT.2015.7060190 (2015)
3. Amin, R., and Biswas, G.P., Design and analysis of bilinear pairing based mutual authentication and key agreement protocol usable in multi-server environment. Wirel. Pers. Commun., 1–24, 2015. doi:10.1007/s11277-015-2616-7.
4. Amin, R., and Biswas, G. P., A novel user authentication and key agreement protocol for accessing multi-medical server usable in tmis. J. Med. Syst. 39(3):33, 2015. doi:10.1007/s10916-015-0217-3.
5. Amin, R., and Biswas, G. P.: Remote access control mechanism using rabin public key cryptosystem. In: Information Systems Design and Intelligent Applications, Advances in Intelligent Systems and Computing. Vol. 339, pp. 525–533. India: Springer. doi:10.1007/978-81-322-2250-7_52 (2015)
6. Amin, R., Maitra, T., Rana, S. P., An improvement of Wang et. al.’s remote user authentication scheme against smart card security breach. Int. J. Comput. Appl. 75(13):37–42, 2013.
7. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P., Hem, P., Kouchnarenko, O., Mantovani, J., Mdersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Vigan, L., Vigneron, L.: The avispa tool for the automated validation of internet security protocols and applications. In: Computer Aided Verification, Lecture notes in computer science. Vol. 3576, pp. 281–285 (2005)
8. Arshad, H., and Nikooghadam, M., Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(12):136, 2014. doi:10.1007/s10916-014-0136-8.
9. Chang, Y. F., Yu, S. H., Shiao, D. R., A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(2):9902, 2013. doi:10.1007/s10916-012-9902-7.
10. Dolev, D., and Yao, A. C., On the security of public key protocols. IEEE Trans. Inf. Theory 29(2):198–208, 1983.
11. Giri, D., Maitra, T., Amin, R., Srivastava, P., An efficient and robust rsa-based remote user authentication for telecare medical information systems. J. Med. Syst. 39(1):145, 2014. doi:10.1007/s10916-014-0145-7.
12. He, D., Jianhua, C., Rui, Z., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.
13. He, D., Kumar, N., Chilamkurti, N., Lee, J. H., Lightweight ecc based rfid authentication integrated with an id verifier transfer protocol. J. Med. Syst. 38(10):116, 2014. doi:10.1007/s10916-014-0116-z doi:10.1007/s10916-014-0116-z.
14. Islam, S. H., Design and analysis of a three party password-based authenticated key exchange protocol using extended chaotic maps. Inf. Sci. 312(0):104–130, 2015. doi:10.1016/j.ins.2015.03.050.
15. Islam, S. H., and Biswas, G. P., A more efficient and secure id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J. Syst. Softw. 84(11):1892–1898, 2011.
16. Islam, S. H., and Biswas, G. P., A provably secure identity-based strong designated verifier proxy signature scheme from bilinear pairings. Journal of King Saud University - Computer and Information Sciences 26(1):55–67, 2014. doi:10.1016/j.jksuci.2013.03.004.
17. Islam, S. H., and Khan, M. K., Cryptanalysis and improvement of authentication and key agreement protocols for telecare medicine information systems. J. Med. Syst. 38(10):135, 2014. doi:10.1007/s10916-014-0135-9.
18. Khan, M. K., and Kumari, S., An authentication scheme for secure access to healthcare services. J. Med. Syst. 37(4):9954, 2013. doi:10.1007/s10916-013-9954-3.
19. Khan, M. K., and Kumari, S., Cryptanalysis and improvement of an efficient and secure dynamic id-based authentication scheme for telecare medical information systems. Security and Communication Networks 7(2):399–408, 2014. doi:10.1002/sec.791.
20. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Advances in Cryptology CRYPTO 99, Lecture Notes in Computer Science. Vol. 1666, pp. 388–397 (1999)
21. Kumari, S., Gupta, M. K., Khan, M. K., Li, X., An improved timestamp-based password authentication scheme: Comments, cryptanalysis, and improvement. Security and Communication Networks 7:1921–1932, 2014. doi:10.1002/sec.906.
22. Kumari, S., and Khan, M. K., More secure smart card based remote user password authentication scheme with user anonymity. Security and Communication Networks 7:2039–2053, 2013. doi:10.1002/sec.916.
23. Kumari, S., and Khan, M. K., Cryptanalysis and improvement of ’a robust smart-card-based remote user password authentication scheme. Int. J. Commun. Syst. 27:3939–3955, 2014. doi:10.1002/dac.2590.
24. Kumari, S., Khan, M. K., Li, X., An improved remote user authentication scheme with key agreement. Comput. Electr. Eng. 40(6):1997–2012, 2014. doi:10.1016/j.compeleceng.2014.05.007.
25. Kumari, S., Khan, M. K., Li, X., Wu, F., Design of a user anonymous password authentication scheme without smart card. Int. J. Commun. Syst. 27(10):609–618, 2014. doi:10.1002/dac.2853.
26. Lamport, L., Password authentication with insecure communication. Commun. ACM 24(11):770–772, 1981. doi:10.1145/358790.358797.
27. Lee, T. F., An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. J. Med. Syst. 37(6):9985, 2013. doi:10.1007/s10916-013-9985-9.
28. Lee, T. F., Chang, I. P., Lin, T. H., Wang, C. C., A secure and efficient password- based user authentication scheme using smart cards for the integrated epr information system. J. Med. Syst. 37(3):1–7, 2013.
29. Li, X., Niu, J. W., Ma, J., Wang, W. D., Liu, C. L., Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 34(1):73–79, 2011.
30. Lu, Y., Li, L., Peng, H., Yang, Y., An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. J. Med. Syst. 39(3):32, 2015. doi:10.1007/s10916-015-0221-7.
31. Messerges, T. S., Dabbish, E. A., Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.
32. Mishra, D., On the security flaws in id-based password authentication schemes for telecare medical information systems. J. Med. Syst. 39(1):154, 2014. doi:10.1007/s10916-014-0154-6.
33. Mishra, D., Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems. J. Med. Syst. 39(3):19, 2015. doi:10.1007/s10916-015-0193-7.
34. Mishra, D., Mukhopadhyay, S., Chaturvedi, A., Kumari, S., Khan, M. K., Cryptanalysis and improvement of Yan et al.’s biometric-based authentication scheme for telecare medicine information systems. J. Med. Syst. 38(6):24, 2014. doi:10.1007/s10916-014-0024-2.
35. Mishra, D., Mukhopadhyay, S., Kumari, S., Khan, M., Chaturvedi, A., Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce. J. Med. Syst. 38(5):41, 2014. doi:10.1007/s10916-014-0041-1.
36. Mishra, D., Srinivas, J., Mukhopadhyay, S., A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(10): 120, 2014. doi:10.1007/s10916-014-0120-3.
37. Rivest, R. L., Shamir, A., Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2):120–126, 1978. doi:10.1145/359340.359342.
38. Shor, P. W., Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5):1484–1509, 1997. doi:10.1137/S0097539795293172.
39. Tool, A. W. http://www.avispa-project.org/web-interface/ February (2015)
40. Wei, J., Hu, X., Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.
41. Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.
42. Xie, Q., Liu, W., Wang, S., Han, L., Hu, B., Wu, T., Improvement of a uniqueness-and-anonymity-preserving user authentication scheme for connected health care. J. Med. Syst. 38(9):91, 2014. doi:10.1007/s10916-014-0091-4.
43. Xu, L., and Wu, F., Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. J. Med. Syst. 39(2):10, 2015. doi:10.1007/s10916-014-0179-x.
44. Xu, X., Zhu, P., Wen, Q., Jin, Z., Zhang, H., He, L., A secure and efficient authentication and key agreement scheme based on ecc for telecare medicine information systems. J. Med. Syst. 38(1):9994, 2013. doi:10.1007/s10916-013-9994-8.
45. Zhang, L., and Zhu, S., Robust ecc-based authenticated key agreement scheme with privacy protection for telecare medicine information systems. J. Med. Syst. 39(5):49, 2015. doi:10.1007/s10916-015-0233-3.
46. Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6): 3833–3838, 2012.