A Multiserver Biometric Authentication Scheme for TMIS using Elliptic Curve Cryptography

Journal of Medical Systems

Volumn 40, Issue 11, 2016, Pages

  Chaudhry, Shehzad Ashraf ^a   Khan, Muhammad Tawab ^a   Khan, Muhammad Khurram ^b   Shon, Taeshik ^c  

^a INTERNATIONAL ISLAMIC UNIVERSITY   (Pakistan)

^b KING SAUD UNIVERSITY   (Saudi Arabia)

^c Ajou University   (South Korea)

Author keywords

Authentication; Biometrics; Impersonation attack; Multiserver; ProVerif; Smart card stolen; Stolen verifier

Indexed keywords

BIOMETRY; DOCTOR PATIENT RELATION; HUMAN; INFORMATION SYSTEM; MEDICINE; SMART CARD; COMPUTER SECURITY; CONFIDENTIALITY; DEVICES; MEDICAL INFORMATION SYSTEM; TELEMEDICINE;

BIOMETRIC IDENTIFICATION; COMPUTER SECURITY; CONFIDENTIALITY; HEALTH INFORMATION EXCHANGE; HEALTH SMART CARDS; HUMANS; TELEMEDICINE;

EID: 84988420360     PISSN: 01485598     EISSN: 1573689X     Source Type: Journal    
DOI: 10.1007/s10916-016-0592-4     Document Type: Article

References (33)

1. Alizadeh, M., Zamani, M., Baharun, S., Manaf, A. A., Sakurai, K., Anada, H., Keshavarz, H., Chaudhry, S. A., Khan, M. K., Cryptanalysis and improvement of a secure password authentication mechanism for seamless handover in proxy mobile ipv6 networks. PloS one 10(11):e0142716, 2015.
2. Mir, O., and Nikooghadam, M.: A secure biometrics based authentication with key agreement scheme in telemedicine networks for e-health services
3. He, D., Kumar, N., Chen, J., Lee, C.-C., Chilamkurti, N., Yeo, S.-S., Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimed. Syst. 21(1): 49–60, 2013.
4. Maitra, T., Obaidat, M. S., Islam, S. H., Giri, D., Amin, R.: Security analysis and design of an efficient ecc-based two-factor password authentication scheme. Security and Communication Networks (2016) n/a–n/aSec 1596 doi:10.1002/sec.1596
5. Wang, D., and Wang, P., On the anonymity of two-factor authentication schemes for wireless sensor networks: attacks, principle and solutions. Comput. Netw. 73:41–57, 2014.
6. Wang, D., He, D., Wang, P., Chu, C., Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans Depend Secur Comput 99:1–1, 2014. doi:10.1109/TDSC.2014.2355850.
7. He, D., Zeadally, S., Kumar, N., Lee, J. H., Anonymous authentication for wireless body area networks with provable security. IEEE Syst J 99:1–12, 2016. doi:10.1109/JSYST.2016.2544805.
8. He, D., and Wang, D., Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst J 9(3):816–823, 2015. doi:10.1109/JSYST.2014.2301517.
9. Farash, M. S., Ahmadian-Attari, M., Bayat, M., A certificateless multiple-key agreement protocol based on bilinear pairings. IACR Crypt ePrint Arch 2012:393, 2012.
10. Farash, M. S., Attari, M. A., Atani, R. E., Jami, M., A new efficient authenticated multiple-key exchange protocol from bilinear pairings. Comput Elect Eng 39(2):530–541, 2013.
11. Amin, R., Islam, S. H., Biswas, G., Khan, M. K., Kumar, N., An efficient and practical smart card based anonymity preserving user authentication scheme for tmis using elliptic curve cryptography. J Med Syst 39 (11):1–18, 2015.
12. Alizadeh, M., Baharun, S., Zamani, M., Khodadadi, T., Darvishi, M., Gholizadeh, S., Ahmadi, H., Anonymity and untraceability assessment of authentication protocols in proxy mobile ipv6. Jurnal Teknologi 72(5).
13. He, D., Kumar, N., Chilamkurti, N.: A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci.
14. Arshad, H., and Nikooghadam, M., An efficient and secure authentication and key agreement scheme for session initiation protocol using ecc. Multimed Tools Appl.,1–17, 2014.
15. He, D., Kumar, N., Shen, H., Lee, J.-H., One-to-many authentication for access control in mobile pay-tv systems. Sci. Chin. Inf. Sci.,1–14, 2015.
16. He, D., Zeadally, S., Wu, L., Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst. J. 99:1–10, 2015. doi:10.1109/JSYST.2015.2428620.
17. Jin, A. T. B., Ling, D. N. C., Goh, A., Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern Recog. 37(11):2245–2255, 2004.
18. Lumini, A., and Nanni, L., An improved biohashing for human authentication. Pattern Recog. 40(3): 1057–1065, 2007.
19. Leng, L., Teoh, A. B. J., Li, M., Khan, M. K., A remote cancelable palmprint authentication protocol based on multi-directional two-dimensional palmphasor-fusion. Secur. Commun. Netw. 7(11):1860–1871, 2014.
20. Leng, L., and Teoh, A. B. J., Alignment-free row-co-occurrence cancelable palmprint fuzzy vault. Pattern Recog. 48(7):2290–2303, 2015.
21. Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M.: On the power of power analysis in the real world: A complete break of the keeloq code hopping scheme. In: Wagner, D. (Ed.) Advances in Cryptology, CRYPTO 2008, Vol. 5157 of Lecture Notes in Computer Science, pp. 203–220. Springer, Berlin (2008), 10.1007/978-3-540-85174-5_12
22. Dolev, D., and Yao, A. C., On the security of public key protocols. IEEE Trans. Inform. Theory 29(2): 198–208, 1983. doi:10.1109/TIT.1983.1056650.
23. Cao, X., and Zhong, S., Breaking a remote user authentication scheme for multi-server architecture. IEEE Commun. Lett. 10(8):580–581, 2006. doi:10.1109/LCOMM.2006.1665116.
24. Messerges, T. S., Dabbish, E. A., Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.
25. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Advances in Cryptology CRYPTO 99, pp. 388–397. Springer (1999)
26. Xie, Q., A new authenticated key agreement for session initiation protocol. Int. J. Commun. Syst. 25(1):47–54, 2012.
27. Xie, Q., Hu, B., Dong, N., Wong, D. S., Anonymous three-party password-authenticated key exchange scheme for telecare medical information systems. PloS one 9(7):e102747, 2014.
28. Wu, F., Xu, L., Kumari, S., Li, X., An improved and provably secure three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Netw. Appl.,1–20, 2016.
29. Chaudhry, S. A., Farash, M. S., Naqvi, H., Kumari, S., Khan, M. K., An enhanced privacy preserving remote user authentication scheme with provable security. Secur. Commun. Netw., 1–13, 2015. doi:10.1002/sec.1299.
30. Kalra, S., and Sood, S., Advanced remote user authentication protocol for multi-server architecture based on ecc. J. Inf. Secur. Appl. 18(2):98–107, 2013.
31. Kim, H., Jeon, W., Lee, K., Lee, Y., Won, D.: Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme. In: Computational Science and Its Applications–ICCSA 2012, pp. 391–406. Springer (2012)
32. Yoon, E.-J., and Yoo, K.-Y., Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J. Supercomput. 63(1):235–255, 2013.
33. Kilinc, H. H., and Yanik, T., A survey of sip authentication and key agreement schemes. IEEE Commun. Surveys Tutor. 16(2):1005–1023, 2014.