用于远程医疗信息系统的改进型基于动态身份的认证方案。
Improved dynamic ID-based authentication scheme for telecare medical information systems.
作者信息
Cao Tianjie, Zhai Jingxuan
机构信息
School of Computer, China University of Mining and Technology, Xuzhou, China,
出版信息
J Med Syst. 2013 Apr;37(2):9912. doi: 10.1007/s10916-012-9912-5. Epub 2013 Jan 24.
In order to protect users' identity privacy, Chen et al. proposed an efficient dynamic ID-based authentication scheme for telecare medical information systems. However, Chen et al.'s scheme has some weaknesses. In Chen et al.'s scheme, an attacker can track a user by a linkability attack or an off-line identity guessing attack. Chen et al.'s scheme is also vulnerable to an off-line password guessing attack and an undetectable on-line password guessing attack when user's smart card is stolen. In server side, Chen et al.'s scheme needs large computational load to authentication a legal user or reject an illegal user. To remedy the weaknesses in Chen et al.'s scheme, we propose an improved smart card based password authentication scheme. Our analysis shows that the improved scheme can overcome the weaknesses in Chen et al.'s scheme.
为了保护用户的身份隐私,陈等人提出了一种用于远程医疗信息系统的高效基于动态身份的认证方案。然而,陈等人的方案存在一些弱点。在陈等人的方案中,攻击者可以通过可链接性攻击或离线身份猜测攻击来跟踪用户。当用户的智能卡被盗时,陈等人的方案还容易受到离线密码猜测攻击和难以检测的在线密码猜测攻击。在服务器端,陈等人的方案在认证合法用户或拒绝非法用户时需要大量的计算负载。为了弥补陈等人方案中的弱点,我们提出了一种改进的基于智能卡的密码认证方案。我们的分析表明,改进后的方案可以克服陈等人方案中的弱点。
Zotero 插件