Department of Computer Engineering and Applications, National Institute of Technical Teacher's Training and Research, Bhopal, India,
J Med Syst. 2015 May;39(5):54. doi: 10.1007/s10916-015-0215-5. Epub 2015 Mar 8.
The Telecare medical information system (TMIS) presents effective healthcare delivery services by employing information and communication technologies. The emerging privacy and security are always a matter of great concern in TMIS. Recently, Chen at al. presented a password based authentication schemes to address the privacy and security. Later on, it is proved insecure against various active and passive attacks. To erase the drawbacks of Chen et al.'s anonymous authentication scheme, several password based authentication schemes have been proposed using public key cryptosystem. However, most of them do not present pre-smart card authentication which leads to inefficient login and password change phases. To present an authentication scheme with pre-smart card authentication, we present an improved anonymous smart card based authentication scheme for TMIS. The proposed scheme protects user anonymity and satisfies all the desirable security attributes. Moreover, the proposed scheme presents efficient login and password change phases where incorrect input can be quickly detected and a user can freely change his password without server assistance. Moreover, we demonstrate the validity of the proposed scheme by utilizing the widely-accepted BAN (Burrows, Abadi, and Needham) logic. The proposed scheme is also comparable in terms of computational overheads with relevant schemes.
远程医疗信息系统 (TMIS) 通过运用信息和通信技术提供有效的医疗服务。新兴的隐私和安全问题一直是 TMIS 非常关注的问题。最近,Chen 等人提出了一种基于密码的身份验证方案来解决隐私和安全问题。后来,该方案被证明容易受到各种主动和被动攻击。为了消除 Chen 等人的匿名身份验证方案的缺陷,已经使用公钥密码系统提出了几种基于密码的身份验证方案。然而,它们中的大多数都没有预智能卡认证,这导致登录和密码更改阶段效率低下。为了提出具有预智能卡认证的身份验证方案,我们为 TMIS 提出了一种改进的基于匿名智能卡的身份验证方案。所提出的方案保护用户的匿名性,并满足所有理想的安全属性。此外,所提出的方案具有高效的登录和密码更改阶段,其中可以快速检测到不正确的输入,并且用户可以在无需服务器帮助的情况下自由更改其密码。此外,我们利用广泛接受的 BAN(Burrows、Abadi 和 Needham)逻辑证明了所提出方案的有效性。所提出的方案在计算开销方面与相关方案相当。
