Title: An improved biometric-based remote user authentication scheme for connected healthcare

Authors: Dheerendra Mishra; Ankita Chaturvedi; Sourav Mukhopadhyay

Addresses: Department of Mathematics, Indian Institute of Technology, Kharagpur 721 302, West Bengal, India ' Department of Mathematics, Indian Institute of Technology, Kharagpur 721 302, West Bengal, India ' Department of Mathematics, Indian Institute of Technology, Kharagpur 721 302, West Bengal, India

Abstract: The advancements in technology have made the internet an efficient and scalable tool to utilise for various online services; one of them is connected healthcare. The connected healthcare system presents the platform to deliver clinical service door to door. In these online services, it is required to ensure the authenticity of patients to protect medical resources/services. In 2013, Chang et al. presented biometric-based remote user authentication scheme with user anonymity for connected healthcare. They claimed that their biometrics based scheme is secure and efficient to validate the legality of the patient. Recently, Das and Goswami demonstrated that Chang et al.'s scheme is vulnerable to insider attack and man-in-the middle attack. They also showed some flaws in login and password change phases of Chang et al.'s scheme. Furthermore, they presented an improved scheme. However, we observe that Das and Goswami's scheme does not provide three factor authentication and is vulnerable to offline identity guessing attack. Further, we propose an improved biometric-based remote user authentication scheme for connected healthcare, which provides efficient login and password change phases where smart card quickly identifies the incorrect input. Moreover, the proposed scheme satisfies all desirable security attributes and achieves three factor authentication.

Keywords: e-medicine; connected healthcare; network security; smart cards; passwords; login; biometrics; cryptanalysis; cryptography; remote user authentication; patient authentication; user anonymity; three factor authentication; e-healthcare; electronic healthcare; healthcare technology.

DOI: 10.1504/IJAHUC.2015.067794

International Journal of Ad Hoc and Ubiquitous Computing, 2015 Vol.18 No.1/2, pp.75 - 84

Received: 16 Sep 2013
Accepted: 19 May 2014

Published online: 05 Mar 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article