Title: User anonymity-based secure authentication protocol for telemedical server systems

Authors: Sunil Gupta; Pradeep Kumar Arya; Hitesh Kumar Sharma

Addresses: Department of Cybernetics, School of Computer Science and Engineering, University of Petroleum and Energy Studies, Dehradun, India ' Department of Computer Science, BML Munjal University, Gurgaon, India ' Department of Cybernetics, School of Computer Science and Engineering, University of Petroleum and Energy Studies, Dehradun, India

Abstract: Telemedical server system enables a user to support the monitoring of health at home and access the medical facility over the network. Recently, many schemes have been proposed for providing security in the medical server system. Recently in year 2017, Limbasiya and Shivam proposed a scheme for medical applications using two-factor key verification. They claimed that the protocol provides security against all types of known active and passive attacks. In this paper we show that the Limbasiya and Shivam scheme suffers from user anonymity, replay and impersonation attack. The Limbasiya and Shivam scheme fails to provide low power consumption in terms of cryptographic computational operation and over head to the server. We propose a secure user anonymity-based authentication protocol to remove the weakness of former protocols. Our scheme is more effective in terms of mutual authentication and low power consumption. The performance analysis of our protocol shows less cryptographic computational cost and the server overload. The proposed protocol is tested and analysed using AVISPA security verification to confirm the secure and authentic protocol for telemedical server system.

Keywords: authentication; telemedical server; AVISPA; efficiency; smart card.

DOI: 10.1504/IJICS.2023.128015

International Journal of Information and Computer Security, 2023 Vol.20 No.1/2, pp.199 - 219

Received: 16 Feb 2021
Accepted: 11 Apr 2021
Published online: 04 Jan 2023 *