Title: Cryptanalysis and improvement of an authentication scheme for telecare medical information systems

Authors: Yun Zhao; Chunming Zhang

Addresses: School of Information Engineering, Guangdong Medical College, Guangdong 523808, China ' School of Information Engineering, Guangdong Medical College, Guangdong 523808, China

Abstract: The telecare medical information system (TMIS) could improve quality of medical care since it allows patients to enjoy healthcare delivery services in their home. However, the privacy and security influence the development of the TMIS since it is employed in open networks. Recently, Wu and Xu proposed a privacy authentication scheme for the TMIS and claimed that their scheme could overcome weaknesses in previous schemes. However, we will demonstrate that their scheme is vulnerable to the server spoofing attack and cannot provide user anonymity. To overcome weaknesses in their scheme, we also propose a new authentication scheme for the TMIS. Analysis shows that our scheme not only overcomes weaknesses in Wu et al.'s scheme, but also has better performance.

Keywords: mutual authentication; anonymity; smart cards; telecare medical information systems; TMIS; cryptanalysis; cryptography; home care; healthcare delivery; healthcare services; spoofing attacks; healthcare information systems; e-healthcare; electronic healthcare.

DOI: 10.1504/IJESDF.2014.064401

International Journal of Electronic Security and Digital Forensics, 2014 Vol.6 No.3, pp.157 - 168

Received: 13 Mar 2014
Accepted: 31 Mar 2014
Published online: 30 Aug 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article