Preeti Chandrakar scite author profile

A telecare medicine information system (TMIS) helps in providing an efficient communication platform to patients from home to consult doctors at a clinical center. In TMIS, the patient's confidentiality, security, and mutual authentication are very crucial; so remote authentication plays a vital role for verifying the legitimacy of patients. Recently, Amin and Biswas have devised a remote authentication protocol for TMIS, claiming it to be secured from various malicious vulnerabilities. We examine this protocol and find that it is not able to withstand many attacks that include off-line and online password-guessing, identity-guessing, user impersonation, privileged insider, and known session key temporary information attacks. We propose a 3-factor-based authentication protocol for TMIS by overcoming these security shortcomings. We present its security verification in formal and informal ways, which assert its resistivity against various security threats. We use the Burrows-Abadi-Needham logic for validating it, and with the Automated Validation of Internet Security Protocols and Applications tool, it is simulated. Further, the performance evaluation and the security functionalities justify high degree of security with efficient complexity.

show abstract

Cryptanalysis and improvement of a biometric‐based remote user authentication protocol usable in a multiserver environment

Chandrakar

2017

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Recently, Amin and Biswas have discussed a bilinear pairing–based three‐factor remote user authentication protocol, claiming it to be secured against various attacks. We scrutinize this protocol and find that it is vulnerable to identity guessing attack, password guessing attack, user untraceability attack, user‐server impersonation attack, new smart card issue attack, and privileged insider attack. In this paper, we propose an elliptic curve cryptography and biometric‐based remote user authentication protocol for a multiserver environment by overcoming these drawbacks. We conduct its informal and formal security analysis to show that it resists all known security attacks. The Burrows‐Abadi‐Needham (BAN) logic verifies that our protocol facilitates mutual authentication and session key agreement securely. We simulate it using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool to certify that it can be protected from passive and active threats, including replay and man‐in‐the‐middle attacks. Furthermore, the proposed protocol provides more security attributes and better complexity in terms of smart card storage cost, computation cost, estimated time, and communication cost, as compared with the related existing protocols.

show abstract

Cryptanalysis and Extended Three-Factor Remote User Authentication Scheme in Multi-Server Environment

Chandrakar

2016

Arab J Sci Eng

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.