Cryptanalysis of Enhanced Biometric-Based Authentication Scheme for Telecare Medicine Information Systems Using Elliptic Curve Cryptosystem

Mun, Jongho; Yu, Jiseon; Kim, Jiye; Yang, Haijun; Won, Dongho

doi:10.1007/978-981-10-0281-6_1

Cited by 2 publications

(1 citation statement)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Amin et al , presented an enhanced patient–server mutual authentication scheme for TMIS to eliminate the security pitfalls found in the scheme of Lu et al , . However, their scheme is vulnerable to privileged‐insider attack through both smart card stolen attack and offline password‐guessing attack because of the following argument.…”

Section: Introductionmentioning

confidence: 99%

Design of an efficient and provably secure anonymity preserving three‐factor user authentication and key agreement scheme for TMIS

Wazid

Das

Kumari

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

Several remote user authentication techniques for telecare medicine information system (TMIS) have been proposed in the literature. But most existing techniques have limitations such as vulnerable to various attacks, lack of functionalities, and inefficiency. Recently, Amin and Biswas proposed a three-factor authentication and key agreement technique for TMIS. But their scheme is inefficient and has several security drawbacks. The attacks such as privileged-insider, user impersonation, and strong reply attacks are possible on their scheme. It also has flaw in password update phase. In order to overcome drawbacks of their scheme, a new provably secure and efficient three-factor remote user authentication scheme for TMIS is proposed in this paper. The proposed scheme overcomes all drawbacks of their scheme and also provides additional features such as user unlinkability, user anonymity, efficient password, and biometric update. The rigorous informal and formal security analysis using random oracle models and the mostly acceptable Automated Validation of Internet Security Protocols and Applications tool is also performed. During the experimentation, it has been observed that the proposed scheme is secure against various known attacks that include replay and man-in-the-middle attacks. Furthermore, the analysis of computation and communication cost estimation of the proposed scheme depicts that our scheme is efficient as compared with other related exiting schemes.

show abstract

Section: Introductionmentioning

confidence: 99%