Universiti Teknologi Malaysia Institutional Repository

Cryptanalysis and improvement of'a secure authentication scheme for telecare medical information system' with nonce verification

Siddiqui, Z. and Abdullah, A. H. and Khan, M. K. and Alghamdi, A. S. (2016) Cryptanalysis and improvement of'a secure authentication scheme for telecare medical information system' with nonce verification. Peer-to-Peer Networking and Applications, 9 (5). pp. 841-853. ISSN 1936-6442

Full text not available from this repository.

Official URL: https://www.scopus.com/inward/record.uri?eid=2-s2....

Abstract

In 2009, Xu et al. presented an improved smartcard based authentication scheme while using a security model previously applied by Bellare et al. to prove the security of their authentication methods. Later on, in 2012, Wu et al. pointed out number of authentication attacks in Xu et al. scheme. To address these issues, Wu et al. presented a Smartcard based Two-Factor Authentication (2FA) scheme for Telecare Medical Information System (TMIS) facility. In this study, we prove that authentication scheme of Wu et al. is still vulnerable to impersonation attack, offline password guessing attack, forgery attack and many other attacks. Moreover, number of performance and verification issues are also outlined in the authentication scheme of Wu et al. To overcome these issues, an improved and enhanced 3FA Smartphone based authentication method is proposed on a Cloud Computing environment. The proposed scheme is further corroborated using Burrows-Abadi-Needham logic (BAN logic) nonce verification. The detailed BAN logic verification and further security analysis shows that the proposed authentication protocol is highly reliable and secure in terms of message verifications, message freshness and trustworthiness of its origin. Moreover, the comparative security, performance and feature analysis shows that the proposed work yields an even more improved and enhanced authentication framework as compared to Wu et al. authentication scheme.

Item Type:Article
Uncontrolled Keywords:Aluminum, Bioinformatics, Cloud computing, Computation theory, Cryptography, Distributed computer systems, Information systems, Medical information systems, Mobile security, Network protocols, Network security, Signal encoding, Smart cards, Smartphones, Authentication protocols, BAN logic, Remote user authentication, Telecare, TMIS, Authentication
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computing
ID Code:72164
Deposited By: Fazli Masari
Deposited On:20 Nov 2017 08:18
Last Modified:20 Nov 2017 08:18

Repository Staff Only: item control page