Cryptanalysis and Improvement of `A Privacy Enhanced Scheme for Telecare Medical Information Systems'

Authors:
Saru Kumari;Muhammad Khurram Khan;Rahul Kumar
Affiliations:
Department of Mathematics, Agra College, Agra, India;Center of Excellence in Information Assurance, King Saud University, Riyadh, Kingdom of Saudi Arabia;Department of Mathematics, D. B. S. College, Kanpur, India
Venue:
Journal of Medical Systems
Year:
2012

Citing 16
Cited 2

Managing Medical and Insurance Information Through a Smart-Card-Based Information System

Journal of Medical Systems
Examining Smart-Card Security under the Threat of Power Analysis Attacks

IEEE Transactions on Computers
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Modern Cryptography: Theory and Practice

Modern Cryptography: Theory and Practice
Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards

Computer Standards & Interfaces
Cryptanalysis and security enhancement of a 'more efficient & secure dynamic ID-based remote user authentication scheme'

Computer Communications
SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques

SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques
Technical guidelines for enhancing privacy and data protection in modern electronic medical environments

IEEE Transactions on Information Technology in Biomedicine
A Cryptographic Key Management Solution for HIPAA Privacy/Security Regulations

IEEE Transactions on Information Technology in Biomedicine
A dynamic ID-based remote user authentication scheme

IEEE Transactions on Consumer Electronics
A More Secure Authentication Scheme for Telecare Medicine Information Systems

Journal of Medical Systems
Design and Implementation of a Telecare Information Platform

Journal of Medical Systems
Strong Authentication Scheme for Telecare Medicine Information Systems

Journal of Medical Systems
An Improved Authentication Scheme for Telecare Medicine Information Systems

Journal of Medical Systems
An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems

Journal of Medical Systems
A Privacy Enhanced Authentication Scheme for Telecare Medical Information Systems

Journal of Medical Systems

A Secure Biometrics-based Authentication Scheme for Telecare Medicine Information Systems

Journal of Medical Systems
Robust Chaotic Map-based Authentication and Key Agreement Scheme with Strong Anonymity for Telecare Medicine Information Systems

Journal of Medical Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

To ensure reliable telecare services some user authentication schemes for telecare medical information system (TMIS) have been presented in literature. These schemes are proposed with intent to regulate only authorized access to medical services so that medical information can be protected from misuse. Very recently Jiang et al. proposed a user authentication scheme for TMIS which they claimed to provide enhanced privacy. They made use of symmetric encryption/decryption with cipher block chaining mode (CBC) to achieve the claimed user privacy. Their scheme provides features like user anonymity and user un-traceability unlike its preceding schemes on which it is built. Unluckily, authors overlook some important aspects in designing their scheme due to which it falls short to resist user impersonation attack, guessing attacks and denial of service attack. Besides, its password change phase is not secure; air message confidentiality is at risk and also has some other drawbacks. Therefore, we propose an improved scheme free from problems observed in Jiang et al.'s scheme and more suitable for TMIS.