An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps

设为首页

收藏本站

网站地图 | English | 公务邮箱

About the library

Background
History
Leadership
Organization

Readers' Guide

Opening Hours
Collections
Help Via Email

Publications

Electronic Information Resources

An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps

详细信息查看全文

作者：Jongho Moon ; Younsung Choi ; Jiye Kim ; Dongho Won
关键词：Chebyshev chaotic maps ; User authentication ; Smart cards ; Telecare medicine information systems
刊名：Journal of Medical Systems
出版年：2016
出版时间：March 2016
年：2016
卷：40
期：3
全文大小：547 KB
参考文献：1.Lambrinoudakis, C., and Gritzalis, S., Managing medical and insurance information through a smart-card-based information system. J. Med. Syst 24(4):213–234, 2000.CrossRef PubMed
2.Xie, Q., Hu, B., Dong, N., and Wong, D.S., Anonymous three-party password-authenticated key exchange scheme for telecare medical information systems. PLoS ONE 9(7):e102747, 2014. doi:10.1371/journal.pone.0102747 .PubMedCentral CrossRef PubMed
3.Lamport, L., Password authentication with insecure communication. Commun. ACM. 24(11):770–772, 1981.CrossRef
4.Son, K., Han, D., and Won, D., A privacy-protecting authentication scheme for roaming services with smart cards. IEICE trans. 95(5):1819–1821, 2012.CrossRef
5.Jeon, W., Kim, J., Nam, J., Lee, Y., and Won, D., An enhanced secure authentication scheme with anonymity for wireless environments. IEICE trans. 95(7):2505–2508, 2012.CrossRef
6.Kim, J., Lee, D., Jeon, W., Lee, Y., and Won, D., Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks. Sens. 14(4):6443–6462, 2014.CrossRef
7.Choi, Y., Lee, D., Kim, J., Jung, J., Nam, J., and Won, D., Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography. Sens. 14(6):10081–10106, 2014.CrossRef
8.Choi, Y., Nam, J., Lee, D., Kim, J., Jung, J., and Won, D., Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics. Sci. Wor. J., 2014. doi:10.1155/2014/281305 . Article ID 281305, 15p, 2015.
9.Lu, Y.R., Li, L.X., Peng, H.P., Yang, X., and Yang, Y.X., A lightweight ID based authentication and key agreement protocol for multi-server architecture. Int. J. Distrib. Sens. N., 2015. doi:10.1155/2015/635890 . Article ID 635890, 9p, 2015.
10.Lu, Y.R., Li, L.X., Peng, H.P., and Yang, Y.X., An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. J. Med. Syst 39(3):1–8, 2015.CrossRef
11.Mishra, D., Mukhopadhyay, S., Kumari, S., Khan, M.K., and Chaturvedi, A., Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce. J. Med. Syst. 38(5): 1–11, 2014. doi:10.1007/s10916-014-0041-1 .CrossRef
12.Arshad, H., and Nikooghadam, M., Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(12):1–12, 2014. doi:10.1007/s10916-014-0136-8 .CrossRef
13.Arshad, H., Teymoori, V., Nikooghadam, M., Abbassi, H., On the security of a two-factor authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 39(7):1–10, 2015. doi:10.1007/s10916-015-0259-6 .
14.Wu, Z.Y., Lee, Y.C., Lai, F., Lee, H.C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.CrossRef PubMed
15.He, D.B., Chen, J.H., and Zhang, R., A More Secure Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 36(3):1989–1995, 2012.CrossRef
16.Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.CrossRef PubMed
17.Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6): 3833–3838 , 2012.CrossRef PubMed
18.Özkaynak, F., and Yavuz, Designing chaotic S-boxes based on time-delay chaotic system. Nonlinear Dyn. 74(3):551–557, 2013.CrossRef
19.Khan, M., Shah, T., Mahmood, H., and Gondal, M.A., An efficient method for the construction of block cipher with multichaotic systems. Nonlinear Dyn. 71:489–492, 2013.CrossRef
20.Mishra, D., Srinivas, J., Mukhopadhyay, S., A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information. J. Med. Syst. 38(10):1–10, 2014. doi:10.1007/s10916-014-0120-3 .CrossRef
21.Gao, B., Shi, Y.F., Yang, C.L., Li, L.X., Wang, L.C., and Yang, Y.X., STP-LWE: A variant of learning with error for a flexible encryption. Vol. 341490, pp. 1–7, 2014. Article ID 2014.
22.Xiao, D., Liao, X.F., and Wong, K.W., An efficient entire chaos based scheme for deniable authentication. Chaos Soliton Fract. 23:1327–1331, 2005.CrossRef
23.Tseng, H., Jan, R., and Yang, W., A chaotic maps-based key agreement protocol that preserves user anonymity. IEEE Int. Conf. Commun.,1–6, 2009. ICC09.
24.Niu, Y., and Wang, X., An anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul. 16(4):1986–1992, 2011.CrossRef
25.Xue, K., and Hong, P., Security improvement on an anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul. 17(7):2969–2977, 2012.CrossRef
26.Guo, C., and Chang, C., Chaotic maps-based passwordauthenticated key agreement using smart cards. Commun. Nonlinear Sci. Numer. Simul. 18(6):1433–1440, 2013.CrossRef
27.Hao, X., Wang, J., Yang, Q., Yan, X., and Li, P., A chaotic map-based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(2):9919, 2013.CrossRef PubMed
28.Lin, H.Y., Improved chaotic maps-based password-authenticated key agreement using smart cards. Commun. Nonlinear Sci. Numer, Simul., 2014. doi:10.1016/j.cnsns.2014.05.027 .
29.Jiang, Q., Ma, J., Lu, X., and Tian, Y., Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J. Med. Syst. 38(2):12, 2014.CrossRef PubMed
30.Lee, T.F., An efficient chaotic map-based authentication and key agreement scheme using smart cards for telecare medicine information systems. J. Med. Syst. 37(6):9985, 2013.CrossRef PubMed
31.Li, C.T., Lee, C.C, and Weng, C.Y., A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. J. Med. Syst. 38(9):1–11, 2014.CrossRef
32.Lu, Y.R., Li, L.X., Peng, H.P., Xie, D., and Yang, Y.X., Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps. J. Med. Syst. 39(6): 1–10, 2015.CrossRef
33.Stallings, W., Cryptography and Network Security: Principles and Practices. 3rd edn: Prentice Hall, 2003.
34.Li, C.T., Lee, C.C., and Weng, C.Y., An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments. Nonlinear Dyn. 74:1133–1143, 2013.CrossRef
35.Lee, C.C., and Hsu, C.W., A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn. 71:201–211, 2013.CrossRef
36.Zhao, D.W., Peng, H.P., Wang, C., and Yang, Y.X., A secret sharing scheme with a short share realizing the (t, n) threshold and the adversary structure. Comput. Math. Appl. 64(4):611–615 , 2012.CrossRef
37.Messerges, T.S., Dabbish, E.A., and Sloan, R.H., Examining smartcard security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.CrossRef
38.Bergamo, P., Arco, P., Santis, A., and Kocarev, L., Security of public key cryptosystems based on Chebyshev polynomials. IEEE. Trans. Circ. Syst. I(52):1382–1393, 2005.CrossRef
39.Lumini, A., and Nanni, L., An improved biohashing for human authentication. Pattern Recogn. 40(3): 1057–1065, 2007.CrossRef
40.Das, A.K., and Goswami, A., An enhanced biometric authentication scheme for telecare medicine information systems with nonce using chaotic hash function. J. Med. Syst 38(6):27, 2014.CrossRef PubMed
41.Stallings, W., Cryptography and network security:principles and practices, 3th edition: Prentice Hall, 2003.
42.Mishra, D., Das, A.K., and Mukhopadhyay, S., A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards, A. Expert Sys. Appl. 41(18):8129–8143, 2014.CrossRef
43.Das, A.K., Paul, N.R., and Tripathy, L., Cryptanalysis and improvement of an access control in user hierarchy based on elliptic curve cryptosystem. Information Sci. 209:80–92 , 2012.CrossRef
44.Das, A.K., A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications. Networking Sci. 2(1-2):12–27, 2013.CrossRef
45.Burrow, M., Abadi, M., Needham, R., A logic of authentication. ACM Trans. Compu. Syst. 8:18–36, 1990.
46.Zhao, D.W., Peng, H.P., Li, L.X., and Yang, Y.X., A secure and effective anonymous authentication scheme for roaming service in global mobility networks. Wireless Pers. Commun. 78:247–269, 2013.CrossRef
47.Lee, C.C., Lou, D.C., Li, C.T., and Hsu, C.W., An extended chaotic maps-based protocol with key agreement for multiserver environments. Nonlinear Dyn. 76(1):853–866, 2014.CrossRef
作者单位：Jongho Moon (1)
Younsung Choi (1)
Jiye Kim (1)
Dongho Won (1)

1. Information Security Group, Sungkyunkwan University, 2066 Seobu-ro, Suwon, 16419, Korea
刊物类别：Mathematics and Statistics
刊物主题：Statistics
Statistics for Life Sciences, Medicine and Health Sciences
Health Informatics and Administration
出版者：Springer Netherlands
ISSN：1573-689X

文摘

Recently, numerous extended chaotic map-based password authentication schemes that employ smart card technology were proposed for Telecare Medical Information Systems (TMISs). In 2015, Lu et al. used Li et al.’s scheme as a basis to propose a password authentication scheme for TMISs that is based on biometrics and smart card technology and employs extended chaotic maps. Lu et al. demonstrated that Li et al.’s scheme comprises some weaknesses such as those regarding a violation of the session-key security, a vulnerability to the user impersonation attack, and a lack of local verification. In this paper, however, we show that Lu et al.’s scheme is still insecure with respect to issues such as a violation of the session-key security, and that it is vulnerable to both the outsider attack and the impersonation attack. To overcome these drawbacks, we retain the useful properties of Lu et al.’s scheme to propose a new password authentication scheme that is based on smart card technology and requires the use of chaotic maps. Then, we show that our proposed scheme is more secure and efficient and supports security properties.