Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Dianli Guo,Qiaoyan Wen,Wenmin Li,Hua Zhang,Zhengping Jin

DOI: https://doi.org/10.1007/s10916-015-0245-z

IF: 4.92

2015-01-01

Journal of Medical Systems

Abstract:Telecare medical information systems (TMIS), with the explosive growth of communication technology and physiological monitoring devices, are applied increasingly to enable and support healthcare delivery services. In order to safeguard patients’ privacy and tackle the illegal access, authentication schemes for TMIS have been investigated and designed by many researchers. Many of them are promising for adoption in practice, nevertheless, they still have security flaws. In this paper, we propose a novel remote authentication scheme for TMIS using self-certified public keys, which is formally secure in the ID-mBJM model. Besides, the proposed scheme has better computational efficiency. Compared to the related schemes, our protocol is more practical for telemedicine system.

Xuelei Li,Qiaoyan Wen,Wenmin Li,Hua Zhang,Zhengping Jin

DOI: https://doi.org/10.1007/s10916-014-0139-5

IF: 4.92

2014-01-01

Journal of Medical Systems

Abstract:Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient’s medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.

Xuanang Li,Zhiming Zheng,Xiao Zhang

DOI: https://doi.org/10.1109/ngmast.2015.75

2015-01-01

Abstract:Telecare Medicine Information System enables patients to get healthcare services at home expediently and efficiently. Authentication and key agreement protocol suited for TMIS protect patient's privacy via the unsecure network. Recently, numerous protocols have been proposed intend to safeguard the communication between patients and server. However, most of them have high computation overhead and security problems. In this paper, we aim to propose a secure and effective authentication and key agreement protocol using smartcard and password for TMIS. The protocol is based on elliptic curve cryptography. Through security analysis we illustrate that our protocol is secure to resist some known attacks and provide user anonymity. Furthermore, by comparing with other related protocols we show our protocol is superior in security and performance aspects.

Chen Yulei,Chen Jianhua

DOI: https://doi.org/10.1007/s12083-021-01260-w

IF: 3.488

2021-01-01

Peer-to-Peer Networking and Applications

Abstract:Telecare medicine information system (TMIS) is developing rapidly and widely used with the support of computer, communication and other advanced technologies. It can ensure the health of residents, improve the shortage of medical resources, and has broad development prospects. To protect the privacy and life safety of patients, and prevent sensitive medical data from being accessed or even tampered by unauthorized parties, identity authentication protocol is widely applied in TMIS. In this paper, we propose an anonymous authentication and key agreement scheme using elliptic curve cryptography (ECC), which uses temporary identities to protect the privacy of patients. We use the well-known formal method under the random oracle (RO) model to prove the security of the scheme, and use the traditional heuristic discussion to prove that our scheme can resist all kinds of known attacks. Additionally, the results of security and performance analysis show that our scheme has less computation complexity and communication overhead, and can be well applied to the telecare medicine information system.

Yanrong Lu,Lixiang Li,Haipeng Peng,Yixian Yang

DOI: https://doi.org/10.1007/s10916-015-0221-7

IF: 4.92

2015-01-01

Journal of Medical Systems

Abstract:The telecare medical information systems (TMISs) enable patients to conveniently enjoy telecare services at home. The protection of patient’s privacy is a key issue due to the openness of communication environment. Authentication as a typical approach is adopted to guarantee confidential and authorized interaction between the patient and remote server. In order to achieve the goals, numerous remote authentication schemes based on cryptography have been presented. Recently, Arshad et al.(J Med Syst 38(12): 2014) presented a secure and efficient three-factor authenticated key exchange scheme to remedy the weaknesses of Tan et al.’s scheme (J Med Syst 38(3): 2014). In this paper, we found that once a successful off-line password attack that results in an adversary could impersonate any user of the system in Arshad et al.’s scheme. In order to thwart these security attacks, an enhanced biometric and smart card based remote authentication scheme for TMISs is proposed. In addition, the BAN logic is applied to demonstrate the completeness of the enhanced scheme. Security and performance analyses show that our enhanced scheme satisfies more security properties and less computational cost compared with previously proposed schemes.

Qi Jiang,Jianfeng Ma,Zhuo Ma,Guangsong Li

DOI: https://doi.org/10.1007/s10916-012-9897-0

IF: 4.92

2013-01-01

Journal of Medical Systems

Abstract:The telecare medical information system (TMIS) aims to establish telecare services and enable the public to access medical services or medical information at remote sites. Authentication and key agreement is essential to ensure data integrity, confidentiality, and availability for TMIS. Most recently, Chen et al. proposed an efficient and secure dynamic ID-based authentication scheme for TMIS, and claimed that their scheme achieves user anonymity. However, we observe that Chen et al.'s scheme achieves neither anonymity nor untraceability, and is subject to the identity guessing attack and tracking attack. In order to protect user privacy, we propose an enhanced authentication scheme which achieves user anonymity and untraceablity. It is a secure and efficient authentication scheme with user privacy preservation which is practical for TMIS.

Lijun Xiao,Songyou Xie,Dezhi Han,Wei Liang,Jun Guo,Wen-Kuang Chou

DOI: https://doi.org/10.1080/09540091.2021.1889976

2021-01-01

Connection Science

Abstract:The rapid development of information technology promotes the development and application of Telecare Information System (TMIS). However, TMIS also has security problems such as information leakage, false authentication, and key loss. In order to solve the safety problems of TMIS, this paper combines Physical Unclonable Function (PUF) and Elliptic Curve Cryptography (ECC) technology to propose an access control and authentication scheme suitable for TMIS. The proposed scheme uses PUF and compact PUF identity authentication models to implement secure mutual authentication between tag and server. The key information in the scheme is generated by PUF, which not only reduces the cost of algorithm design but also avoids the risk of information leakage and key loss. In addition, this article uses ECC technology to encrypt the PUF response information and random numbers, which can ensure that this data information will not be leaked to the attacker. Then through the ProVerif verification tool and security attribute analysis, it is proved that the scheme is safe in the face of major attacks. The comparative analysis results show that the proposed scheme has higher security and is more suitable for TMIS.

Shuming Qiu,Guoai Xu,Haseeb Ahmad,Licheng Wang

DOI: https://doi.org/10.1109/access.2017.2780124

IF: 3.9

2017-01-01

IEEE Access

Abstract:The telecare medical information systems (TMISs) provide the convenience to the patients/users to be served at home. Along with such ease, it is essential to preserve the privacy and to provide the security to the patients/users in TMIS. Often, authentication protocols are adopted to guarantee privacy and secure interaction between the patients/users and remote server. Recently, Chaudhry et al. pointed out that Islam et al.'s scheme based on smart card is prone to user impersonation and server impersonation attacks. Chaudhry et al. later presented an enhanced scheme based on elliptic curve cryptography to remedy the weaknesses of Islam et al.'s scheme. Unfortunately, we find some important limitations in both schemes. We remark that their scheme is prone to off-line password guessing attack, user/server impersonation attack, and man-in-middle attack. To overcome these limitations, we present an improved authentication scheme keeping apart the threats encountered in the design of Chaudhry et al.'s scheme. Moreover, the presented scheme can also resist all known attacks. We prove the security of the proposed scheme with the help of widespread Burrows-Abadi-Needham logic. A brief comparison with the previous works provides that the presented protocol is more efficient and more secure than other related schemes.

Yihao Hu,Chunguang Huang,Hai Cheng

DOI: https://doi.org/10.1016/j.comcom.2024.02.020

IF: 5.047

2024-02-28

Computer Communications

Abstract:Smart healthcare overcomes the limitations of time and space, allowing users to access medical and health services anywhere and anytime, thus improving the quality and efficiency of these services. However, due to its excessive reliance on wireless public networks, smart healthcare faces challenges and issues related to communication security. As a result, authentication and key agreement are critical as the first line of defense for smart healthcare communications. Over the past few years, numerous authentication and key agreement schemes have been proposed by experts and scholars, but most of these schemes are not applicable to practical scenarios due to their lack of security and efficiency. To address these issues, we propose an elliptic curve-based certificateless conditional privacy-preserving authentication and key agreement scheme. This scheme does not require endorsement from a Certificate Authority (CA) and features lightweight and secure properties, making it suitable for resource-limited smart healthcare communication. In addition, the security of the proposed scheme is proven under the random oracle model, and its safety is supplemented using BAN logic. Finally, performance analysis reveals that the proposed scheme not only satisfies security property and can withstand general attacks but also offers certain advantages in communication efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yulei Chen,Jianhua Chen

DOI: https://doi.org/10.1007/s11042-022-14007-3

IF: 2.577

2022-01-01

Multimedia Tools and Applications

Abstract:Telecare Medicine Information System (TMIS) refers to a medical model that uses communication and information technology to realize multiple medical functions such as remote disease diagnosis, treatment, and health care. Because TMIS is carried out on an insecure public Internet, a large number of mutual authentication and key agreement protocols for TMIS have been proposed to protect the privacy of patients. Recently, Ostad-Sharif et al. proposed a novel anonymous authentication and key agreement scheme for TMIS. In this work, we will demonstrate that Ostad-Sharif et al.'s scheme exists the problems of strong authentication and inefficient password change, and it cannot resist the off-line password guessing attack. To overcome the weaknesses found in Ostad-Sharif et al.'s scheme, we propose a biometrics-based mutual authentication and key agreement protocol for TMIS, making full use of the advantages of one-way hash function and elliptic curve cryptosystem (ECC). The security of the proposed scheme is formally proved under the widely used random oracle model (ROM), and various known malicious attack resistances also are presented by the heuristic discussion. Compared with the existing related schemes, the computation cost and communication overhead of our scheme are reduced by 74.5% and 27.3% respectively.

Xiong Li,Fan Wu,Muhammad Khurram Khan,Lili Xu,Jian Shen,Minho Jo

DOI: https://doi.org/10.1016/j.future.2017.08.029

2018-01-01

Abstract:As a kind of e-health notion, telemedicine employs telecommunication and information technologies to provide remote clinical health care. Telecare medicine information system (TMIS) is a widely used application nowadays. Through the services provided by such e-health systems, doctors can obtain the variation of patients’ conditions and make treatments quickly and accordingly. Recently, researchers have employed the Chebyshev chaotic maps in the authentication process of TMISs. Unfortunately, many kinds of security weaknesses such as off-line guessing attack, destitution of user anonymity and session key agreement happen in relative work. To overcome the disadvantages, we propose a secure remote authentication scheme employing the chaotic maps. We use the formal proof under random oracle model, and the famous verification tool Proverif to prove the security of the proposed scheme. Besides, informal analysis including ten security properties and performance comparison are shown to supplement the security properties. From the formal proof, we can see that the attacker has a negligible probability to crack the scheme over the active guessing attack. The formal verification demonstrates that our scheme can resist the attackers simulated by the tool Proverif. Moreover, we compare our scheme with several recent schemes, and the comparison results show that our scheme reaches the level of security requirements and also has suitable cost in performance. Thus, it is more applicable to telecare medicineenvironments.

Mingping Qi,Jianhua Chen,Yitao Chen

DOI: https://doi.org/10.1016/j.cmpb.2018.07.008

IF: 6.1

2018-01-01

Computer Methods and Programs in Biomedicine

Abstract:BACKGROUND AND OBJECTIVES:Telecare Medicine Information System (TMIS) enables physicians to efficiently and conveniently make certain diagnoses and medical treatment for patients over the insecure public Internet. To ensure patients securely access to medicinal services, many authentication schemes have been proposed. Although numerous cryptographic authentication schemes for TMIS have been proposed with the aim to ensure data security, user privacy and authentication, various forms of attacks make these schemes impractical.METHODS:To design a truly secure and practical authentication scheme for TMIS, a new biometrics-based authentication key exchange protocol for multi-server TMIS without sharing the system private key with distributed servers is presented in this work.RESULTS:Our proposed protocol has perfect security features including mutual authentication, user anonymity, perfect forward secrecy and resisting various well-known attacks, and these security feathers are confirmed by the BAN logic and heuristic cryptanalysis, respectively.CONCLUSIONS:A secure biometrics-based authentication key exchange protocol for multi-server TMIS is presented in this work, which has perfect security properties including perfect forward secrecy, supporting user anonymity, etc., and can withstand various attacks such as impersonation attack, off-line password guessing attack, etc.. Considering security is the most important factor for an authentication scheme, so our scheme is more suitable for multi-server TMIS.

Hong Lai,Mingxing Luo,Zhiguo Qu,Fuyuan Xiao,Mehmet A. Orgun

DOI: https://doi.org/10.1007/s11277-017-4902-z

IF: 2.017

2017-01-01

Wireless Personal Communications

Abstract:The Internet has become an increasingly appealing medium for telecare medicine information systems (TMISs). However, the open nature of the Internet poses serious security threats and vulnerabilities to TMISs and privacy concerns to the patients and medical personnel. This work proposes a hybrid quantum key distribution protocol to provide security in TMISs, leveraging the key agreement of classical and quantum key distribution. Our protocol induces low energy and computation overheads to achieve privacy and trusted operations for TMISs. This is because quantum key distribution employs the principles of quantum mechanics rather than computational complexity, to avoid various attacks such as the man-in-the-middle attacks, the replay attacks and the passive attacks. Meanwhile, classical cryptography can be used to achieve user authentication efficiently. Therefore, our protocol may be available with the rapid developments of extensive experiments for quantum key distribution.

Dianli Guo,Qiaoyan Wen,Wenmin Li,Hua Zhang,Zhengping Jin

DOI: https://doi.org/10.1007/s10916-015-0194-6

IF: 4.92

2015-01-01

Journal of Medical Systems

Abstract:Telecare medical information system (TMIS) offers healthcare delivery services and patients can acquire their desired medical services conveniently through public networks. The protection of patients’ privacy and data confidentiality are significant. Very recently, Mishra et al. proposed a biometrics-based authentication scheme for telecare medical information system. Their scheme can protect user privacy and is believed to resist a range of network attacks. In this paper, we analyze Mishra et al.’s scheme and identify that their scheme is insecure to against known session key attack and impersonation attack. Thereby, we present a modified biometrics-based authentication scheme for TMIS to eliminate the aforementioned faults. Besides, we demonstrate the completeness of the proposed sche-me through BAN-logic. Compared to the related schemes, our protocol can provide stronger security and it is more practical.

Qiong Pu,Jian Wang,Rongyong Zhao

DOI: https://doi.org/10.1007/s10916-011-9735-9

IF: 4.92

2011-01-01

Journal of Medical Systems

Abstract:The telecare medicine information system enables or supports health-care delivery services. A secure authentication scheme will thus be needed to safeguard data integrity, confidentiality, and availability. In this paper, we propose a generic construction of smart-card-based password authentication protocol and prove its security. The proposed framework is superior to previous schemes in three following aspects : (1) our scheme is a true two-factor authentication scheme. (2) our scheme can yield a forward secure two-factor authentication scheme with user anonymity when appropriately instantiated. (3) our scheme utilizes each user's unique identity to accomplish the user authentication and does not need to store or verify others's certificates. And yet, our scheme is still reasonably efficient and can yield such a concrete scheme that is even more efficient than previous schemes. Therefore the end result is more practical for the telecare medicine system.

Dongqing Xu,Jianhua Chen,Shu Zhang,Qin Liu

DOI: https://doi.org/10.1007/s10916-018-1047-x

IF: 4.92

2018-01-01

Journal of Medical Systems

Abstract:Significant development of information technologies has made Telecare Medical Information Systems (TMISs) increasingly popular. In a TMIS, patients upload their medical data through smart devices to obtain a doctor's diagnosis. However, these smart devices have limited computing and storage capacities, so it is difficult to store substantial patient information and to support time-consuming operations. Moreover, although many three-factor authentication protocols have been proposed for TMISs, the problems of privacy leaks and other security flaws are serious. In addition, authentication factors are verified at the user side in most protocols, giving users a high level of trust and resulting in a potential lack of security. In this paper, we propose a novel efficient truly three-factor authentication protocol for TMISs. In our proposed protocol, three factors (i.e., password, smart card and biometrics) are verified at the server side, which reduces the storage and computational burden of the user side. Additionally, our proposed protocol uses only lightweight operators and is thus efficient. A formal proof analysis demonstrates that our proposed protocol is provably secure in the random oracle model. The performance evaluation shows that the proposed protocol is very efficient and suitable for TMISs.

Rui Guo,Qiaoyan Wen,Zhengping Jin,Hua Zhang

DOI: https://doi.org/10.1155/2013/761240

2013-01-01

Abstract:Sensor networks have opened up new opportunities in healthcare systems, which can transmit patient's condition to health professional's hand-held devices in time. The patient's physiological signals are very sensitive and the networks are extremely vulnerable to many attacks. It must be ensured that patient's privacy is not exposed to unauthorized entities. Therefore, the control of access to healthcare systems has become a crucial challenge. An efficient and secure authentication protocol will thus be needed in wireless medical sensor networks. In this paper, we propose a certificateless authentication scheme without bilinear pairing while providing patient anonymity. Compared with other related protocols, the proposed scheme needs less computation and communication cost and preserves stronger security. Our performance evaluations show that this protocol is more practical for healthcare system in wireless medical sensor networks.

Fan Wu,Lili Xu

DOI: https://doi.org/10.1007/s10916-013-9958-z

IF: 4.92

2013-01-01

Journal of Medical Systems

Abstract:Nowadays, patients can gain many kinds of medical service on line via Telecare Medical Information Systems(TMIS) due to the fast development of computer technology. So security of communication through network between the users and the server is very significant. Authentication plays an important part to protect information from being attacked by malicious attackers. Recently, Jiang et al. proposed a privacy enhanced scheme for TMIS using smart cards and claimed their scheme was better than Chen et al.’s. However, we have showed that Jiang et al.’s scheme has the weakness of ID uselessness and is vulnerable to off-line password guessing attack and user impersonation attack if an attacker compromises the legal user’s smart card. Also, it can’t resist DoS attack in two cases: after a successful impersonation attack and wrong password input in Password change phase. Then we propose an improved mutual authentication scheme used for a telecare medical information system. Remote monitoring, checking patients’ past medical history record and medical consultant can be applied in the system where information transmits via Internet. Finally, our analysis indicates that the suggested scheme overcomes the disadvantages of Jiang et al.’s scheme and is practical for TMIS.

Wenmin Li,Shuo Zhang,Qi Su,Qiaoyan Wen,Yang Chen

DOI: https://doi.org/10.1155/2018/8131367

2018-01-01

Abstract:Telecare medical information systems (TMIS) enable patients to access healthcare delivery services conveniently. With the explosive development occurring in cloud computing and services, storage of personal medical and health information outsourcing to cloud infrastructure has been a potential alternative. However, this has entailed many considerable security and privacy issues. In order to address the security loopholes, we propose a promising solution satisfying the requirements of cloud computing scenarios for telemedical systems. The proposed scheme could provide both data confidentiality and message authenticity while preserving anonymity. Furthermore, the formal security proof demonstrates that the proposed scheme is resistant to various attacks. The performance comparisons show the proposal's workability and it is well suited to adoption in telemedical services.