An Anonymous Authentication Protocol Based on Cloud for Telemedical Systems

Li, Wenmin; Zhang, Shuo; Su, Qi; Wen, Qiaoyan; Chen, Yang

doi:https://doi.org/10.1155/2018/8131367

Wireless Communications and Mobile Computing

On this page

Abstract Introduction Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Special Issue

Rethinking Authentication on Smart Mobile Devices

View this Special Issue

Research Article | Open Access

Volume 2018 | Article ID 8131367 | https://doi.org/10.1155/2018/8131367

An Anonymous Authentication Protocol Based on Cloud for Telemedical Systems

Wenmin Li,¹Shuo Zhang,¹Qi Su,²Qiaoyan Wen,¹and Yang Chen¹

Academic Editor: Joseph Liu

Received10 Apr 2018

Accepted02 Aug 2018

Published02 Sept 2018

Abstract

Telecare medical information systems (TMIS) enable patients to access healthcare delivery services conveniently. With the explosive development occurring in cloud computing and services, storage of personal medical and health information outsourcing to cloud infrastructure has been a potential alternative. However, this has entailed many considerable security and privacy issues. In order to address the security loopholes, we propose a promising solution satisfying the requirements of cloud computing scenarios for telemedical systems. The proposed scheme could provide both data confidentiality and message authenticity while preserving anonymity. Furthermore, the formal security proof demonstrates that the proposed scheme is resistant to various attacks. The performance comparisons show the proposal’s workability and it is well suited to adoption in telemedical services.

1. Introduction

With the explosion of cloud computing and services, there has been a growing trend to use the cloud for large-scale data storage and management. It is a new style of computing that offers dynamically scalable network services to external customers delivered over the Internet. Cloud computing provides a powerful underlying architecture for telemedicine, which is an emerging treatment mode for delivering appropriate healthcare services remotely. It facilitates medical practitioners and patients to establish communication over public networks and patients can acquire the medical services via electronic networks conveniently. This will significantly lower the social and economic expenses, while enhancing the medical quality and efficiency.

Cloud computing introduces a new way for medical systems to store and manage medical data, which is complex task. As wearable devices are becoming more and more powerful, patients can obtain their health information timely. They also could upload and access their medical records to the cloud through mobile devices. This can help medical institutions to quickly obtain patients’ physical condition in urgent cases for proper medical diagnosis and treatment process. Any delay in the access to medical record at the time of emergency would cause severe errors, which profoundly affects patient’s therapeutic process. In the cloud based telecare medical information systems, the cloud database is responsible for storing patients’ critical medical data and updates it as the medical treatment availed by the patient. However, the storage of patients’ electronic medical records such as personal information, medical records, and physiological parameters in the medical server may result in the exposure of patients’ privacy. Cloud computing offers expansively developing prospects of new and better models of healthcare; it also raises some security issues due to new potential ways for data theft. And hence, safeguarding security and patients’ privacy in cloud based telecare medical information systems are very significant. Authentication mechanism is a prerequisite to verify the legality of all participants and tackle the illegal access in distributed systems, such as wireless interface systems [1, 2], multiple server architecture based systems [3], smart card based system [4], and mobile radio systems [5, 6]. Furthermore, the anonymous authentication could protect users anonymity and prevent the disclosure of private information [7, 8]. Therefore, a secure authentication protocol is a proper solution to provide security and privacy for TMIS [9–11]. Hitherto, authentication protocol for integration telemedical systems in cloud computing environment recently has drawn significant attention from academia [12–20].

In 2012, Padhy et al. [12] introduced a cloud based model for rural healthcare systems. In 2013, Banerjee et al. [13] presented a new architecture for cloud based healthcare application to serve patients in emergency. Nevertheless, their scheme is unable to offer confidentiality of transmitted data. One year later, Chen et al. [14] proposed a medical data exchange protocol in cloud computing environment. In their scheme, patients and doctors could be convenient to access medical resources outsourced in the cloud. Unfortunately, their scheme could not resist impersonation attacks or provide patient anonymity. To fix the defects, a modification was developed in the same year [15]. In 2016, Chiou et al. [16] showed that their scheme still lacks privacy protection and message authentication. Then, the authors proposed a new privacy authentication scheme based on cloud for TMIS which provided a “real” and complete telemedicine system. However, in 2007, Mohit et al. [17], Cheng et al. [20], and Li et al. [18] identified Chiou et al.’s protocol that failed to preserve patients’ privacy and forward security and suffers from mobile device stolen attack, respectively. Meanwhile, Mohit et al. [17] and Cheng et al. [20] both presented an improved mechanism for cloud-assisted medical care systems. Recently, Li et al. [19] pointed out that Mohit et al.’s proposal also was susceptible to health report revelation and inspection report forgery attacks. In Cheng et al.’s scheme [20], the inputs of bilinear maps are generators in the corresponding cyclic groups, rather than random numbers of integer field . This will bring about errors in the authentication process.

In this paper, we design a telemedical information model based on cloud authentication which allows patients to remotely access medical services with privacy. Further, we discuss its security and prove that it can withstand various attacks. Compared with the state of the art, our scheme provides formal security proofs and achieves better efficiency in terms of computation cost. Performance and functionality analysis shows that it is more secure and practical for cloud based telemedicine system.

The remaining of this paper is organized as follows. Section 2 describes our robust cloud based authentication scheme for TMIS, together with formally proving its security in Section 3. Subsequently, we compare the performance with the previous schemes in Section 4. Finally, we draw the conclusions in Section 5.

2. The Proposed Scheme

In this section, we present an anonymous authentication scheme on the basis of cloud for medical environment. There are five participants in our scheme: including patients , healthcare center , doctors , cloud , and sensors . Healthcare center is trusted medical center. The cloud servers possess the jurisdiction to store patients’ medical data which can be accessed by patients and doctors remotely. Sensors can collect and measure the patient’s health information timely. In Figure 1, we depict the structure of the cloud based authentication system for TMIS simply.

Our scheme consists of four phases which are described as follows. In order to initialize this protocol, the key generation center () chooses a multiplication cyclic group and a generator with order , where is a large prime number. Then selects random numbers () and computes . Finally, issues the public key and secret key pairs to the participants.

We list the used notations of the proposal as follows.(i): the identity of (ii): the health report of (iii): the health data of (iv): the session key shared between and (v): the public key of (vi): the secret key of (vii): signature signed by (viii): the th timestamp generated by (ix): a multiplicative cyclic group of prime order (x): the generator of (xi): a one-way hash function(xii): exclusive-OR operation(xiii): string concatenation operation(xiv): encrypting using symmetric encryption with (xv): decrypting the ciphertext with (xvi): signing with secret key (xvii): verifying the signature

2.1. Healthcare Center Uploading Phase

As shown in steps 1.1 and 1.2 in Figure 1, patient makes a health inspection in the healthcare center and uploads the generated inspection record to the cloud server . In Figure 2, we will further describe the authentication process of the phase.

Step 1. After generating the inspection report, selects a random number and computes , , , , where is the current timestamp. After that, it sends to the cloud .

Step 2. On receiving from , checks the validity of . If it is invalid, aborts the received messages; otherwise, it computes and decrypts to recover the values . Subsequently, calculates and compares it with the decrypted . If the equivalence holds, the legitimacy of is assured. Then generates a random number and acquires the timestamp to compute , , and . Finally, transmits the authentication message to .

Step 3. Upon receiving the reply message, checks the validity of . If , terminates this phase; otherwise, it computes , and compares with the received . If they are not equal, the uploading phase is given up by ; else, signs ’s medical report with its secret key: . Note that is the current timestamp when makes health inspection. After that, calculates , and uploads to the cloud.

Step 4. On receiving , decrypts it with to recover and verifies whether is equal to or not. If it is true, the healthcare center is authentic. After that, it verifies whether is a new user or not. If is a new user, stores in a new storage space; else, it stores in ’s database.

2.2. Patient Uploading Phase

As shown in steps 2.1 and 2.2 in Figure 1, patient collects health information measured by body sensors and he could upload the health data to the cloud. In Figure 3, we will depict the detailed process.

Step 1. When ’s mobile phone collects the measured information, then it generates the timestamp and a random number to compute , , , . Subsequently, transmits to .

Step 2. After receiving the messages, verifies the freshness of by checking whether or not. If it is valid, decrypts to obtain the values and with the computed . After that, calculates and verifies whether the equation holds. If it does, is legitimate user. Then selects random numbers and computes , and , where is the acquired timestamp. Finally, transmits the to patient .

Step 3. On receiving response, checks the validity of . If is invalid, terminates the procedure. If is fresh, computes , and verifies is valid by checking whether holds. If so, decrypts with the computed to recover and . Subsequently, he/she verifies the validity of ’s signature . If is valid, chooses a random number and computes , where is the collected measured data. Note that is the current timestamp when the body sensors monitor ’s physical condition. Then calculates and uploads to the .

Step 4. On receiving the reply message, decrypts with and obtains . After that, the cloud server verifies ’s validity by checking whether equals to or not. If so, stores in ’s storage space to replace ; otherwise, it resumes the procedure.

2.3. Treatment Phase

As shown in steps 3.1 and 3.2 in Figure 1, is appointed by and obtains ’s identity and appointment sequence value . Subsequently, can download ’s inspection report and measured health information from , and he/she also can upload the diagnosing records with his/her signature to . The details of the execution steps are further illustrated in Figure 4.

Step 1. selects a random number and computes , , , , where is the acquired current timestamp. Then transmits to the cloud .

Step 2. After receiving messages from , checks . If it is invalid, terminates the phase; otherwise, it computes and decrypts to obtain the values . Later, verifies with the decrypted to confirm the legitimation of . If they are equal, generates random numbers and the timestamp and computes , , . Finally, sends to .

Step 3. On receiving , checks the freshness of . If so, computes , and compares with the received to assure ’s authenticity. If they are not equal, the phase is terminated by himself/herself; otherwise, uses the appointment sequence number to compute and decrypts with it to recover . Subsequently, verifies whether the signature is valid or not by checking . If it is valid, diagnoses ’s symptom on the basis of and generates the diagnostic records , where is the timestamp when the doctor generates . After that, uses his/her private key to sign : . Then, calculates , and sends to the cloud.

Step 4. Upon receiving , decrypts it with and obtains . Later, it checks . If the equation holds, the validity of is confirmed; otherwise, this phase fails. After that, replaces with and stores it in ’s storage space.

2.4. Checking Report Phase

As shown in step 4.1 in Figure 1, patient can access the cloud to obtain the medical record via the mobile phone. In Figure 5, we depict the detailed process of the phase.

Step 1. generates the timestamp and a random number to compute , , , . Then, transmits the request to the cloud .

Step 2. verifies the freshness of after receiving the request from . If so, decrypts with computed and obtains the . Subsequently, calculates and verifies . If they are equal, computes , and , where and are generated random value and the acquired timestamp, respectively. After that, sends the to .

Step 3. On receiving response , checks the validity of . If , aborts the session; otherwise, he/she calculates , and verifies whether holds. If yes, computes and he/she verifies whether . If so, takes the diagnosis report of doctor for the health information and . Finally, calculates and and uploads to the , where is a pre-generated key to encrypt . Note that is the pre-generated key for all the medical staff. If the patient has an accident, they can decrypt to obtain the health information and make treatment decisions.

Step 4. Upon receiving the reply , computes and verifies whether equals or not. If , stores in ’s storage space to replace ; otherwise, the phase is failed.

3. Security Proof

In this section, we will prove our scheme to be secure in standard model. We reduce the security of our authentication scheme to cryptography basic elements [21, 22]. At first, in order to achieve this goal, we will introduce the definitions of security, a structured security model, and the basic assumptions. Then we use all of them to prove the result.

Definition 1 (semantic security). For arbitrary security parameter , if and only if any polynomial time adversary has a negligible advantage against the scheme, we say the scheme has semantic security.

The definitions are inherited and modified from the methodology of Bellare, Pointcheval, and Rogaway [23] and the game-based structure [24] is used to prove this scheme achieving semantic security.

Security Model. In the security model, the adversary plays a game with an oracle. The oracle runs the real protocol and answers the queries of adversary to simulate the real interaction of participants. After a range of queries, the adversary gets different capabilities. When the adversary finishes the training and obtains enough messages, oracle should answer the test query once. Finally, we judge if the adversary wins or loses by what the adversary gets. The adversary and the oracle are denoted by and , respectively. Init: before replying to queries of , generates the system parameters including security parameter , a multiplication cyclic group , and a generator with order , where is a large prime number related . Then selects random numbers and computes for . We notice that in a complete system and are not unique. Then prepares public key and secret key pairs denoted by and for and , where and . marks up all and with void state. Then it maintains a list of recording simulated conversations. represents the th conversation involved and . Noticeably, any has a void state before being invoked. After the init phase, is allowed to make queries for simulating the real protocol. : gives back to and marks up the state of with corrupted. : gives back to and marks up the state of with corrupted. : this query simulates abuse of session keys .(1)If the state of is void, executes a real conversation and gives (being used to encrypt ) to . Then the result of is changed into revealed.(2)Else, if the state of is not void, answers according to the conversation in the list and adds revealed to its state. : this query simulates the passive adversary.(1)When one or both of and are corrupted, checks the state of .(a)If void, executes a real conversation, gives to data transferred over the network, and changes the state of into executed.(b)Else, if not void, answers using the conversation in the list and adds executed into its state.(2)When neither of and is corrupted, checks the state of .(a)If void, executes a real conversation, gives to data transferred over the network, and changes the state of into executed.(b)Else, if not void, answers using the conversation in the list and adds executed into its state. : this query simulates active attacks.(1)When one or both of and are corrupted, executes a real conversation to answer .(a)If message is verified successfully, answers as the real protocol and adds this conversation into list with sent state.(b)Else, outputs that is refused.(2)When neither of and is corrupted, answers as follows.(a)If message is verified successfully, answers as the real protocol and adds this conversation into list with sent state.(b)Else, outputs that is refused. : chooses and whose both states are void. Then it randomly chooses a coin and simulates a real conversation with inputting . guesses the result of .

The complexity assumptions needed for proving security of our scheme are reviewed as follows:

Assumption 2 (DDH). Let be a cyclic group with order . is a generator and . It is difficult to judge if an element in equals by just given and .

We denote upper bound of adversaries’ advantage against DDH as . So should be negligible if the assumption is right.

Assumption 3 (hash). There exists a secure irreversible hash function which achieves strong collision resistance.
We denote the advantage of adversaries against the hash function as . So should be negligible if the assumption is right.

Assumption 4 (signature). There exists a secure digital signature scheme.
We denote advantage of adversaries against this signature scheme as . So should be negligible if the assumption is right.

Assumption 5 (encryption). There is a symmetry encryption that achieves CPA security.
We denote advantage of adversaries against this encryption scheme as . So should be negligible if the assumption is right.

Proof. A PPT adversary is attacking the protocol. We use a series of games to bound the advantage of . The advantage of in Game is defined asThe games used to bound the advantages of are listed in the following. We analyse the advantage difference in nearly games and bound them. In Game 0, it would be the real protocol.
Game 0. interacts with the initial security model.
Game 1. In this game, we modify Execute queries. When the states of , and are all void, simulates a real protocol but replaces and with random numbers in .
Lemma 1. .
Proof. We just replace the s of traditional DH protocol with random numbers. The advantage difference between two games is caused by DDH problem. And hence, Lemma 1 is proved by DDH assumption right.
Game 2. This game is based on Game 1 and we also modify Execute queries. When the states of , and are all void, simulates a real protocol but replaces with uniform random numbers in the range of hash function.
Lemma 2. .
Proof. We just replace the real hash results with random numbers. Without the knowledge of inputs, the probability that can distinguish the real hash results and random numbers is less than the advantage of that captures the hash. And hence, if the hash function is secure, the probability is negligible.
Game 3. This game is based on Game 2 and we modify Execute queries. When the states of , and are all void, simulates a real protocol but replaces with uniform random numbers in the range of encryption.
Lemma 3. .
Proof. We just replace the symmetric encryption results with random numbers. Without knowing inputs, the probability that can distinguish the real encryption results and random numbers is less than the advantage of that captures the CPA security symmetric encryption. Thereby, if the symmetric encryption is secure, the probability is negligible.
Game 4. This game is based on Game 3 and we modify Send queries. When the states of and are both void, simulates a real protocol but replaces and with random numbers in .
Lemma 4. .
Proof. We just replace the s of traditional DH protocol with random numbers. The advantage difference between two games is caused by DDH problem. Therefore, Lemma 4 is proved by DDH assumption right.
Game 5. This game is based on Game 4 and we modify Send queries. When the states of and are both void, simulates a real protocol but replaces with uniform random numbers in the range of hash function.
Lemma 5. .
Proof. We just replace the real hash results with random numbers. Without knowing inputs, the probability that can distinguish the real hash results and random numbers is less than the advantage of that captures the hash. If the hash function is secure, the probability is negligible.
Game 6. This game is based on Game 5 and we also modify Send queries. When the states of and are both void, simulates a real protocol but replaces with uniform random numbers in the range of encryption.
Lemma 6. .
Proof. We just replace the encryption results by random numbers. Without the knowledge of inputs, the probability that can distinguish the real encryption results and random numbers is less than the advantage of that captures the CPA security symmetric encryption. If the symmetric encryption is secure, the probability is negligible.
In Game 6, we notice that and of test query neither are corrupted. For any without being corrupted, the Execute and Send queries are all randomized. So in Game 6, the advantage of is zero. So, we can compute the as follows:which is a negligible value.

4. Performance and Functionality Analysis

Herein, we evaluate the performance and functionality of the proposed scheme and compare it with three related schemes for cloud based telemedicine systems, including Chen et al.’s scheme [15], Chiou et al.’s scheme [16], and Cheng et al.’s scheme [20].

The comparisons on the key security properties among these systems are given in Table 1. It is visible that our scheme could achieve all security properties and it is superior to the rest three related schemes. Chen et al.’s scheme [15] fails to provide anonymity and complete mutual authentication, while Chiou et al.’s scheme [16] could not achieve the complete mutual authentication. Furthermore, Cheng et al.’s scheme [20] could not preserve users’ privacy, complete mutual authentication, and confidentiality. Note that the proposed scheme offers important security features and it is better suitable for cloud based telemedicine environment.

Meanwhile, we present the comparisons of efficiency in terms of computation loading among these schemes in Table 2. Compared with the other three related schemes, the proposed scheme needs not perform the bilinear pairing and could provide more additional security features. Furthermore, our scheme achieves the provably security in the standard model.

More detailed efficiency comparisons are shown in Figures 6 and 7. We implement the cloud of authentication schemes for cloud based telemedicine systems in Python 3.5.2 using an Intel(R) Core(TM) i5-4590 CPU @ 3.30GHZ with 3300MB RAM and Ubuntu 16.04 system. The simulations of platform for healthcare center, patients, and doctors are implemented in Python 3.5.2 using an Intel(R) Core(TM) i5-4590 CPU at 1.65GHZ with 1540MB RAM and Ubuntu 16.04 system. The one-way hash function used is SHA-256, and the symmetric encryption/decryption algorithm is advanced encryption standard. We use the ElGamal signature scheme and ElGamal encryption scheme with 1024-bit security parameter for digital signature algorithm and the asymmetric encryption/decryption algorithm, respectively. Moreover, the bilinear paring is simulated in two MNT asymmetric groups, “MNT224”.

Figure 6 shows the main cost on the cloud computing of interacting with multiple patients and doctors for authentication simultaneously. It demonstrates that our proposal costs less time for the cloud to authenticate doctors and patients. Figure 7 illustrates the main cost on healthcare center, patients, doctors, and cloud for one round authentication in healthcare center uploading phase, patient uploading phase, treatment phase, and checking report phase, respectively. From Figure 7 we can conclude that our scheme is the most efficient to finish one round mutual authentication.

5. Conclusion

In this article, we proposed an anonymous authentication scheme based on cloud for medical environment, which provided both data confidentiality and message authenticity. Subsequently, we stated that the proposed scheme was provably secure in the standard model. The comparisons with existing competitive protocols also observe that our scheme is suitable for the cloud based telecare medical information systems.

Data Availability

The data used to support the findings of this study are included within the article.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Acknowledgments

This work is supported by NSFC (Grant Nos. 61602045, 61502044).

References

W. Shi and P. Gong, “A new user authentication protocol for wireless sensor networks using elliptic curves cryptography,” International Journal of Distributed Sensor Networks, vol. 9, no. 4, Article ID 730831, pp. 51–59, 2013.
View at: Google Scholar
Q. Jiang, J. Ma, G. Li, and L. Yang, “An efficient ticket based authentication protocol with unlinkability for wireless access networks,” Wireless Personal Communications, vol. 77, no. 2, pp. 1489–1506, 2014.
View at: Publisher Site | Google Scholar
D. Guo and F. Wen, “Analysis and improvement of a robust smart card based-authentication scheme for multi-server architecture,” Wireless Personal Communications, vol. 78, no. 1, pp. 475–490, 2014.
View at: Publisher Site | Google Scholar
W. Shi and D. He, “A security enhanced mutual authentication scheme based on nonce and smart cards,” Journal of the Chinese Institute of Engineers, vol. 37, no. 8, pp. 1090–1095, 2014.
View at: Google Scholar
D. He, N. Kumar, M. K. Khan, and J.-H. Lee, “Anonymous two-factor authentication for consumer roaming service in global mobility networks,” IEEE Transactions on Consumer Electronics, vol. 59, no. 4, pp. 811–817, 2013.
View at: Publisher Site | Google Scholar
D. Wang, H. Cheng, D. He, and P. Wang, “On the challenges in designing identity-based privacy-preserving authentication schemes for mobile devices,” IEEE Systems Journal, vol. 12, no. 1, pp. 916–925, 2018.
View at: Publisher Site | Google Scholar
D. He, N. Kumar, and N. Chilamkurti, “A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks,” Information Sciences, vol. 321, Article ID 11403, pp. 263–277, 2015.
View at: Publisher Site | Google Scholar
Q. Jiang, F. Wei, S. Fu, J. Ma, G. Li, and A. Alelaiwi, “Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy,” Nonlinear Dynamics, vol. 83, no. 4, pp. 2085–2101, 2016.
View at: Publisher Site | Google Scholar
D. He, S. Zeadally, and L. Wu, “Certificateless public auditing scheme for cloud-assisted wireless body area networks,” IEEE Systems Journal, vol. 12, no. 1, pp. 64–73, 2018.
View at: Publisher Site | Google Scholar
Q. Jiang, M. K. Khan, X. Lu, J. Ma, and D. He, “A privacy preserving three-factor authentication protocol for e-Health clouds,” The Journal of Supercomputing, vol. 72, no. 10, pp. 3826–3849, 2016.
View at: Publisher Site | Google Scholar
D. He, N. Kumar, H. Wang, L. Wang, R. K. Choo, and A. Vinel, “A provably-secure cross-domain handshake scheme with symptoms-matching for mobile healthcare social network,” IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 4, pp. 633–645, 2016.
View at: Publisher Site | Google Scholar
R. P. Padhy, M. R. Patra, and S. C. Satapathy, “Design and implementation of a cloud based rural healthcare information system model,” American Journal of Computer Science and Technology, vol. 2, no. 1, pp. 149–157, 2012.
View at: Google Scholar
A. Banerjee, P. Agrawal, and R. Rajkumar, “Design of a cloud based emergency healthcare service model,” International Journal of Applied Engineering Research, vol. 8, no. 19, pp. 2261–2264, 2013.
View at: Google Scholar
C.-L. Chen, T.-T. Yang, and T.-F. Shih, “A secure medical data exchange protocol based on cloud environment,” Journal of Medical Systems, vol. 38, no. 9, article 112, 2014.
View at: Publisher Site | Google Scholar
C.-L. Chen, T.-T. Yang, M.-L. Chiang, and T.-F. Shih, “A privacy authentication scheme based on cloud for medical environment,” Journal of Medical Systems, vol. 38, article 143, 2014.
View at: Publisher Site | Google Scholar
S. Y. Chiou, Z. Ying, and J. Liu, “Improvement of a privacy authentication scheme based on cloud for medical environment,” Journal of Medical Systems, vol. 40, no. 4, pp. 1–15, 2016.
View at: Google Scholar
P. Mohit, R. Amin, A. Karati, G. P. Biswas, and M. K. Khan, “A stand mutual authentication protocol for cloud computing based health care system,” Journal of Medical Systems, vol. 41, no. 4, pp. 1–13, 2017.
View at: Google Scholar
C. T. Li, D. H. Shih, and C. C. Wang, “On the security of a privacy authentication scheme based on cloud for medical environment,” in International Conference on Information Science and Applications, vol. 424 of Lecture Notes in Electrical Engineering, pp. 241–248, Springer, Singapore, Singapore, 2017.
View at: Google Scholar
C.-T. Li, D.-H. Shih, and C.-C. Wang, “Cloud-assisted mutual authentication and privacy preservation protocol for telecare medical information systems,” Computer Methods and Programs in Biomedicine, vol. 157, pp. 191–203, 2018.
View at: Publisher Site | Google Scholar
X. F. Cheng, X. L. Zhang, and J. F. Ma, “ICASME: an improved cloud-based authentication scheme for medical environment,” Journal of Medical Systems, vol. 41, no. 3, pp. 1–14, 2017.
View at: Publisher Site | Google Scholar
D. Wang and P. Wang, “Two Birds with One Stone: two-factor authentication with security beyond conventional bound,” IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 4, pp. 708–722, 2016.
View at: Publisher Site | Google Scholar
D. Wang, H. Cheng, P. Wang, X. Huang, and G. Jian, “Zipfs law in passwords,” IEEE Transactions on Information Forensics and Security, vol. 12, no. 11, pp. 2776–2791, 2017.
View at: Google Scholar
M. Bellare, D. Pointcheval, and P. Rogaway, “Authenticated key exchange secure against dictionary attacks,” in Advances in Cryptology—Eurocrypt 2000, vol. 1807 of Lecture Notes in Computer Science, pp. 139–155, Springer, Berlin, Germany, 2000.
View at: Publisher Site | Google Scholar
A. Groce and J. Katz, “A new framework for efficient password-based authenticated key exchange,” in Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS '10), pp. 516–525, ACM, Chicago, Ill, USA, October 2010.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2018 Wenmin Li et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

967

Downloads

941

Citations