A three-factor mutual authentication scheme for telecare medical information system based on ECC

Cyber Security and Applications Pub Date : 2024-01-01 DOI:10.1016/j.csa.2024.100035

Muthukumar Manickam, Ganesh Gopal Devarajan

{"title":"A three-factor mutual authentication scheme for telecare medical information system based on ECC","authors":"Muthukumar Manickam, Ganesh Gopal Devarajan","doi":"10.1016/j.csa.2024.100035","DOIUrl":null,"url":null,"abstract":"<div><p>In critical pandemic situations, the Telecare Medical Information System (TMIS) is a technological invention that offers secure and authentic patient registration and medical services remotely. Wireless Body Area Network (WBAN) uses TMIS to facilitate users/patients with remote medical services. Numerous schemes for authentication have been developed for secure and authentic communication to prevent security attacks encompassing replay, impersonation, and forgery attacks. Ryu et al. have proposed an ECC-based mutual authentication scheme in 2022. Nevertheless, through security scheme analysis, we have evidenced that Ryu et al.’s scheme has a trapdoor for insider attacks and privileged insider attacks. Their proposed scheme offers no assurance of server anonymity. In this paper, we propose a three-factor authentication system based on ECC that protects sensitive patient data from getting out during communication and protects against different types of security attacks. We have conducted an informal security analysis to verify that our scheme withstands security attacks.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100035"},"PeriodicalIF":0.0000,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000018/pdfft?md5=488b5ffe3a13070d6a2c1d6ac0950539&pid=1-s2.0-S2772918424000018-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cyber Security and Applications","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2772918424000018","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In critical pandemic situations, the Telecare Medical Information System (TMIS) is a technological invention that offers secure and authentic patient registration and medical services remotely. Wireless Body Area Network (WBAN) uses TMIS to facilitate users/patients with remote medical services. Numerous schemes for authentication have been developed for secure and authentic communication to prevent security attacks encompassing replay, impersonation, and forgery attacks. Ryu et al. have proposed an ECC-based mutual authentication scheme in 2022. Nevertheless, through security scheme analysis, we have evidenced that Ryu et al.’s scheme has a trapdoor for insider attacks and privileged insider attacks. Their proposed scheme offers no assurance of server anonymity. In this paper, we propose a three-factor authentication system based on ECC that protects sensitive patient data from getting out during communication and protects against different types of security attacks. We have conducted an informal security analysis to verify that our scheme withstands security attacks.

查看原文本刊更多论文

基于 ECC 的远程医疗信息系统三因素相互验证方案

在严重的大流行病情况下，远程医疗信息系统（TMIS）是一项技术发明，可提供安全、真实的病人登记和远程医疗服务。无线体域网（WBAN）利用远程医疗信息系统为用户/患者提供远程医疗服务。为了防止包括重放、冒充和伪造攻击在内的安全攻击，人们开发了许多认证方案，以确保通信的安全性和真实性。Ryu 等人在 2022 年提出了一种基于 ECC 的相互认证方案。然而，通过安全方案分析，我们发现 Ryu 等人的方案存在内部攻击和内部特权攻击的陷阱门。他们提出的方案无法保证服务器的匿名性。在本文中，我们提出了一种基于 ECC 的三因素身份验证系统，它能保护敏感的病人数据在通信过程中不被泄露，并能抵御不同类型的安全攻击。我们进行了非正式的安全分析，以验证我们的方案能够抵御安全攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Cyber Security and Applications

CiteScore

5.20

自引率

0.00%

发文量