{"title":"REAS‐TMIS的密码分析与改进:远程医疗信息系统的资源高效认证方案","authors":"C. M. Kumar, Ruhul Amin, M. Brindha","doi":"10.1002/spy2.268","DOIUrl":null,"url":null,"abstract":"Recently, Tanveer et al. proposed a resource‐efficient authentication scheme for telecare medical information systems employing the authenticated key exchange. Tanveer et al. vehemently claimed that the protocol is safe against smart card stolen attacks, password guessing attacks, anonymity and untraceability, replay attacks, man‐in‐the‐middle attacks, impersonation attacks, and so forth. We have scrutinized the Tanveer et al. protocol. Based on his attack model, we have analyzed that this protocol is not secured against session key disclosure attacks, privileged insider attacks, and medical server impersonation attacks. We have also discussed improvement mechanisms to protect the mentioned security threats.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2022-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Cryptanalysis and improvement of REAS‐TMIS: Resource‐efficient authentication scheme for telecare medical information system\",\"authors\":\"C. M. Kumar, Ruhul Amin, M. Brindha\",\"doi\":\"10.1002/spy2.268\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, Tanveer et al. proposed a resource‐efficient authentication scheme for telecare medical information systems employing the authenticated key exchange. Tanveer et al. vehemently claimed that the protocol is safe against smart card stolen attacks, password guessing attacks, anonymity and untraceability, replay attacks, man‐in‐the‐middle attacks, impersonation attacks, and so forth. We have scrutinized the Tanveer et al. protocol. Based on his attack model, we have analyzed that this protocol is not secured against session key disclosure attacks, privileged insider attacks, and medical server impersonation attacks. We have also discussed improvement mechanisms to protect the mentioned security threats.\",\"PeriodicalId\":29939,\"journal\":{\"name\":\"Security and Privacy\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2022-09-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1002/spy2.268\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/spy2.268","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Cryptanalysis and improvement of REAS‐TMIS: Resource‐efficient authentication scheme for telecare medical information system
Recently, Tanveer et al. proposed a resource‐efficient authentication scheme for telecare medical information systems employing the authenticated key exchange. Tanveer et al. vehemently claimed that the protocol is safe against smart card stolen attacks, password guessing attacks, anonymity and untraceability, replay attacks, man‐in‐the‐middle attacks, impersonation attacks, and so forth. We have scrutinized the Tanveer et al. protocol. Based on his attack model, we have analyzed that this protocol is not secured against session key disclosure attacks, privileged insider attacks, and medical server impersonation attacks. We have also discussed improvement mechanisms to protect the mentioned security threats.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
