Abstract
Telecare medicine information systems (TMISs) provide e-health services such that patients can access medical resources conveniently and doctors can prescribe treatments rapidly. Authentication is an essential security requirement in TMISs. In particular, the growth of password-based remote patient authenticated key exchange combining extended chaotic maps has enhanced the level of secure communications for TMISs. Recently, Lee suggested an improved random-number-based password-authenticated key exchange (PAKE) using extended chaotic maps and synchronized-clock-based PAKE using extended chaotic maps on Guo and Zhang and Xiao et al.’s PAKE. Unfortunately, we found that the nonce-based scheme of Lee is insecure against known session-specific temporary information and server spoofing attacks. To cope with the aforementioned defects, this study aims to provide a new secure PAKE based on extended chaotic maps with more security functionalities for TMISs. Additionally, we show that the proposed scheme for TMISs provides high security along with low communication cost, computational cost, and a variety of security features.
Highlights
At present, the researches on the cloud assisted e-health are more and more in-depth
Lee [19] observed that both Xiao et al [13] and Guo and Zhangs’ schemes [18] were unable to free from offline password guessing attack and achieve the session key security
To overcome the security pitfalls found in Lee’s scheme, we present efficient and secure passwordauthenticated key exchange (PAKE) using chaotic maps for telecare medical information systems (TMISs)
Summary
The researches on the cloud assisted e-health are more and more in-depth. With the extremely studied and widely applied Chebyshev polynomials by the cryptographic research community, various password authenticated key exchange (PAKE) based on chaotic maps and related approaches have been developed recently [4,5,6,7,8,9,10]. Lee [19] observed that both Xiao et al [13] and Guo and Zhangs’ schemes [18] were unable to free from offline password guessing attack and achieve the session key security. (iii) Our proposed scheme for TMISs satisfies high security along with a variety of attributes compared with Xiao et al [13], Guo and Zhang [18], and Lee schemes. It is computationally unfeasible to derive x such that y x2modn under the condition of not knowing the parameters p and q because of the factoring problem n pq is NP-hard problem
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
