A privacy-preserving RFID authentication protocol based on El-Gamal cryptosystem for secure TMIS

Abstract

The healthcare environment now provides the facility for patients to communicate with doctors from home via the Internet; this facility is very useful for seriously ill patients. Errors in medication are hazardous and can cause significant harm to patients; therefore, patient medication and information safety are essential issues in such a healthcare environment. To protect this sensitive information, an authentication protocol is needed. Moreover, in the context of sharing data including a patient's personal information, privacy leakage has become one of the most challenging issues in a telecare medicine information system (TMIS). In this paper, we propose a privacy-preserving radio frequency identification (RFID) authentication protocol based on the El-Gamal cryptosystem, for enhancing patient medication safety in a TMIS. The proposed protocol can achieve a number of security services and can also resist several types of attacks. We have also shown the results obtained by conducting an "Automated Validation of Internet Security Protocols and Applications" (AVISPA) simulation of our protocol. The simulation results verify that the proposed protocol is safe against active and passive attacks. The results of an informal security analysis also indicate that patient information is highly private, and the system is protected against possible related attacks. Our protocol is not only better in terms of protecting the privacy of patients but it also achieves better performance than similar existing protocols.