An Identity-Based Authentication Protocol for the Telecare Medical Information System (TMIS) Using a Physically Unclonable Function

Abstract

Telecare Medical Information System (TMIS) encourages patients to securely exchange their health data with a remote medical server for real-time remote diagnosis. During the remote access of patients’ information, the privacy and security have loomed as indispensable issues. To address these issues, a secure authentication mechanism is imperative that can efficiently verify the legitimacy of patients and TMIS server. Therefore, we introduce an extended authentication scheme with robust anonymity for the Internet-of-Things-enabled multiserver infrastructure in the TMIS using a physically unclonable function. The informal security evaluation solicits that our proposed model effectively counters numerous security threats faced by modern TMIS-based protocols. The robustness of our protocol is examined formally using the random oracle model and Scyther verification tool. Further, to get true experimental results, we have separately executed all cryptographic operations for patient, physician server, and medical server. Consequently, performance analysis reveals that our protocol has a least computation complexity than relevant protocols.