Abstract
ABSTRACTRecently, telecare medicine information systems (TMIS) have emerged as an effective mechanism to raise quality convenience and availability of healthcare services. User authentication schemes play an important role in solving security problems and grant access to healthcare services only to the authorized users. In 2010, a few authentication schemes were proposed for TMIS. These were based on the concept of static identity. In 2012, Chen et al. proposed a dynamic ID‐based authentication scheme for TMIS, so that the user's identity is not revealed to anyone. However, Chen et al.'s scheme does not involve complex computations like the previous scheme for TMIS, yet it suffers from various security problems. We will show that attackers can not only impersonate the legal participants of the scheme but can also compute the shared session‐key. In fact, it is an attack over the confidential communication between the participants. We will also show other drawbacks, such as password guessing attack, denial‐of‐service attack, immediate replay attack, and incomplete password change phase, present in the scheme. We also demonstrate user anonymity breach in Chen et al.'s scheme. To overcome these problems, we propose an improvement to Chen et al.'s scheme with a different approach. Our approach is aimed at providing an authentication mechanism for TMIS with strong security features. Copyright © 2013 John Wiley & Sons, Ltd.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
