Abstract

Radio frequency identification (RFID) technology has been used in a wide variety of applications, more recently as a leading identification technology in healthcare environments. In the most recent years, this technology is adopted for telecare medicine information system (TMIS) for authentication, safety, security, data confidentiality and patient’s privacy protection over public networks. TMIS is the bridge between patients at home and doctors at healthcare organizations that permits to confirm the correctness of exchanged information between different actors of the system. Recently, several RFID authentication schemes have been presented and suggested for the TMIS in the literature. These schemes try to resolve the security and privacy problems over insecure healthcare networks environments by exploiting different cryptographic primitive’s solutions. In this paper, we analyze in depth the security of the most recent proposed protocol for TMIS in the literature and find out its main vulnerabilities. The proposed attacks are possible due to some weaknesses related to the misuse of the timestamp technique, the calculation of the reader request and tag response messages using the one-way hash function, which are not attentively scrutinized. Furthermore, we propose an efficient and robust improved mobile authentication protocol with high efficiency and security for TMIS. The performance analysis shows that our improved protocol could solve security weaknesses of the studied protocol and provide mobility, efficiency and is well-suited to adoption for TMIS.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.