Privacy Protection for Telecare Medicine Information Systems with Multiple Servers Using a Biometric-based Authenticated Key Agreement Scheme
Telecare medical information systems (TMIS) allow patients remotely login medical service providers to acquire their medical information and track their health status through unsecured public networks. Hence, the privacy of patients is vulnerable to various types of security threats and attacks, suc...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2019-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/8930560/ |
| _version_ | 1819276253698457600 |
|---|---|
| author | Chin-Laung Lei Yun-Hsin Chuang |
| author_facet | Chin-Laung Lei Yun-Hsin Chuang |
| author_sort | Chin-Laung Lei |
| collection | DOAJ |
| description | Telecare medical information systems (TMIS) allow patients remotely login medical service providers to acquire their medical information and track their health status through unsecured public networks. Hence, the privacy of patients is vulnerable to various types of security threats and attacks, such as the leakage of medical records or login footprints and the forgery attacks. Many anonymous three-factor authentication and key agreement (AKA) schemes have been proposed for TMIS with single server, but none of them is suited for TMIS with multiple servers. In this paper, we propose a biometric-based three-factor AKA scheme to protect user anonymity and untraceability in TMIS with multiple servers. We will construct a security model of a three-factor AKA scheme with user anonymity in TMIS with multiple servers, and give a formal security proof of the proposed scheme. The security of the proposed scheme is based on the elliptic curve decisional Diffie-Hellman problem assumption and hash function assumption. We will show that the proposed scheme is efficient enough for low-power mobile devices. |
| first_indexed | 2024-12-23T23:37:17Z |
| format | Article |
| id | doaj.art-2149e04840764fc7b9e14539af32b31b |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2024-12-23T23:37:17Z |
| publishDate | 2019-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-2149e04840764fc7b9e14539af32b31b2022-12-21T17:25:50ZengIEEEIEEE Access2169-35362019-01-01718648018649010.1109/ACCESS.2019.29588308930560Privacy Protection for Telecare Medicine Information Systems with Multiple Servers Using a Biometric-based Authenticated Key Agreement SchemeChin-Laung Lei0https://orcid.org/0000-0002-9011-5025Yun-Hsin Chuang1https://orcid.org/0000-0003-0432-1533Department of Electrical Engineering, National Taiwan University, Taipei, TaiwanDepartment of Electrical Engineering, National Taiwan University, Taipei, TaiwanTelecare medical information systems (TMIS) allow patients remotely login medical service providers to acquire their medical information and track their health status through unsecured public networks. Hence, the privacy of patients is vulnerable to various types of security threats and attacks, such as the leakage of medical records or login footprints and the forgery attacks. Many anonymous three-factor authentication and key agreement (AKA) schemes have been proposed for TMIS with single server, but none of them is suited for TMIS with multiple servers. In this paper, we propose a biometric-based three-factor AKA scheme to protect user anonymity and untraceability in TMIS with multiple servers. We will construct a security model of a three-factor AKA scheme with user anonymity in TMIS with multiple servers, and give a formal security proof of the proposed scheme. The security of the proposed scheme is based on the elliptic curve decisional Diffie-Hellman problem assumption and hash function assumption. We will show that the proposed scheme is efficient enough for low-power mobile devices.https://ieeexplore.ieee.org/document/8930560/Biometricthree-factorauthenticationanonymityuntraceabilitymulti-server |
| spellingShingle | Chin-Laung Lei Yun-Hsin Chuang Privacy Protection for Telecare Medicine Information Systems with Multiple Servers Using a Biometric-based Authenticated Key Agreement Scheme IEEE Access Biometric three-factor authentication anonymity untraceability multi-server |
| title | Privacy Protection for Telecare Medicine Information Systems with Multiple Servers Using a Biometric-based Authenticated Key Agreement Scheme |
| title_full | Privacy Protection for Telecare Medicine Information Systems with Multiple Servers Using a Biometric-based Authenticated Key Agreement Scheme |
| title_fullStr | Privacy Protection for Telecare Medicine Information Systems with Multiple Servers Using a Biometric-based Authenticated Key Agreement Scheme |
| title_full_unstemmed | Privacy Protection for Telecare Medicine Information Systems with Multiple Servers Using a Biometric-based Authenticated Key Agreement Scheme |
| title_short | Privacy Protection for Telecare Medicine Information Systems with Multiple Servers Using a Biometric-based Authenticated Key Agreement Scheme |
| title_sort | privacy protection for telecare medicine information systems with multiple servers using a biometric based authenticated key agreement scheme |
| topic | Biometric three-factor authentication anonymity untraceability multi-server |
| url | https://ieeexplore.ieee.org/document/8930560/ |
| work_keys_str_mv | AT chinlaunglei privacyprotectionfortelecaremedicineinformationsystemswithmultipleserversusingabiometricbasedauthenticatedkeyagreementscheme AT yunhsinchuang privacyprotectionfortelecaremedicineinformationsystemswithmultipleserversusingabiometricbasedauthenticatedkeyagreementscheme |