User anonymity-based secure authentication protocol for telemedical server systems

Telemedical server system enables a user to support the monitoring of health at home and access the medical facility over the network. Recently, many schemes have been proposed for providing security in the medical server system. Recently in year 2017, Limbasiya and Shivam proposed a scheme for medical applications using two-factor key verification. They claimed that the protocol provides security against all types of known active and passive attacks. In this paper we show that the Limbasiya and Shivam scheme suffers from user anonymity, replay and impersonation attack. The Limbasiya and Shivam scheme fails to provide low power consumption in terms of cryptographic computational operation and over head to the server. We propose a secure user anonymity-based authentication protocol to remove the weakness of former protocols. Our scheme is more effective in terms of mutual authentication and low power consumption. The performance analysis of our protocol shows less cryptographic computational cost and the server overload. The proposed protocol is tested and analysed using AVISPA security verification to confirm the secure and authentic protocol for telemedical server system.