Cryptanalysis and improvement of REAS-TMIS: Resource-efficient authentication scheme for telecare medical information system

被引:1
|
作者
Kumar, C. Madan [1 ]
Amin, Ruhul [2 ]
Brindha, M. [1 ]
机构
[1] Natl Inst Technol, Comp Sci & Engn, Tiruchirappalli, India
[2] DR SPM Int Inst Informat Technol, Comp Sci & Engn, Naya Raipur, Chattisgarh, India
来源
SECURITY AND PRIVACY | 2023年 / 6卷 / 01期
关键词
cryptanalysis; security; session key disclosure attack; KEY EXCHANGE PROTOCOL; HEALTH-CARE; SECURITY; INTERNET;
D O I
10.1002/spy2.268
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Recently, Tanveer et al. proposed a resource-efficient authentication scheme for telecare medical information systems employing the authenticated key exchange. Tanveer et al. vehemently claimed that the protocol is safe against smart card stolen attacks, password guessing attacks, anonymity and untraceability, replay attacks, man-in-the-middle attacks, impersonation attacks, and so forth. We have scrutinized the Tanveer et al. protocol. Based on his attack model, we have analyzed that this protocol is not secured against session key disclosure attacks, privileged insider attacks, and medical server impersonation attacks. We have also discussed improvement mechanisms to protect the mentioned security threats.
引用
收藏
页数:10
相关论文
共 50 条
  • [1] REAS-TMIS: Resource-Efficient Authentication Scheme for Telecare Medical Information System
    Tanveer, Muhammad
    Khan, Abd Ullah
    Alkhayyat, Ahmed
    Chaudhry, Shehzad Ashraf
    Bin Zikria, Yousaf
    Kim, Sung Won
    IEEE ACCESS, 2022, 10 : 23008 - 23021
  • [2] Cryptanalysis and improvement of an authentication scheme for telecare medical information systems
    Zhao, Yun
    Zhang, Chunming
    INTERNATIONAL JOURNAL OF ELECTRONIC SECURITY AND DIGITAL FORENSICS, 2014, 6 (03) : 157 - 168
  • [3] Cryptanalysis and improvement of 'a secure authentication scheme for telecare medical information system' with nonce verification
    Siddiqui, Zeeshan
    Abdullah, Abdul Hanan
    Khan, Muhammad Khurram
    Alghamdi, Abdullah Sharaf
    PEER-TO-PEER NETWORKING AND APPLICATIONS, 2016, 9 (05) : 841 - 853
  • [4] Cryptanalysis and improvement of ‘a secure authentication scheme for telecare medical information system’ with nonce verification
    Zeeshan Siddiqui
    Abdul Hanan Abdullah
    Muhammad Khurram Khan
    Abdullah Sharaf Alghamdi
    Peer-to-Peer Networking and Applications, 2016, 9 : 841 - 853
  • [5] Cryptanalysis and Improvement of "An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems"
    Khan, Muhammad Khurram
    Kumari, Saru
    SECURITY AND COMMUNICATION NETWORKS, 2014, 7 (02) : 399 - 408
  • [6] Cryptanalysis and Improvement of ‘A Privacy Enhanced Scheme for Telecare Medical Information Systems’
    Saru Kumari
    Muhammad Khurram Khan
    Rahul Kumar
    Journal of Medical Systems, 2013, 37
  • [7] Cryptanalysis and Improvement of 'A Privacy Enhanced Scheme for Telecare Medical Information Systems'
    Kumari, Saru
    Khan, Muhammad Khurram
    Kumar, Rahul
    JOURNAL OF MEDICAL SYSTEMS, 2013, 37 (04)
  • [8] A lightweight authentication scheme for telecare medical information system
    Xiao, Lijun
    Xie, Songyou
    Han, Dezhi
    Liang, Wei
    Guo, Jun
    Chou, Wen-Kuang
    CONNECTION SCIENCE, 2021, 33 (03) : 769 - 785
  • [9] Cryptanalysis and Improvement of an Improved Two Factor Authentication Protocol for Telecare Medical Information Systems
    Chaudhry, Shehzad Ashraf
    Naqvi, Husnain
    Shon, Taeshik
    Sher, Muhammad
    Farash, Mohammad Sabzinejad
    JOURNAL OF MEDICAL SYSTEMS, 2015, 39 (06)
  • [10] Cryptanalysis and Improvement of an Improved Two Factor Authentication Protocol for Telecare Medical Information Systems
    Shehzad Ashraf Chaudhry
    Husnain Naqvi
    Taeshik Shon
    Muhammad Sher
    Mohammad Sabzinejad Farash
    Journal of Medical Systems, 2015, 39
12345