Advertisement

Journal of Medical Systems

, 37:9909 | Cite as

A Robust and Novel Dynamic-ID-based Authentication Scheme for Care Team Collaboration with Smart Cards

  • Ya-Fen Chang
  • Chia-Chen Chen
  • Pei-Yu Chang
Original Paper

Abstract

Nowadays, users/patients may gain desired medical services on-line because of the rapid development of computer network technologies. Conventional healthcare services are provided by a single server. However, care team collaboration by integrating services is the key to improve financial and clinical performance. How a user/patient accesses desired medical services provided by multiple servers becomes a challenge to realize care team collaboration. User authentication plays an important role to protect resources or services from being accessed by unauthorized users. In this paper, we first discuss the perceived security drawbacks of pervasive smart-card-based remote user authentication schemes. Then, we propose a novel dynamic-ID-based user authentication scheme based on elliptic curve cryptosystem (ECC) for multi-server environment with smart cards. The proposed scheme ensures user anonymity and computational efficiency and complies with essential requirements of a secure smart-card-based authentication scheme for multi-server environment to enable care team collaboration.

Keywords

Care team collaboration Dynamic ID Authentication Smart card Multi-server Elliptic curve cryptosystem (ECC) 

Notes

Acknowledgments

This work was supported in part by National Science Council under the grants NSC 99-2410-H-025-010-MY2, NSC 101-2410-H-025 -009 -MY2, and NSC 101-2622-E-029-002-CC3.

References

  1. 1.
    Lamport, L., Password authentication with insecure communication. Commun. ACM 24(11):770–772, 1981.MathSciNetCrossRefGoogle Scholar
  2. 2.
    Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1):28–30, 2000.CrossRefGoogle Scholar
  3. 3.
    Wang, X. M., Zhang, W. F., Zhang, J. S., and Khan, M. K., Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards. Comput. Stand. Interfaces 29(5):507–512, 2007.CrossRefGoogle Scholar
  4. 4.
    Sun, H. M., An efficient remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(4):958–961, 2000.CrossRefGoogle Scholar
  5. 5.
    Wang, R. C., Juang, W. S., and Lei, C. L., Robust authentication and key agreement scheme preserving the privacy of secret key. Comput. Commun. 34(3):274–280, 2011.CrossRefGoogle Scholar
  6. 6.
    Wen, F., and Li, X., An improved dynamic ID-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38(2):381–387, 2012.CrossRefGoogle Scholar
  7. 7.
    Lin, I. C., Hwang, M. S., and Li, L. H., A new remote user authentication scheme for multi-server architecture. Futur. Gener. Comput. Syst. 19(1):13–22, 2003.MATHCrossRefGoogle Scholar
  8. 8.
    Chang, C. C. and Lee, J. S., An efficient and secure multi-server password authentication scheme using smart cards. Proceedings of 3rd International Conference on Cyberworlds (CW 2004), Tokyo, Japan; Nov. 2004. p. 417–22.Google Scholar
  9. 9.
    Juang, W. S., Efficient Multi-server password authenticated key agreement using smart cards. IEEE Trans. Consum. Electron. 50(1):251–255, 2004.CrossRefGoogle Scholar
  10. 10.
    Liao, Y. P., and Wang, S. S., A secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(1):24–29, 2009.CrossRefGoogle Scholar
  11. 11.
    Hsiang, H. C., and Shih, W. K., Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment. Comput. Stand. Interfaces 31(8):1118–1123, 2009.CrossRefGoogle Scholar
  12. 12.
    Lee, C. C., Lin, T. H., and Chang, R. X., A secure dynamic ID based remote user authentication scheme for multi-server environment using smart cards. Expert Syst. Appl. 38(11):13863–13870, 2011.Google Scholar
  13. 13.
    Kocher, P., Jaffe, J. and Jun, B., Differential power analysis. Proceedings of the 19th Annual International Cryptology Conference (CRYPTO99), Santa Barbara, California, USA; Aug. 1999. p. 388–97.Google Scholar
  14. 14.
    Messerges, T. S., Dabbish, E. A., and Sloan, R. H., Examining smart card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.MathSciNetCrossRefGoogle Scholar
  15. 15.
    Chang, Y. F. and Chang, P. Y., Comments on a dynamic-ID-based remote user authentication scheme for multi-server environment using smart cards. Proceedings of the 6th International Conference on Genetic and Evolutionary Computing (ICGEC 2012), Kitakyushu, Japan; August 2012. p. 59–62.Google Scholar
  16. 16.
    Hsu, C. L., and Chuang, Y. H., A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks. Inform. Sci. 179(4):422–429, 2009.CrossRefGoogle Scholar
  17. 17.
    Wang, R. C., Juang, W. S., and Lei, C. L., Provably secure and efficient identification and key agreement protocol with user anonymity. J. Comput. Syst. Sci. 77(4):790–798, 2011.MathSciNetMATHCrossRefGoogle Scholar
  18. 18.
    Rivest, R. L., Shamir, A., and Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2):120–126, 1978.MathSciNetMATHCrossRefGoogle Scholar
  19. 19.
    ElGamal, T., A public key cryptosystem and a signature scheme based on discreet logarithms. IEEE Trans. Inf. Theory 31(4):469–481, 1985.MathSciNetMATHCrossRefGoogle Scholar
  20. 20.
    Miller, V. S., Use of elliptic curves in cryptography. Proceedings of the 5th Annual International Cryptology Conference (CRYPTO85), Santa Barbara, California, USA; Aug. 1986. p. 417–26.Google Scholar
  21. 21.
    Koblitz, N., Elliptic curve cryptosystems. Math. Comput. 48(177):203–209, 1987.MathSciNetMATHCrossRefGoogle Scholar
  22. 22.
    Jena, D., Jena, S. K., Mohanty, D., and Panigrahy, S. K., A novel remote user authentication scheme using smart card based on ECDLP. Proceedings of the 3rd International Conference on Advanced Computer Control (ICACC 2009), Singapore; Jan. 2009. p. 246–9.Google Scholar
  23. 23.
    Yunting, H., An efficient authenticated key exchange protocol for wireless LAN networks. Energy Procedia 13:9138–9144, 2011.CrossRefGoogle Scholar
  24. 24.
    Gura, N., Patel, A., Wander, A., Eberle, H. and Shantz, S. C., Comparing elliptic curve cryptography and RSA on 8-bit CPUs. Proceedings of the 6th Workshop on Cryptographic Hardware and Embedded Systems (CHES 2004), Cambridge, MA, USA; Aug. 2004. p. 925–43.Google Scholar
  25. 25.
    Krawczyk, H. and Rabin, T. Chameleon signature. Proceedings of the 2000 Network and Distributed System Security Symposium (NDSS 2000), San Diego, California, USA; Feb. 2000. p. 143–54.Google Scholar
  26. 26.
    Chen, X., Zhang, F., Tian, H., Wei, B., Susilo, W., Mu, Y., Lee, H., and Kim, K., Efficient generic on-line/off-line (threshold) signatures without key exposure. Inform. Sci. 178(21):4192–4203, 2008.MathSciNetMATHCrossRefGoogle Scholar
  27. 27.
    Liu, J. K., Baek, J., Zhou, J., Yang, Y., and Wong, J. W., Efficient online/offline identity-based signature for wireless sensor network. Int. J. Inf. Secur. 9(4):287–296, 2010.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  1. 1.Department of Computer Science and Information EngineeringNational Taichung University of Science and TechnologyTaichungTaiwan
  2. 2.Department of Management Information SystemsNational Chung Hsing UniversityTaichungTaiwan

Personalised recommendations