Advertisement

Secure Verifier-Based Three-Party Authentication Schemes without Server Public Keys for Data Exchange in Telecare Medicine Information Systems

  • Tsung-Hung Lin
  • Tian-Fu Lee
Transactional Processing Systems
Part of the following topical collections:
  1. Topical Collection on Transactional Processing Systems

Abstract

Secure verified-based three-party authentication scheme for data exchange in telecare medicine information systems enables two users only store their verifiers computed from their actual password in authentication server’s database. Then the authentication server can verify the users’ verifiers and help them to exchange electronic medical records or electronic health records securely and conveniently. This investigation presents an efficient and secure verified-based three-party authentication scheme for data exchange in telecare medicine information systems. The proposed scheme does not use server’s public keys and includes the key confirmation without extra numbers of messages and rounds. Compared to related verified-based approaches, the proposed scheme possesses higher security, has lower computational cost and fewer transmissions, and thus is suitable for the telecare medicine information systems.

Keywords

Telecare medicine information system Data exchange Authentication Verifier-based 

Notes

Acknowledgments

The authors would like to thank the anonymous referees for their valuable comments and suggestions. This research was supported by National Science Council under the grants NSC102-2221-E-320-003 and TCRPP102010.

References

  1. 1.
    Lambrinoudakis, C., and Gritzalis, S., Managing medical and insurance information through a smart-card-based information system. J. Med. Syst. 24(4):213–234, 2000.CrossRefGoogle Scholar
  2. 2.
    Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3833–3838, 2012.CrossRefGoogle Scholar
  3. 3.
    Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.CrossRefGoogle Scholar
  4. 4.
    He, D. B., Chen, J. H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.CrossRefGoogle Scholar
  5. 5.
    Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.CrossRefGoogle Scholar
  6. 6.
    Lee, T.-F., and Liu, C.-M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 37(3):9933, 2013. 1–8.CrossRefGoogle Scholar
  7. 7.
    Hao, X., Wang, J., Yang, Q., Yan, X., and Li, P., A chaotic map-based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(2):9919, 2013. 1–7.CrossRefGoogle Scholar
  8. 8.
    Lee, T.-F., Chang, I.-P., Lin, T.-H., and Wang, C.-C., A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system. J. Med. Syst. 37(3):9941, 2013. 1–7.CrossRefGoogle Scholar
  9. 9.
    Lee, T.-F., An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. J. Med. Syst. 37(6):9985, 2013. 1–9.CrossRefGoogle Scholar
  10. 10.
    Yeh, H.-T., Sun, H.-M., and Hwang, T., Efficient three-party authentication and key agreement protocols resistant to password guessing attacks. Inf. Sci. Eng. 19(6):1059–1070, 2003.Google Scholar
  11. 11.
    Lee, S.-W., Kim, H.-S., and Yoo, K.-Y., Efficient verifier-based key agreement protocol for three parties without server’s public key. Appl. Math. Comput. 167(2):996–1003, 2005.CrossRefMATHMathSciNetGoogle Scholar
  12. 12.
    Lee, T.-F., Liu, J. L., Sung, M.-J., Yang, S.-B., and Chen, C.-M., Communication-efficient three-party protocols for authentication and key agreement. Comput. Math. Appl. 58:641–648, 2009.CrossRefMATHMathSciNetGoogle Scholar
  13. 13.
    Wang, R.-C., and Mo, K.-R., Security enhancement on efficient verifier-based key agreement protocol for three parties without server’s public key. Int. Math. Forum 1(20):965–972, 2006.MATHMathSciNetGoogle Scholar
  14. 14.
    Kwon, J.-O., Jeong, I.-R., Sakurai, K., and Lee, D.-H., Efficient verifier-based password-authenticated key exchange in the three-party setting. Comput. Stand. Interfaces 29(5):513–520, 2007.CrossRefGoogle Scholar
  15. 15.
    Diffie, W., and Hellman, M., New directions in cryptography. IEEE Trans. Inf. Theory 22(6):644–654, 1976.CrossRefMATHMathSciNetGoogle Scholar
  16. 16.
    Bellare, M., Pointcheval, D., and Rogaway, P., Authenticated key exchange secure against dictionary attacks. Proc. of Advances in Cryptology–Eurocrypt 2000. Lect. Notes Comput. Sci 1807: 122–138, 2000.Google Scholar
  17. 17.
    Boyko, V., MacKenzie, P., and Patel, S., Provably secure password based authenticated key exchange protocols using Diffie-Hellman. Proc. of Advances in Cryptology–Eurocrypt 2000. Lect. Notes Comput. Sci 1807: 156–171, 2000.Google Scholar
  18. 18.
    Abdalla, M., Fouque, P. A., and Pointcheval, D., Password-based authenticated key exchange in the three-party setting. Lect. Notes Comput. Sci 3386:65–84, 2005.CrossRefMathSciNetGoogle Scholar
  19. 19.
    Abdalla, M., and Pointcheval, D., Simple password-based authenticated key protocols. Topics in Cryptology–CT-RSA 2005. Lect. Notes Comput. Sci 3376:191–208, 2005.CrossRefMathSciNetGoogle Scholar
  20. 20.
    Impagliazzo, I., and Shoup, V., A note on an encryption scheme of Kurosawa and Desmedt. Available at http://eprint.iacr.org/2004/194, 2004.
  21. 21.
    Shoup, V., Sequences of games: A tool for taming complexity in security proofs. Available at http://www.shoup.net, 2005.
  22. 22.
    Lee, T.-F., and Hwang, T., Simple password-based three-party authenticated key exchange without server public keys. Inf. Sci. 180(9):1702–1714, 2010.CrossRefMATHGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  1. 1.Department of Computer Science and Information EngineeringNational Chin-Yi University of TechnologyTaichungRepublic of China
  2. 2.Department of Medical InformaticsTzu Chi UniversityHualienRepublic of China

Personalised recommendations