Abstract
To achieve the security and privacy, many remote user authentication schemes based on cryptography for telecare medicine information systems have been proposed. Recently, Lu et al. proposed an enhanced biometric-based authentication scheme for telecare medicine information system using elliptic curve cryptosystem. They found that Arshad et al.’s scheme was vulnerable to off-line password guessing attack and user impersonation attack, and claimed that their scheme was more secure against various attacks. However, we demonstrate that their scheme is still insecure and vulnerable to outsider attack, user impersonation attack, server impersonation attack and smart card stolen attack in this paper.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lambrinoudakis, C., Gritzalis, S.: Managing Medical and Insurance Information Through a Smart-Card-Based Information System. Journal of Medical Systems 24(4), 213–234 (2000)
Lee, Y., Kim, J., Won, D.: Countermeasure on Password-Based Authentication Scheme for Multi-server Environments. Multimedia and Ubiquitous Engineering 308, 459–466 (2013)
Choi, Y., Nam, J., Lee, D., Kim, J., Jung, J., Won, D.: Security Enhanced Anonymous Multi-Server Authenticated Key Agreement Scheme Using Smart Cards and Biometrics. The Scientific World Journal 2014, 1–15 (2014)
Jung, J., Jeon, W., Won, D.: An enhanced remote user authentication scheme using smart card. In: Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication (ICUIMC), pp. 62–66 (2014)
Mun, J., Kim, J., Lee, D., Jung, J., Won, D.: An improvement of efficient dynamic ID-based user authentication scheme using smart cards without verifier tables. In: Proceedings of the International Conference on Security and Management (SAM), pp. 152–156 (2015)
Awasthi, A.K., Srivastava, K.: A Biometric Authentication Scheme for Telecare Medicine Information Systems with Nonce. Journal of Medical Systems 37(9964), 1–4 (2013)
Mishra, D., Mukhopadhyay, S., Kumari, S., Khan, M.K., Chaturvedi, A.: Security Enhancement of a Biometric based Authentication Scheme for Telecare Medicine Information Systems with Nonce. Journal of Medical Systems 35(41), 1–11 (2014)
Tan, Z.: A User Anonymity Preserving Three-Factor Authentication Scheme for Telecare Medicine Information Systems. Journal of Medical Systems 38(16), 1–9 (2014)
Arshad, H., Nikooghadam, M.: Three-Factor Anonymous Authentication and Key Agreement Scheme for Telecare Medicine Information Systems. Journal of Medical Systems 38(136), 1–12 (2014)
Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48(177), 203–209 (1987)
Lu, Y.R., Li, L.X., Peng, H.P., Yang, Y.X.: An Enhanced Biometric-Based Authentication Scheme for Telecare Medicine Information Systems using Elliptic Curve Cryptosystem. Journal of Medical Systems 39(32), 1–8 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer Science+Business Media Singapore
About this paper
Cite this paper
Mun, J., Yu, J., Kim, J., Yang, H., Won, D. (2015). Cryptanalysis of Enhanced Biometric-Based Authentication Scheme for Telecare Medicine Information Systems Using Elliptic Curve Cryptosystem. In: Park, DS., Chao, HC., Jeong, YS., Park, J. (eds) Advances in Computer Science and Ubiquitous Computing. Lecture Notes in Electrical Engineering, vol 373. Springer, Singapore. https://doi.org/10.1007/978-981-10-0281-6_1
Download citation
DOI: https://doi.org/10.1007/978-981-10-0281-6_1
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-0280-9
Online ISBN: 978-981-10-0281-6
eBook Packages: Computer ScienceComputer Science (R0)