Google Scholar Website Locate a Peer Reviewed Article Discussing Different Types of Authentication

• Loading metrics

Open Access

Peer-reviewed

Enquiry Article

Security Analysis and Improvement of 'a More than Secure Anonymous User Authentication Scheme for the Integrated EPR Information System'

• Muhammad Khurram Khan,
• Xiong Li

Security Analysis and Improvement of 'a More Secure Anonymous User Hallmark Scheme for the Integrated EPR Information System'

• SK Hafizul Islam,
• Muhammad Khurram Khan,
• Xiong Li

x

• Published: August eleven, 2015
• https://doi.org/10.1371/journal.pone.0131368

Figures

Abstract

Over the past few years, secure and privacy-preserving user hallmark scheme has go an integral part of the applications of the healthcare systems. Recently, Wen has designed an improved user authentication organization over the Lee et al.'s scheme for integrated electronic patient record (EPR) information system, which has been analyzed in this written report. We have institute that Wen's scheme still has the following inefficiencies: (one) the correctness of identity and countersign are not verified during the login and password change phases; (2) it is vulnerable to impersonation attack and privileged-insider attack; (three) it is designed without the revocation of lost/stolen smart carte; (iv) the explicit central confirmation and the no key command properties are absent, and (v) user cannot update his/her password without the help of server and secure channel. And then we aimed to propose an enhanced two-factor user authentication organisation based on the intractable assumption of the quadratic rest problem (QRP) in the multiplicative group. Our scheme bears more securities and functionalities than other schemes plant in the literature.

Citation: Islam SH, Khan MK, Li X (2015) Security Analysis and Improvement of 'a More than Secure Anonymous User Authentication Scheme for the Integrated EPR Data System'. PLoS One ten(8): e0131368. https://doi.org/x.1371/journal.pone.0131368

Editor: Yongtang Shi, Nankai University, CHINA

Received: January five, 2015; Accepted: June ane, 2015; Published: August 11, 2015

Copyright: © 2015 Islam et al. This is an open access article distributed nether the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited

Information Availability: All data are avaliable in the paper.

Funding: The get-go author is supported by the Outstanding Potential for Excellence in Research and Academics (OPERA) award, Birla Institute of Engineering science and Science (BITS) Pilani, Pilani Campus, Rajasthan, India. The authors also extend their sincere appreciation to the Deanship of Scientific Enquiry at Rex Saud University for its funding of this Prolific Enquiry Group (PRG-1436-xvi). The funders had no function in study design, data collection and assay, conclusion to publish, or grooming of the manuscript.

Competing interests: The authors have declared that no competing interests exist.

i Introduction

Due to the rapid progress of the communication technologies and information security, anonymous and secure remote user mutual authentication schemes are widely employed in the integrated electronic patient tape (EPR) information arrangement [1–8]. The online services provided by the EPR information organisation non only save patient'southward valuable time, but also helps doctor to accept right and quick clinical decision based on the digital data available on the remote location server of EPR information arrangement [ix–11]. In add-on, with this online facility, the patient residing at abode can access his/her confidential health study [12–fifteen] stored on the EPR server through the cyberspace. On the other hand, the doctor can access and analyze patient's data and can also inform the patients in a timely manner. Appropriately, to provide such type of facilities to the patients and the doctors, many healthcare systems are at present existence replaced the traditional paper-based system with digital service over wireless networks [xvi–21]. Nevertheless, the privacy and confidentiality of patient wellness information must exist maintained when these are accessed from the server over the internet [22–24]. Since the net is ubiquitous in nature and thus the malicious adversaries may endeavor to collect the confidential information of the patients. Thus, a robust and flexible authentication scheme usable in integrated EPR information organization is required to access patient'southward data over any insecure channel [25–29].

one.1 Related Works

In society to maintain the security and privacy of the integrated EPR data system, many smart card based (2-gene) user authentication systems have been presented recently [2, three, 30–34]. However, it has been analyzed from the security customs that the previous schemes are no longer provide required security and functional requirements of a robust user authentication system [12, 13, 17, 25, 28, 29]. In 2012, Wu et al. [32] devised a new user authentication scheme for the integrated EPR data system with countersign and smart card. Then they argued that their scheme [32] resists all the vulnerabilities and includes all the functionalities. Even so, Lee et al. [two] demonstrated that Wu et al.'s scheme [32] is incapable to resist the stolen verifier attack and the lost smart carte set on. Then an improved scheme was proposed by them and claimed that the scheme [2] is strong enough to remove the known vulnerabilities. Recently, Wen [three] has adopted the intractability supposition of the quadratic residue problem (QRP) [35, 36] and designed an enhanced scheme over the scheme proposed by Lee et al. [2].

1.ii Motivation and Contribution

The Wen's scheme [3] is analyzed to be secure and efficient than other schemes [2, 35], however, this paper identifies many inefficiencies on Wen's scheme [3]. This paper advisedly analyzed that Wen's scheme [3] is suffering from the post-obit problems: (one) information technology can not check user identity and password in the login and countersign modify phases; (2) it is weak against the impersonation assault and privileged-insider attacks; (3) it has no facility to revoke the lost/stolen smart card; (4) the explicit key confirmation and the no key control properties of the session key are absent, and (5) it does not update user countersign without any secure channel and the remote server's assistance. In this study, the authors have considered all the security and functionality features, and consequently presented a new user authentication scheme, which is suitable for the application of integrated EPR data system. The performance studies have proved that the proposed blueprint has eliminated the pitfalls of Wen's scheme [3]. Our user authentication would be more applicable for healthcare applications, such as the integrated EPR information system.

one.3 System of the Paper

We organized the residual parts of this newspaper equally follows. The quadratic balance trouble required to understand the rest of this paper is explained in Section 2. We explained the Wen's authentication scheme in Section 3. The weaknesses of Wen's scheme are presented in Department 4. The improved scheme is proposed in Section 5, and its security and functionality discussions are proposed in Department 6. The Section vii provides a comparative analysis and the Section 8 concludes the paper.

2 Quadratic Residue Problem

In this department, we briefly introduce the quadratic residue problem (QRP) [36]. Suppose that the composite number n is the product of two big prime numbers p and q. We can say that b is a quadratic rest modulus n, if the equation b ≡ a ² modernistic n is solvable in the multiplicative group . The set of quadratic residue modulo due north is divers equally (1)

In cryptography, many schemes/protocols [3, 35] are designed under the intractability assumption of the QRP. The hardness assumption of QRP is equivalent to the factoring the big modulus n. That is for given b ∈ QR _n , it is infeasible for a polynomial time bounded algorithm to find a without factoring the public modulus northward.

iii Clarification of the Wen'southward User Hallmark Scheme

Hither, we present Wen'southward 2-gene user hallmark scheme [three]. Initially, the remote medical server S selects two big prime numbers p, q and calculates the modulus as n = pq. Now, S made public n, whereas p and q are kept secret. The list of notations needed to empathise the later part of the paper are described in Table 1.

The following phases are used to described Wen'south authentication scheme.

3.1 Registration Phase

In this phase, the patient U _i performs the registration through secure channel to the integrated EPR data server S in order to obtain a valid smart card. We explained this phase by the following steps:

1. Step ane. U _i sends a registration asking with his/her 〈ID _i , PW _i 〉 to South over a secure channel.
2. Step 2. S verifies the correctness of ID _i and computes 5 = H(K⊕ID _i ).
3. Pace iii. S calculates south ₁ = H(Prisoner of war _i ∣∣K), s ₂ = H(H(PW _i ∣∣s ₁)) and Due north = 5⊕southward _two.
4. Pace four. S initiates a counter c _i = 0 against U _i and insert a tuple 〈ID _i , c _i 〉 in the database. And so S issues a new smart card confronting U _i that includes the data 〈H(⋅), North, s ₁, c _i 〉.
5. Footstep five. Due south sends the smart card to U _i over a secure channel.

3.2 Login Phase

For the login purpose, U _i performs the post-obit steps:

1. Step 1. U _i inserts the smart card into the specific card reader and keys his/her 〈ID _i , Prisoner of war _i 〉. Smart card then selects a number r and computes southward ₂ = H(H(PW _i ∣∣s ₁)).
2. Pace 2. Smart menu computes c _i = c _i + one and M ₁ = (ID _i ∣∣N∣∣s ₂∣∣r∣∣c _i )² modernistic north. Now, U _i sends G ₁ as a login message to S over a public network.

iii.3 Authentication Phase

In this phase, the user (patient) U _i and the server S perform mutual hallmark and then agreed on common clandestine session fundamental. The description of this phase is given with the following steps:

1. Step 1. When S received Yard _one, then extracts (ID _i ∣∣N∣∣s _two∣∣r∣∣c _i ) from M ₁ based on Chinese Residual Theorem (CRT) using the undercover primes p and q. Now, Due south takes the tuple 〈ID _i , from his/her ain database and verifies whether holds. If is incorrect, and then Due south aborts the session. Otherwise, South updates the tuple 〈ID _i , to 〈ID _i , c _i 〉 and continues to the side by side steps.
2. Step 2. S computes v = H(K⊕ID _i ), and verifies it with s ₂. If , South then accepts U _i every bit an legitimate user. Southward computes the session key SK = H(s _ii∣∣r∣∣1).
3. Step 3. S besides performs the calculation of the response message every bit M ₂ = H(s ₂∣∣r∣∣0) and then sends it to U _i over a public network.
4. Step iv. When U _i received M _ii, and then computes = H(s ₂∣∣r∣∣0) and checks whether = G _two is right or not. If , U _i aborts the session. Otherwise, U _i authenticates S and computes the session key SK = H(s ₂∣∣r∣∣one).

The consummate description of login stage and authentication phase of Wen'south scheme [3] is further presented in Tabular array 2.

3.four Password Alter Phase

This stage is executed by U _i and in the cooperation of S. By this stage, U _i is allowed to update his/her quondam password to a new password with the following operations:

1. Stride one. U _i delivers his/her 〈ID _i , Pow _i , PW _new 〉 to South using a secure channel.
2. Stride 2. South computes 5 = H(Thou∣∣ID _i ), = H(PW _new ∣∣G), and . S and so securely sends , N*〉 to U _i . On receiving , N*〉 from South, U _i updates the old smart menu's memory equally 〈ID _i , H(⋅), Due north*, .

Annotation: In the password change stage of Wen'south scheme [3], the counter c _i is non incorporated in the smart card and we consider it as typo. Hither nosotros assumed that Due south sends the tuple , N*〉 to U _i and and then U _i updates the old smart bill of fare'due south memory to 〈H(⋅), N*, , c _i 〉.

4 Security Pitfalls of Wen's Hallmark Scheme

This department is presented to identify and analyze the security and pattern issues of Wen's authentication scheme [3]. The post-obit bug have been observed and their detailed descriptions are given beneath:

4.1 Login Phase is Inefficient and Unfriendly

We claimed that the blueprint of login phase of Wen'south hallmark scheme is inefficient and unfriendly. In this phase, U _i keys his/her 〈ID _i , PW _i 〉 into the smart card and then the smart carte computes the login message M _one without verifying the correctness of the entered login identity ID _i and the password Prisoner of war _i . If U _i incorrectly enters the login identity and the countersign past error, then the smart bill of fare computes the incorrect login message M _i then transfer it to S. On receiving M _one, S checks it and appropriately informs U _i . Therefore, the correctness of 〈ID _i , PW _i 〉 volition be checked by Due south not by the smart bill of fare. Withal, this kind of design puts unnecessary burden on S. In the literature, efficient smart bill of fare based hallmark schemes are proposed [28, 29, 37] where instead of S, the smart card is responsible for checking the correctness of 〈ID _i , PW _i 〉 before calculating the login message Thou _i. The consummate description of the problem nosotros pointed out in Wen's scheme [iii] is explained as follows:

1. Case 1: Here we will prove how the login and hallmark phases will faced trouble if U _i mistakenly insert the incorrect login identity instead of the correct identity ID _i .
   1. Pace 1. U _i enters , PW _i 〉 into the smart carte and so the smart card selects a random number r and calculates due south _ii = H(H(Prisoner of war _i ∣∣southward ₁), c _i = c _i + 1 and Thou _i = mod north. The smart menu then sends M ₁ to S over a public aqueduct.
   2. Footstep ii. In the hallmark stage, Due south extracts from M ₁ based on the Chinese Residuum Theorem (CRT) using the surreptitious primes p and q. Now, South observed that is incorrect by comparing it with the tuples 〈ID _i , stored in the database and accordingly he/she aborts the session.
2. Case two: Now we bear witness that the login and authentication phases of Wen's scheme [3] will suffer from the trouble equally described below if U _i mistakenly insert the incorrect password instead of the correct password Prisoner of war _i .
   1. Stride 1. U _i enters 〈ID _i , into the smart card and so the smart card selects a random number r and calculates , c _i = c _i + 1 and 1000 ₁ = mod northward. The smart card and so sends Grand ₁ to Southward over a public network.
   2. Stride 2. In the authentication stage, S extracts from One thousand _i based on the Chinese Residue Theorem (CRT) using the secret primes p and q. In this case, S found that ID _i and the condition are correct and thus performs additional verifications. Then Southward computes v = H(K⊕ID _i ) and Although, U _i is a legal user, nevertheless, Due south rejects him/her since the verification equation = is non satisfied.

From the above discussions, we can assured that an efficient and robust authentication scheme must verifies the login identity and password before continue to the hallmark phase.

iv.2 Password Modify Phase is Inefficient and Unfriendly

The password change phase of Wen's scheme [3] is likewise inefficient and unfriendly [28, 29, 37]. In this phase, U _i sends his/her 〈ID _i , Prisoner of war _i , PW _new 〉 to Southward through a secure aqueduct. S computes v = H(K∣∣ID _i ), = H(PW _new ∣∣Chiliad), and . S then securely sends , Northward*〉 to U _i . On receiving , N*〉 from S, U _i updates the smart card'south memory as 〈ID _i , H(⋅), North*, , c _i 〉. However, the following inefficiencies have been observed in Wen'southward scheme:

1. Case 1: The user U _i must used a secure aqueduct to deliver 〈ID _i , PW _i , Prisoner of war _new 〉 to S and S also used the secure channel to send , Northward*〉 to U _i . However, each and every password change, Wen'southward scheme [3] needs two secure advice channels and it is costly and difficult to accomplish in existent environments. Equally a result, U _i will not be interested to change his/her password periodically. Notwithstanding, due to the security reasons, it is recommended to change the password periodically.
2. Case 2: For the password change functioning of smart card based authentication scheme, it is recommended that the smart card itself alter the countersign without any connection with the remote server S [37].
3. Case 3: During the password change, the correctness of the entered old identity and password 〈ID _i , PW _i 〉 must be verified before irresolute the old countersign Pow _i to a new password PW _new .

Withal, all of the aforesaid conditions are non incorporated in the password change phase of the Wen'due south authentication scheme [3].

four.3 Impersonation Assail

In Wen's scheme, the erstwhile password PW _i has no part in the password change functioning. Therefore, if the adversary chooses two random passwords and , and issues a countersign modify request on behalf of U _i to Southward by sending 〈ID _i , , . Upon receiving the password change request, S computes v = H(Thou∣∣ID _i ), = , and , and sends , Due north′′〉 to the adversary. Upon receiving , North′′〉, the adversary chooses a sufficiently large value as the counter and then stores the tuple 〈ID _i , H(⋅), Northward′′, , into a smart menu. It can be noted that, the adversary tin successfully impersonate U _i by using this smart card and 〈ID _i , .

4.iv Privileged-Insider Set on

It is difficult for a user to remember a number of passwords, if he/she registers himself/herself to different applications or servers with dissimilar passwords [37, 38]. Therefore, it is common in existent-life environments that a user accesses a number of servers with the common password and identity. All the same, if the password of the user is known past some ways to the privileged-insider of a server, then of course he may try to impersonate the user to admission other application servers. We can define the insider attacker is whatever director of the authentication server, whose intention is to leak the secret information leading to compromise the system. In the registration phase of Wen's hallmark scheme [3], U _i transmitted 〈ID _i , PW _i 〉 in plaintext form to S, so the malicious privileged-insider of S may impersonate U _i by login to other application servers using the known 〈ID _i , Prisoner of war _i 〉. Therefore, Wen's authentication scheme is not secure confronting privileged-insider attack.

four.5 Absence of Lost/Stolen Smart Carte du jour Revocation Phase

In a smart card based authentication scheme, the revocation of lost/stolen smart card plays a vital function in social club to provide the acceptable security to the cease user [39]. However, Wen'southward scheme [3] has not offered such an important security features. In the design of 2-factor user hallmark system, nigh of the researchers offers a realistic assumption that the smart card is non-temper resistance. It includes that if an antagonist obtains a smart card, and then he/she can perform some off-line analysis by monitoring the timing information, power consumption and reverse engineering techniques every bit presented in [forty–42] and can obtain the information from the lost smart bill of fare. Now the adversary may apply some off-line process on the extracted data and may get success to find the correct password of the user. If the adversary found the correct password, and then he/she can masquerade the respective legal user past using the guessed password and the lost smart card [37–39]. Thus, the cryptographic research community suggested that the lost/stolen smart carte revocation phase must be incorporated in ii-factor user authentication scheme so that the remote server tin distinguish the lost smart card and the new smart carte du jour.

four.6 Absenteeism of Explicit Session Cardinal Confirmation Property

According to the assay provided in [43], an authenticated key understanding (AKA) scheme must have the explicit session cardinal confirmation (implicit central authentication and cardinal confirmation) property. The implicit key conformation belongings includes that the user X is assured that Y tin can compute the session central. All the same, the explicit key confirmation holding states that the user X is assured that the user Y has actually computed the session key. Therefore, only the explicit key confirmation belongings provides the stronger assurances that 10 and Y agree the same session fundamental. A key agreement scheme that includes explicit cardinal hallmark is termed as authenticated key agreement with central confirmation (AKC) scheme. In the hallmark phase of Wen'south scheme [3], S computes K _two = H(s ₂∣∣r∣∣0) and sends information technology to U _i . On receiving M ₂, U _i computes = H(s ₂∣∣r∣∣0) and authenticates S if the verification = M ₂ is correct. After this verification, U _i computes the session key as SK = H(southward _two∣∣r∣∣1). As the authentication bulletin Thousand _two does not include the session key information, therefore, the explicit session key confirmation property is not accomplished in Wen's hallmark scheme.

4.7 Absence of No Central Control Property

The no central control belongings of an AKA scheme ways that none of the users have control over others [38, 43, 44]. That is none of the users or even an adversary tin can forcefulness other so that the session key to be a pre-selected value or it may lie within a gear up consisting of modest number of elements. Thus, we can say that an AKA scheme has the no central command property if the session primal is computed with the contributions of all the participants. In Wen'southward scheme [iii], we observed that the final session key agreed between U _i and S is SK = H(south ₂∣∣r∣∣i), where U _i chooses the random number r. Now it is clear that S has no contribution on the session key. Therefore, the no key command belongings is absent in Wen's hallmark scheme.

5 The Proposed User Authentication Scheme

In the post-obit, an improved user authentication scheme is presented that not just eliminates the inefficiencies of Wen's hallmark scheme [3], but also includes boosted security and functional properties of a 2-factor authentication scheme. Like to the Wen's scheme, the security of our user authentication scheme is based on the intractable assumption of the quadratic residue trouble (QRP) in the multiplicative grouping [3, 35, 36]. Initially, the remote server S of the integrated EPR information arrangement selects 2 large prime numbers p, q. S discloses the public modulus n, whereas p and q are kept secret from the outsiders. Due south also selects every bit his/her secret (private) primal. Our enhanced scheme includes the following phases, called registration phase, login phase, hallmark phase, password alter phase and lost/stolen smart carte du jour revocation stage. The consummate explanation of these phases are given beneath.

5.ane Registration Phase

In this phase, a legal user U _i registerers himself/herself to the remote server Southward and obtains a valid medical smart card from S. The following steps are executed by U _i and Due south:

1. Footstep 1. U _i issues a registration request with his/her identity ID _i to Due south over a secure aqueduct.
2. Step ii. On receiving ID _i , S checks whether ID _i is fresh or not. If it is plant in the Due south's database, then Due south informs U _i to supply a fresh login identity. Otherwise, S selects a number then computes A _i = H(ID _i ∣∣1000∣∣b _i ). After that, Due south initiates a counter c _i = 0 [iii] and selects a new smart carte that includes the information 〈H(⋅), north, A _i , c _i 〉. Then Southward securely delivers the smart card to the user U _i . S includes the tuple 〈ID _i , c _i , b _i 〉 into the database [45].
3. Pace 3. On receiving the smart card, U _i inserts the smart card into the card reader and keys his/her login identity ID _i and the password Pow _i into the smart bill of fare. And so the smart card computes B _i = H(ID _i ∣∣PW _i ), C _i = A _i ⊕B _i and D _i = H(A _i ∣∣B _i ). At present the smart card deletes the information 〈A _i , B _i 〉 from the memory so updates it past the tuple 〈H(⋅), north, C _i , D _i , c _i 〉.

v.2 Login Phase

In this stage, U _i computes a login message and sends it to S for verification. The login stage includes the post-obit steps:

1. Step 1. U _i inserts the smart card into the specific card reader and keys his/her 〈ID _i , Prisoner of war _i 〉 into the smart carte du jour. The smart card computes B _i = H(ID _i ∣∣PW _i ), A _i = C _i ⊕B _i and = H(A _i ∣∣B _i ). The smart card aborts the login process if holds. Otherwise, the smart card executes the following steps.
2. Step ii. The smart card computes c _i = c _i + 1 and the login message M _i = (ID _i ∣∣A _i ∣∣a∣∣c _i )² modern due north, where the number is chosen by the smart card. Then the smart card sends M _one to S over a public network.

5.3 Authentication Phase

1. Step 1. Upon receiving One thousand ₁, S then obtains (ID _i ∣∣A _i ∣∣a∣∣c _i ) from Thou ₁ using the Chinese Remainder Theorem (CRT) with p and q. Now, S retrieves the tuple 〈ID _i , , b _i 〉, which is indexed by ID _i , from the database and compares whether holds. If information technology is wrong, S terminates the session. Otherwise, S updates the tuple 〈ID _i , , b _i 〉 to 〈ID _i , c _i , b _i 〉 and continues to the side by side stride.
2. Step ii. Now, S computes = H(ID _i ∣∣One thousand∣∣b _i ) and verifies whether holds. If it is incorrect, Due south terminates the session, otherwise accepts the login message M _ane and authenticates U _i .
3. Step 3. S selects a number and computes d = a⊕b, the session primal SK = H(ID _i ∣∣a∣∣b∣∣A _i ) shared with U _i and M ₂ = H(ID _i ∣∣A _i ∣∣d∣∣SK). Then S delivers the message {d, Chiliad _ii} to U _i over a public network.
4. Step 4. On receiving {d, Chiliad ₂}, U _i computes b = d⊕a, the session central SK = H(ID _i ∣∣a∣∣b∣∣A _i ) and = H(ID _i ∣∣A _i ∣∣d∣∣SK). If , U _i terminates the session. Otherwise, U _i authenticates S and accepts SK as the right session fundamental shared with S.

five.4 Password Alter Phase

In the password change phase, the smart bill of fare is allowed to independently (i.e., without any aid of Due south) change U _i 's old password PW _i to the new password . We described the countersign modify phase with the following steps:

1. Step 1. U _i inserts the smart carte du jour into the specific device so keys his/her 〈ID _i , PW _i 〉 into the smart bill of fare. The smart card then computes B _i = H(ID _i ∣∣Prisoner of war _i ), A _i = C _i ⊕B _i and = H(A _i ∣∣B _i ). The smart card aborts the countersign modify if holds. Otherwise, the smart card executes the next step.
2. Step 2. The smart card computes = , = and = . Now, the smart card updates the tuple 〈H(⋅), n, C _i , D _i , c _i 〉 to tuple 〈H(⋅), north, , , c _i 〉 into the retentivity.

five.v Stolen/Lost Smart Card Revocation Phase

This phase is designed to issue a new smart card if U _i lost his/her old smart card. The description of this phase includes the post-obit steps:

1. Step 1. The user U _i sends the smart carte revocation asking with his/her identity ID _i to S over a secure channel.
2. Step 2. Due south verifies the correctness of the identity ID _i . If it is invalid, S terminates the request. Otherwise, South selects a new number then computes . Southward updates the tuple 〈ID _i , c _i , b _i 〉 to 〈ID _i , c _i , into his/her database. Now, S writes the information 〈H(⋅), n, , c _i 〉 into a new smart card and delivers it to U _i through a secure channel.
3. Step iii. On receiving the new smart carte, U _i inserts it into the card reader and inputs his/her login identity ID _i and the new countersign into the smart card. So the smart card computes = , = and = . At present the smart card deletes the information , course the smart card and then updates the smart carte'due south memory with the tuple 〈H(⋅), n, , , c _i 〉.

The complete clarification of the Login and Authentication phases of our user hallmark scheme is further presented in Tabular array 3.

6 Security and Functionality Analysis of the Proposed Scheme

This section is designed to prove the security and functionality strengths of our proposed scheme [46–48]. At present, we described the following assumptions about the attack adequacy of active and passive adversaries:

• The adversary controls the advice channel [49, fifty] i.e., he/she may intercept, block, inject, remove, or change, whatsoever messages transmitted over the public media, in other words, all the messages communicated between U _i and South are transmitted via .
• may either (i) theft U _i 's smart bill of fare and obtain the undercover data from it through monitoring the timing information, ability consumption and reverse applied science techniques which are proposed in [40–42] and try to obtain U _i 'south right password in any off-line fashion; or (ii) obtain U _i 's password directly by some means. Even so, cannot do both (i) and (ii) [37, 38].

Based on the aforesaid assumptions, the following theorems take been stated and proved against the proposed user authentication scheme.

Theorem 1. The proposed user authentication scheme could provide the user anonymity and user unlinkability.

Proof. Users' anonymity or secrecy, i.e., the protection of user's identity from the antagonist is a dandy business organisation in many internet applications including integrated EPR information system, telecare medical information organization (TMIS), online club placement, Pay-TV, wireless communications, banking transactions, etc [51–53]. The anonymity means that an adversary cannot effigy out the existent identity ID _i of U _i from the eavesdropped authentication messages K ₁ and {d, G ₂}. Suppose that captures U _i 's authentication bulletin M ₁ = (ID _i ∣∣A _i ∣∣a∣∣c _i )² mod n for a session. However, cannot recall the identity ID _i from M _i due to the difficulties of quadratic residue trouble and from M _two due to the one-style property of the hash office H(⋅). On the other mitt, cannot link that the 2 authentication messages K _one = (ID _i ∣∣A _i ∣∣a∣∣c _i )² mod n and = mod due north belong to the same user U _i and as a issue the proposed scheme satisfies user anonymity and unlinkability [38, 45, 54].

Theorem ii. The proposed user authentication scheme could provide the perfect forward secrecy of the session key.

Proof. The perfect forward secrecy [43, 45, 55] ensures that a session primal derived in a session will remains undisclosed even if the server's secret primal is compromised. In the proposed scheme, the session central is computed as SK = H(ID _i ∣∣a∣∣b∣∣A _i ), where A _i = H(ID _i ∣∣K∣∣b _i ) and the random numbers a and b are called past U _i and S, respectively. Therefore, even if has the knowledge of secret fundamental K of Due south, needs to be excerpt a and b from M _i = (ID _i ∣∣A _i ∣∣a∣∣c _i )² mod n and {d = a⊕b, M _two = H(ID _i ∣∣A _i ∣∣d∣∣SK)} to derive the session primal SK, however this is infeasible due to the quadratic residue problem [iii, 35]. Thus, our scheme provides the functionality of session fundamental perfect forwards secrecy.

Theorem 3. The proposed user hallmark scheme could resist the replay attack.

Proof. In replay attack, the adversary captured a valid login message of previous session and and then fraudulently replayed to current session to impersonate U _i or S. Assume that, in our scheme, captured the previous login message M _one = (ID _i ∣∣A _i ∣∣a∣∣c _i )^two mod northward of U _i and replays it in the current session. However, S quickly detects that G _one is a replay bulletin by comparison the counter c _i in the message K ₁ with the counter retrieves from S'southward database. When U _i sends M ₁ = (ID _i ∣∣A _i ∣∣a∣∣c _i )² mod n to S, then S verifies it and stores the counter c _i to the tuple 〈ID _i , c _i , b _i 〉. Now, if the same M ₁ is replayed by the adversary in futurity session then the computed counter c _i is equal to or less than the retrieved counter c _i . The counter c _i helps Southward to detect the replay attack [3]. Thus, the proposed user authentication scheme avoids the replay attack.

Theorem iv. The proposed user hallmark scheme could resist the modification/forgery attack.

Proof. In the login phase, U _i sends 1000 _ane = (ID _i ∣∣A _i ∣∣a∣∣c _i )² mod n to S and Southward responds with the message {d = a⊕b, One thousand ₂ = H(ID _i ∣∣A _i ∣∣d∣∣SK)} to U _i over an open channel. Since A _i is protected in M _i based on the difficulty of solving the QRP and in Yard _ii by the one-way property of the hash function H(⋅), any modification of M ₁ and M ₂ by the adversary will exist detected by U _i and Due south through the verification equations , and . Therefore, our authentication scheme protects this kind of modification/forgery attack.

Theorem 5. The proposed user authentication scheme could resist the privileged-insider attack.

Proof. To make the user-friendly access of different awarding servers, user generally registers himself/herself by the common login identity and passwords. Information technology is harmful for the user that if the password is compromised to the privileged-insider of a server, then he/she tin can hands impersonate the user and can login to other applications. In the registration phase of our scheme, U _i just sends his/her login identity ID _i not any password to S. Upon receiving the smart carte from Due south, U _i inserts his/her PW _i into the smart card. As a result, PW _i is not exposed to the privileged-insider of S. Therefore, our scheme withstands the privileged-insider attack.

Theorem 6. The proposed user authentication scheme could provide the off-line password guessing attack from lost/stolen smart carte du jour.

Proof. The off-line countersign guessing attack is infeasible in our scheme. Assume that 𝓐 obtains U _i 's smart bill of fare and extracts the parameters 〈H(⋅), due north, C _i , D _i , c _i 〉, where C _i = H(ID _i ∣∣K∣∣b _i )⊕H(ID _i ∣∣Pw _i ) and D _i = H(H(ID _i ∣∣One thousand∣∣b _i )∣∣H(ID _i ∣∣PW _i )). Now may effort to judge the right password PW _i of U _i in off-line processes. However, without knowing K and b _i , cannot find Prisoner of war _i . Thus, our user authentication scheme strongly resists the off-line password guessing attack from lost/stolen smart bill of fare.

Theorem 7. The proposed user authentication scheme could resist the ephemeral secret leakage attack.

Proof. This attacks states that the none of the session keys should be compromised with the disclosures of session random numbers (ephemeral secrets) [56]. The ephemeral secrets may be compromised [37, 45] and it is quite mutual in real environments due to the post-obit reasons: (i) user and server depended on the internal/external source of random number generator which may be controlled past and (2) the random numbers are generally stored in insecure device. If the random numbers aren't erased properly in each session, may hijack users' computer and learn the random numbers. In our scheme, U _i and S generate the session key equally SK = H(ID _i ∣∣a∣∣b∣∣A _i ), where A _i = H(ID _i ∣∣Thousand∣∣b _i ). Suppose that 〈a, b〉 is disclosed and knows it. However, cannot compute SK without A _i . Therefore, the ephemeral secret leakage set on is infeasible in the proposed scheme.

Theorem viii. The proposed user authentication scheme could resist the known-cardinal attack.

Proof. This set on states that, none of the session keys are compromised fifty-fifty if the adversary knows another session keys [43]. In our scheme, U _i and South establish a session key SK = H(ID _i ∣∣a∣∣b∣∣A _i ), where A _i = H(ID _i ∣∣Chiliad∣∣b _i ). The numbers a and b are randomly chosen from and hence SK is as well random and independent in each session. Therefore, with the cognition of previous session keys cannot compute a new session central. Accordingly, the known-key attack is impossible in our user authentication scheme.

Theorem ix. The proposed user authentication scheme could resist the unknown key-share attack and provide the explicit key confirmation property of the agreed session key.

Proof. The unknown cardinal-share attack [43] is a situation that U _i finishes the session by believing that he/she shares the session central SK correctly with S, nonetheless, Due south mistakenly believes that SK is instead shared with the adversary . In the proposed scheme, S computes the session central SK after validating the messages M ₁. To validate the bulletin {d, Thou ₂} and to become the confirmation almost the agreed session key SK, U _i computes SK = H(ID _i ∣∣a∣∣b∣∣A _i ), = H(ID _i ∣∣A _i ∣∣d∣∣SK) and authenticates Due south and accepts SK as the correct session cardinal if the condition concur. Therefore, U _i and S mutually authenticate each other and then compute the session key SK, appropriately our scheme enjoys the unknown central-share attack resilience and explicit key confirmation of the session key.

Theorem 10. The proposed user authentication scheme could provide efficient and user friendly password change selection.

Proof. Our scheme gives the flexibility to the user to choose low-entropy password past himself/herself and change the countersign periodically without remote server's help [28, 29]. Moreover, the proposed scheme detects the incorrect password and identity during the login phase and password change phase. In these processes, if U _i keys either wrong password or identity past error, the smart carte reports the error message to U _i without any consultation with S [37]. On the other mitt, if thefts U _i 's smart carte, notwithstanding, he/she does not accept the capability to update smart bill of fare's retentivity without correct countersign Pw _i , and consequently the deprival of service (DoS) assail is eliminated in our scheme. If tries to do the same with wrong countersign, the smart menu will be locked immediately if the number of login failure exceeds the pre-defined limit.

Theorem xi. The proposed user authentication scheme could provide mutual hallmark and session primal agreement betwixt the user and the remote server.

Proof. In our scheme, S authenticates U _i 's login bulletin M ₁ = (ID _i ∣∣A _i ∣∣a∣∣c _i )² modernistic n by verifying the conditions and . Similarly, U _i verifies S's response message 〈d, M ₂〉 by validating whether holds. Without 〈Pw _i , K〉, cannot impersonate none of U _i and Southward. Hence, the secure common authentication betwixt U _i and S is achieved in our scheme. Moreover, after mutual authentication, U _i and S compute a random and unique session key SK = H(ID _i ∣∣a∣∣b∣∣A _i ), where A _i = H(ID _i ∣∣K∣∣b _i ).

seven Performance Assay of the Proposed Scheme

In the post-obit, nosotros have performed the comparing analysis of our authentication scheme with the schemes proposed in [3, 34, 57–59]. Here, the post-obit notations are described for this purpose:

• t _h : Time needed to execute a hash function.
• t _grand : Time needed to execute a modular squaring computation.
• t _q : Fourth dimension needed to execute a square root operation with the modulus due north.

The comparative result of the proposed scheme and the schemes in [3, 34, 57–59] from the aspects of computation price and communication round is listed in the Table iv. Our scheme proposed all the required phases where the schemes in [3, 34, 57–59] exercise not have countersign change phase and smartcard revocation phase. Furthermore, we observed that our scheme is more robust and computation and communication cost efficient than the schemes devised in [3, 34, 57–59].

We also given a comparison in Fig 1 against the number of operations used in the registration and login phased of the schemes in [3, 34, 57–59] with the proposed scheme.

In 2011, based on QRP, Wu et al [57] proposed a user authentication scheme using smartcard. However, the scheme is vulnerable to (i) privileged-insider attack since the plaintext password is sending to the server for registration, (2) the scheme does non verify the keyed countersign and identity in the login stage, (3) the scheme does non take password alter phase, (4) it has no provision to revoke the lost/stolen smart menu, (five) no session key understanding method is proposed and (6) user anonymity and unlinkability are violated equally the identity is transmitted in plaintext form. In the yr 2012, in order to ensure users' privacy, Zhu [34] proposed a user authentication schemes for telecare medicine information systems. We carefully observed that the Zhu's scheme [34] is not free from attack since (i) the scheme does not verify the definiteness of the login identity and countersign in the login stage, (2) the scheme does non verify the correctness of the login identity and password in the password change stage, (iii) the scheme has no provision to revoke the smartcard in instance if the smartcard is stolen or lost, (iv) the scheme does not design a session key understanding method during login and authentication phases, (5) user anonymity and user untracibility are not present in this scheme. In 2013, Cheng et al. [58] proposed a a biometric-based remote user common hallmark and session key understanding scheme using QRP. Still, Yoon [60] showed that the scheme is insecure from the stolen smart card assault, server spoofing set on and does not provide session key frontwards secrecy. Nosotros also observed that the scheme does not take provision for password modify and lost/stolen smart card revocation. In addition, the scheme does not verify the correctness of keyed identity and countersign in the login phase. Further, the scheme is also suffered from the ephemeral secrets leakage attack equally the session key solely depended on the random numbers called by the user and server. In 2015, Lee [59] proposed an efficient smartcard-based two-factor remote user common authentication scheme. However, we observed that the scheme is not secure since (one) the scheme does non proposed any password alter method, (2) the scheme does not proposed whatsoever lost/stolen smart card revocation method, (3) The scheme has no provision for session key agreement during login and hallmark phases, (iv) the scheme does not verify the keyed password and identity in the login stage, (5) the privileged-insider assail since the plaintext password is sending to the server for registration.

In the comparative assay of the proposed scheme and the schemes [three, 34, 57–59] with respect to security and functionality are included in the Table 5. Form Tables 4 and 5, it can be see that the proposed user authentication scheme includes more security and functional features compared to [3, 34, 57–59].

8 Conclusions

The privacy and confidentiality of patient information and the untraceability and anonymity of patient have considered of import factors from the security enquiry communities for any user authentication system used in different healthcare applications. In keeping with these requirements, Wen proposed an enhanced user hallmark scheme confronting Lee et al.'southward authentication scheme for the EPR information system. All the same, this paper analyzed Wen's scheme and demonstrated that information technology has many security and design problems and thus, it may non be considered appropriate for the secure and efficient healthcare applications. Nosotros have and then taken into consideration the intractability assumption of the quadratic residue trouble in the multiplicative group and proposed some other two-cistron user authentication scheme with more security and functionality aspects than existing schemes.

Acknowledgments

The authors would like to acknowledge the many helpful suggestions of the anonymous reviewers and the editor, which have improved the content and the presentation of this paper.

Writer Contributions

Conceived and designed the experiments: SKHI MKK Xl. Performed the experiments: SKHI MKK XL. Analyzed the information: SKHI MKK XL. Contributed reagents/materials/analysis tools: SKHI MKK Forty. Wrote the paper: SKHI MKK Twoscore. Designed the scheme: SKHI MKK XL. Proved the security of the scheme: SKHI MKK 40.

References

1. 1. Wu Z-Y, Chung Y, Lai F, Chen T-S (2012) A Password-based user authentication scheme for the integrated EPR data system. Journal of Medical Systems 36(2): 631–638. pmid:20703670
   • View Article
   • PubMed/NCBI
   • Google Scholar
2. 2. Lee TF, Chang IP, Lin TH, Wang CC (2013) A secure and efficient countersign-based user authentication scheme using smart cards for the integrated EPR information system. Journal of Medical Systems 37(3): 9941. pmid:23553734
   • View Article
   • PubMed/NCBI
   • Google Scholar
3. 3. Wen FT (2014) A more secure anonymous user authentication scheme for the integrated EPR information system. Periodical of Medical Systems.
   • View Commodity
   • Google Scholar
4. 4. Islam SH, Khan MK (2014) Cryptanalysis and Improvement of Authentication and Primal Agreement Protocols for Telecare Medicine Information Systems. Journal of Medical Systems 38(10): 1–xvi.
   • View Article
   • Google Scholar
5. v. Islam SH, Biswas GP (2015) Cryptanalysis and improvement of a countersign-based user authentication scheme for the integrated EPR data organization. Journal of Rex Saud Academy—Computer and Information Sciences.
   • View Article
   • Google Scholar
6. 6. Li 10, Xiong YP, Ma J, Wang WD (2012) An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. Journal of Network and Estimator Applications 35(2): 763–769.
   • View Commodity
   • Google Scholar
7. seven. Li X, Niu JW, Khan MK, Liao JG (2013) An enhanced smart bill of fare based remote user password authentication scheme. Journal of Network and Computer Applications 36(5): 1365–1371.
   • View Article
   • Google Scholar
8. 8. Li X, Ma J, Wang WD, Xiong YP, Zhang JS (2013) A novel smart card and dynamic ID based remote user authentication scheme for multi-server environments. Mathematical and Computer Modelling 58(1): 85–95.
   • View Commodity
   • Google Scholar
9. 9. Ding Southward, Yang S, Zhang Y, Liang C, Xia C (2014) Combining QoS prediction and client satisfaction estimation to solve deject service trustworthiness evaluation problems. Knowledge-Based Systems 56: 216–225.
   • View Commodity
   • Google Scholar
10. ten. Ding S, Wang J, Ruan Southward, Xia C (2015) Inferring to private variety promotes the cooperation in the spatial prisoner's dilemma game. Anarchy, Solitons & Fractals 71: 91–99.
    • View Commodity
    • Google Scholar
11. eleven. Ding S, Xia C-Y, Zhou One thousand-L, Yang S-50, Shang JS (2014) Decision Back up for Personalized Cloud Service Selection through Multi-Aspect Trustworthiness Evaluation. PLoS One 9(6): e97762. pmid:24972237
    • View Article
    • PubMed/NCBI
    • Google Scholar
12. 12. He D, Chen J, Zhang R (2012) A more secure authentication scheme for telecare medicine information systems. Periodical of Medical Systems 36(iii): 1989–1995.
    • View Article
    • Google Scholar
13. xiii. Wei J, Hu X, Liu West (2012) An improved authentication scheme for telecare medicine information systems. Periodical of Medical Systems 36(six): 3597–3604. pmid:22374237
    • View Article
    • PubMed/NCBI
    • Google Scholar
14. 14. Li SH, Wang CY, Lu WH, Lin YY, Yen DC (2012) Design and implementation of a telecare data platform. Journal of Medical Systems 36(3): 1629–1650. pmid:21120592
    • View Article
    • PubMed/NCBI
    • Google Scholar
15. 15. Chen H. Grand., Lo J. W., Yeh C. K., An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. Journal of Medical Systems (2012) 36(6): 3907–3915. pmid:22673892
    • View Article
    • PubMed/NCBI
    • Google Scholar
16. 16. Wu Z-Y, Lee Y-C, Lai F, Lee H-C, Chung Y (2010) A secure authentication scheme for telecare medicine data systems. Journal of Medical Systems 36(3): 1529–1535. pmid:20978928
    • View Commodity
    • PubMed/NCBI
    • Google Scholar
17. 17. Pu Q, Wang J, Zhao R (2012) Strong hallmark scheme for telecare medicine information systems. Journal of Medical Systems 36(4): 2609–2619. pmid:21594637
    • View Article
    • PubMed/NCBI
    • Google Scholar
18. 18. Kraus V, Dehmer Yard, Schutte G (2013) On Sphere-Regular Graphs and the Extremality of Information-Theoretic Network Measures. Communications in Mathematical and in Computer Chemistry lxx: 885–900.
    • View Article
    • Google Scholar
19. 19. Cao S, Dehmer Chiliad, Shi Y (2014) Extremality of degree-based graph entropies. Information Sciences 278: 22–33.
    • View Commodity
    • Google Scholar
20. 20. Dehmer M, Grabner 1000 (2013) The Discrimination Power of Molecular Identification Numbers Revisited. Communications in Mathematical and in Computer Chemistry 69: 785–794.
    • View Article
    • Google Scholar
21. 21. Li X, Li Y, Shi Y, Gutman I (2013) Note on the Human being.LUMO Index of Graphs. Communications in Mathematical and in Estimator Chemistry lxx: 85–96.
    • View Article
    • Google Scholar
22. 22. Islam SH, Biswas GP (2014) Dynamic ID-based remote user authentication scheme with smartcard using elliptic curve cryptography. Journal of Electronics 31(v): 473–488.
    • View Article
    • Google Scholar
23. 23. Islam SH (2014) Provably secure dynamic identity-based three-gene password authentication scheme using extended cluttered maps. Nonlinear Dynamics 78(3): 2261–2276.
    • View Article
    • Google Scholar
24. 24. Islam SH (2014) A provably secure ID-based mutual authentication and key agreement scheme for mobile multi-server environment without ESL attack. Wireless Personal Communications 79: 1975–1991.
    • View Article
    • Google Scholar
25. 25. Jiang Q, Ma J, Ma Z, Li Chiliad (2013) A privacy enhanced authentication scheme for telecare medical information systems. Journal of Medical Systems 37: 9897. pmid:23321959
    • View Commodity
    • PubMed/NCBI
    • Google Scholar
26. 26. Kumari S, Khan MK, Kumar R (2013) Cryptanalysis and comeback of 'a privacy enhanced scheme for telecare medical information systems'. Journal of Medical Systems 37: 9952–9962. pmid:23689993
    • View Commodity
    • PubMed/NCBI
    • Google Scholar
27. 27. Xu X, Zhu P, Wen Q, Jin Z, Zhang H, He L (2014) A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine data systems. Journal of Medical Systems 38: 9994. pmid:24346928
    • View Article
    • PubMed/NCBI
    • Google Scholar
28. 28. Das AK, Goswami A (2013) A secure and efficient uniqueness-and-anonymity-preserving remote user hallmark scheme for continued wellness care. Journal of Medical Systems 37(3): 1–sixteen.
    • View Commodity
    • Google Scholar
29. 29. Das AK, Bruhadeshwar B (2013) An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system. Journal of Medical Systems 37(5): ane–17.
    • View Article
    • Google Scholar
30. 30. Lee TF (2013) An efficient chaotic maps-based authentication and key understanding scheme using smart cards for telecare medicine data systems. Journal of Medical Systems 37(6): 9985. pmid:24141492
    • View Article
    • PubMed/NCBI
    • Google Scholar
31. 31. Wen FT (2013) A robust uniqueness and anonymity preserving remote user authentication scheme for connected wellness care. Periodical of Medical System 37(vi): 9980.
    • View Article
    • Google Scholar
32. 32. Wu ZY, Lee YC, Lai F, Lee HC, Chung Y (2012) A secure authentication scheme for telecare medicine information systems. Journal of Medical System 36(3): 1529–1535.
    • View Article
    • Google Scholar
33. 33. Yau WC, Raphael C, Phan W (2013) Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems. Periodical of Medical System 37(6): 9993.
    • View Article
    • Google Scholar
34. 34. Zhu Z (2012) An efficient authentication scheme for telecare medicine information systems. Journal of Medical Organization 36(6): 3833–3838.
    • View Commodity
    • Google Scholar
35. 35. Chen Y, Chou J, Sunday H (2008) A novel common-authentication scheme based on quadratic residues for RFID systems. Figurer Networks 52(12): 2373–2380.
    • View Commodity
    • Google Scholar
36. 36. Rosen K (2008) Elementary number theory and its applications. Reading. MA: Addison-Wesley.
37. 37. Islam SH (2014) Design and analysis of an improved smart menu based remote user password authentication scheme. International Journal of Communication Systems.
    • View Commodity
    • Google Scholar
38. 38. Islam SH, Biswas GP, Choo K-KR (2014) Cryptanalysis of an improved smart menu-based remote password authentication scheme. Data Sciences Letters 3(1): 35–40.
    • View Article
    • Google Scholar
39. 39. Fan C-I, Chan Y-C, Zhang Z-One thousand (2005) Robust remote hallmark scheme with smart cards. Computers and Security 24: 619–628.
    • View Commodity
    • Google Scholar
40. twoscore. Messerges TS, Dabbish EA, Sloan RH (2012) Examining smart card security nether the threat of power assay attacks. IEEE Transactions on Computers 51(5): 541–552.
    • View Article
    • Google Scholar
41. 41. Joye 1000, Olivier F (2005) Side-aqueduct analysis, Encyclopedia of Cryptography and Security. Kluwer Bookish Publishers, pp. 571–576.
42. 42. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Proceedings of Advances in Cryptology (Crypto'99), LNCS, pp. 388–397.
43. 43. Blake-Wilson Due south, Johnson D, Menezes A (1997) Cardinal agreement protocols and their security assay. In: Proceedings of Sixth IMA International Conference on Cryptography and Coding, Cirencester, pp. 30–45.
44. 44. Islam SH, Biswas GP (2012) A pairing-free identity-based authenticated grouping cardinal understanding protocol for imbalanced mobile networks. Annals of telecommunication 67: 547–558.
    • View Article
    • Google Scholar
45. 45. Islam SH, Biswas GP (2011) A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic bend cryptosystem. Journal of Systems and Software 84 (xi): 1892–1898.
    • View Article
    • Google Scholar
46. 46. He D, Kumar Due north, Chilamkurti Due north (2015) A secure temporal-credential-based common authentication and fundamental agreement scheme with pseudo identity for wireless sensor networks. Data Sciences.
    • View Article
    • Google Scholar
47. 47. He D, Zeadally S (2015) Hallmark protocol for ambient assisted living organisation. IEEE Communications Magazine 35(1):71–77.
    • View Article
    • Google Scholar
48. 48. He D, Kumar N, Chen J, Lee C-C, Chilamkurti Northward, Yeo S-Southward (2015) Robust anonymous authentication protocol for healthcare applications using wireless medical sensor networks. Multimedia Systems 21(1):49–60.
    • View Article
    • Google Scholar
49. 49. Dolev D, Yao A (1983) On the security of public central protocols. IEEE Transactions on Information Theory 29(2): 198–208.
    • View Commodity
    • Google Scholar
50. 50. Li X, Niu J, Ma J, Wang Due west, Liu C (2011) Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Periodical of Network and Reckoner Applications 34(1): 73–79.
    • View Commodity
    • Google Scholar
51. 51. Wu Due south, Zhu Y, Pu Q (2012) Robust smart-cards-based user authentication scheme with user anonymity. Security and Communication Networks (2012) 5(ii): 236–248.
    • View Article
    • Google Scholar
52. 52. Li X, Qiu West, Zheng D, Chen 1000, Li J (2010) Anonymity enhancement on robust and efficient password-authenticated cardinal agreement using smart cards. IEEE Transaction on Industrial Electronics 57(2): 793–800.
    • View Article
    • Google Scholar
53. 53. Khan MK, Kim South-K, Alghathbar Thousand (2011) Cryptanalysis and security enhancement of a 'more efficient & secure dynamic ID-based remote user authentication scheme. Computer Communications 34(three): 305–309.
    • View Article
    • Google Scholar
54. 54. Islam SH, Biswas GP (2012) An improved ID-based client authentication with primal agreement scheme on ECC for mobile customer-server environments. Theoretical and Practical Informatics 24(4): 293–312.
    • View Article
    • Google Scholar
55. 55. Islam SH, Biswas GP (2013) Design of improved password authentication and update scheme based on elliptic curve cryptography. Mathematical and Computer Modelling 57 (11-12): 2703–2717.
    • View Article
    • Google Scholar
56. 56. Islam SH, Biswas GP (2011) Improved remote login scheme based on ECE. In: Proceedings of the International Conference on Contempo Trends in It, pp. 1221–1226.
57. 57. Wu T-S, Lin H-Y, Lee One thousand-50, Chen W-Y (2011) Fast Remote User Authentication Scheme with Smart Card Based on Quadratic Remainder. Journal of Digital Information Management ix(2): 51–54.
    • View Article
    • Google Scholar
58. 58. Cheng ZY, Liu Y, Chang CC, Liu CX (2013) A novel biometricbased remote user hallmark scheme using quadratic residues. International Journal of Information and Electronics Engineering 3(4):419–422.
    • View Article
    • Google Scholar
59. 59. Lee T-F (2015) An Efficient Dynamic ID-based User Authentication Scheme using Smart Cards without Verifier Tables. Applied Mathematics & Information Sciences 9(i): 485–490.
    • View Article
    • Google Scholar
60. 60. Yoon E-J (2014) Security Flaws of Cheng et al.'southward Biometric-based Remote User Authentication Scheme Using Quadratic Residues. Contemporary Engineering Sciences 7(26): 1467–1473.
    • View Article
    • Google Scholar

walkersnate1986.blogspot.com

Source: https://journals.plos.org/plosone/article?id=10.1371%2Fjournal.pone.0131368

Share this post