Telecare medicine information systems (TMISs) provide e-health services such that patients can access medical resources conveniently and doctors can prescribe treatments rapidly. Authentication is an essential security requirement in TMISs. In particular, the growth of password-based remote patient authenticated key exchange combining extended chaotic maps has enhanced the level of secure communications for TMISs. Recently, Lee suggested an improved random-number-based password-authenticated key exchange (PAKE) using extended chaotic maps and synchronized-clock-based PAKE using extended chaotic maps on Guo and Zhang and Xiao et al.’s PAKE. Unfortunately, we found that the nonce-based scheme of Lee is insecure against known session-specific temporary information and server spoofing attacks. To cope with the aforementioned defects, this study aims to provide a new secure PAKE based on extended chaotic maps with more security functionalities for TMISs. Additionally, we show that the proposed scheme for TMISs provides high security along with low communication cost, computational cost, and a variety of security features.
A Chaotic-Map-Based Password-Authenticated Key Exchange Protocol for Telecare Medicine Information Systems
