A Chaotic-Map-Based Password-Authenticated Key Exchange Protocol for Telecare Medicine Information Systems

Telecare medicine information systems (TMISs) provide e-health services such that patients can access medical resources conveniently and doctors can prescribe treatments rapidly. Authentication is an essential security requirement in TMISs. In particular, the growth of password-based remote patient authenticated key exchange combining extended chaotic maps has enhanced the level of secure communications for TMISs. Recently, Lee suggested an improved random-number-based password-authenticated key exchange (PAKE) using extended chaotic maps and synchronized-clock-based PAKE using extended chaotic maps on Guo and Zhang and Xiao et al.’s PAKE. Unfortunately, we found that the nonce-based scheme of Lee is insecure against known session-specific temporary information and server spoofing attacks. To cope with the aforementioned defects, this study aims to provide a new secure PAKE based on extended chaotic maps with more security functionalities for TMISs. Additionally, we show that the proposed scheme for TMISs provides high security along with low communication cost, computational cost, and a variety of security features.

A construction of a conformal Chebyshev chaotic map based authentication protocol for healthcare telemedicine services

The outbreak of coronavirus has caused widespread global havoc, and the implementation of lockdown to contain the spread of the virus has caused increased levels of online healthcare services. Upgraded network technology gives birth to a new interface “telecare medicine information systems” in short TMIS. In this system, a user from a remote area and a server located at the hospital can establish a connection to share the necessary information between them. But, it is very clear that all the information is always being transmitted over a public channel. Chaotic map possesses a dynamic structure and it plays a very important role in the construction of a secure and efficient authentication protocols, but they are generally found vulnerable to identity-guess, password-guess, impersonation, and stolen smart-card. We have analyzed (Li et al. in Fut Gen Comput Syst 840:149–159, 2018; Madhusudhan and Nayak Chaitanya in A robust authentication scheme for telecare medical information systems, 2008; Zhang et al in Privacy protection for telecare medicine information systems using a chaotic map-based three-factor authenticated key agreement scheme, 2017; Dharminder and Gupta in Pratik security analysis and application of Chebyshev Chaotic map in the authentication protocols, 2019) and found that Bergamo’s attack (IEEE Trans Circ Syst 52(7):1382–1393, 2005) cannot be resisted by the protocol. Although few of the protocols ensures efficient computations but they cannot ensure an anonymous and secure communication. Therefore, we have proposed a secure and efficient chaotic map based authentication protocol that can be used in telecare medicine information system. This protocol supports verified session keys with only two messages of exchange. Moreover, we have analysed the performance of proposed protocol with relevant protocols and it is being implemented in “Automated Validation of Internet Security Protocols and Applications” respectively.

Cryptanalysis of Zhian Zhu’s Scheme and Evaluation of TMIS Smart Card Authentication Schemes

The security for Telecare Medicine Information Systems (TMIS) is extremely vital. In this context, numerous TMIS-based authentication schemes have been introduced, however different types of attacks and inefficiencies render these schemes inappropriate for this scenario. This paper investigates various TMIS-based authentication schemes present in the literature. It additionally compares these schemes based on computation cost and potential security attacks. Further, it also demonstrates that Zhian Zhu’s scheme is inaccurate as the server fails to approve and validate the login request message of a user in the authentication phase.

Mutual Authentication Protocol for D2D Communications in a Cloud-Based E-Health System

The development of the Internet of Things (IoT) predicts several new applications, some of which are designed to be incorporated into e-health systems, and some technologies, like cloud computing and device-to-device communication (D2D), are promising for use in the support of resource-constrained devices employed in Mobile-health (m-health) and Telecare Medicine Information Systems (TMIS). In a scenario with billions of devices predicted for the IoT, it is essential to avoid performance and security problems, among others. Security is fundamental for the achievement of optimal performance regarding the sensibility of e-health shared data and, especially, the anonymity of patients and other entities, while it is also essential to consider the scarcity of bandwidth in wireless networks. This paper proposes a new mutual authentication protocol for m-health systems, which supports D2D communication, ensuring security and surpassing the performance and security of other authentication procedures reported in the literature.