Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems

Citation

Yau, Wei-Chuen and Phan, Raphael C.-W. (2013) Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems. Journal of Medical Systems, 37 (6). ISSN 0148-5598

[img] Text
Security analysis of a chaotic map-based authentication scheme for telecare medicine information systems.pdf
Restricted to Repository staff only

Download (453kB)

Abstract

Many authentication schemes have been proposed for telecare medicine information systems (TMIS) to ensure the privacy, integrity, and availability of patient records. These schemes are crucial for TMIS systems because otherwise patients’ medical records become susceptible to tampering thus hampering diagnosis or private medical conditions of patients could be disclosed to parties who do not have a right to access such information. Very recently, Hao et al. proposed a chaotic map-based authentication scheme for telecare medicine information systems in a recent issue of Journal of Medical Systems. They claimed that the authentication scheme can withstand various attacks and it is secure to be used in TMIS. In this paper, we show that this authentication scheme is vulnerable to key-compromise impersonation attacks, off-line password guessing attacks upon compromising of a smart card, and parallel session attacks. We also exploit weaknesses in the password change phase of the scheme to mount a denial-of-service attack. Our results show that this scheme cannot be used to provide security in a telecare medicine information system.

Item Type: Article
Subjects: Q Science > QA Mathematics > QA71-90 Instruments and machines > QA75.5-76.95 Electronic computers. Computer science > QA76.75-76.765 Computer software
Divisions: Faculty of Engineering (FOE)
Depositing User: Ms Nurul Iqtiani Ahmad
Date Deposited: 11 Mar 2014 03:59
Last Modified: 11 Mar 2014 03:59
URII: http://shdl.mmu.edu.my/id/eprint/5324

Downloads

Downloads per month over past year

View ItemEdit (login required)