Secure ECC-Based Three-Factor Mutual Authentication Protocol for Telecare Medical Information System

In the recent COVID-19 situation, Telecare Medical Information System (TMIS) is attracting attention. TMIS is one of the technologies used in Wireless Body Area Network (WBAN) and can provide patients with a variety of remote healthcare services. In TMIS environments, sensitive data of patients are...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access Vol. 10; pp. 11511 - 11526
Main Authors: Ryu, Jongseok, Oh, Jihyeon, Kwon, Deokkyu, Son, Seunghwan, Lee, Joonyoung, Park, Yohan, Park, Youngho
Format: Journal Article
Language:English
Published: Piscataway IEEE 2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Authentication
Authentication protocols
AVISPA
BAN logic
biohashing
Biometrics
Body area networks
Cryptography
Curves
Elliptic curve cryptography
Elliptic curves
Health services
Information systems
Open channels
Passwords
Protocols
ROR
Security
Security management
Servers
Telecare
Telecare medical information system
ISSN:2169-3536, 2169-3536
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In the recent COVID-19 situation, Telecare Medical Information System (TMIS) is attracting attention. TMIS is one of the technologies used in Wireless Body Area Network (WBAN) and can provide patients with a variety of remote healthcare services. In TMIS environments, sensitive data of patients are communicated via an open channel. An adversary may attempt various security attacks including impersonation, replay, and forgery attacks. Therefore, numberous authentication schemes have been suggested to provide secure communication for TMIS. Sahoo et al. proposed a mutual authentication scheme based on biometrics and Elliptic Curve Cryptography (ECC) in 2020. However, we find out that Sahoo et al. 's scheme cannot resist insider and privileged insider attacks and cannot guarantee patient anonymity. In this paper, we propose a secure ECC-based three-factor mutual authentication protocol that guarantees the privacy of patients for TMIS. We conduct informal security analysis to prove that our protocol is secure from various security attacks. In addition, we perform formal security analyses using the Automated Validation of Internet Security Protocols and Applications (AVISPA), Burrows-Abadi-Needham (BAN) logic, and the Real-Or-Random (ROR) model. Furthermore, we assess our protocol's performance and compare it to other protocols. As a result, our protocol has lower communication costs, and better security features compared to related existing protocols. Therefore, our protocol is more appropriate for TMIS environments than other related protocols.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2022.3145959