These tools will no longer be maintained as of December 31, 2024. Archived website can be found here. PubMed4Hh GitHub repository can be found here. Contact NLM Customer Service if you have questions.


Pubmed for Handhelds

PUBMED FOR HANDHELDS

Search MEDLINE/PubMed

  • Title: An Improved RSA Based User Authentication and Session Key Agreement Protocol Usable in TMIS.
    Author: Amin R, Biswas GP.
    Journal: J Med Syst; 2015 Aug; 39(8):79. PubMed ID: 26123833.
    Abstract:
    Recently, Giri et al.'s proposed a RSA cryptosystem based remote user authentication scheme for telecare medical information system and claimed that the protocol is secure against all the relevant security attacks. However, we have scrutinized the Giri et al.'s protocol and pointed out that the protocol is not secure against off-line password guessing attack, privileged insider attack and also suffers from anonymity problem. Moreover, the extension of password guessing attack leads to more security weaknesses. Therefore, this protocol needs improvement in terms of security before implementing in real-life application. To fix the mentioned security pitfalls, this paper proposes an improved scheme over Giri et al.'s scheme, which preserves user anonymity property. We have then simulated the proposed protocol using widely-accepted AVISPA tool which ensures that the protocol is SAFE under OFMC and CL-AtSe models, that means the same protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The informal cryptanalysis has been also presented, which confirmed that the proposed protocol provides well security protection on the relevant security attacks. The performance analysis section compares the proposed protocol with other existing protocols in terms of security and it has been observed that the protocol provides more security and achieves additional functionalities such as user anonymity and session key verification.
    [Abstract] [Full Text] [Related] [New Search]