An anonymous and provably secure biometric-based authentication scheme using chaotic maps for accessing medical drop box data

Telecare medicine information systems (TMISs) provides a platform to the participating medical entities to share medical data over an insecure public channel. Medical drop box (MDB) is used for the said purpose, where electronic health record (EHR) is maintained for national health information excha...

Full description

Saved in:
Bibliographic Details
Published in:The Journal of supercomputing 2018-08, Vol.74 (8), p.3685-3703
Main Authors: Khan, Imran, Chaudhry, Shehzad Ashraf, Sher, Muhammad, Khan, Javed I., Khan, Muhammad Khurram
Format: Article
Language:English
Subjects:
Access control
Authentication
Biometrics
Compilers
Computer Science
Computing time
Cybersecurity
Data exchange
Electronic health records
Interpreters
Privacy
Processor Architectures
Programming Languages
Telecare
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Telecare medicine information systems (TMISs) provides a platform to the participating medical entities to share medical data over an insecure public channel. Medical drop box (MDB) is used for the said purpose, where electronic health record (EHR) is maintained for national health information exchange (NHIX). EHR is a crucial part of MDB. Therefore, the main challenge in NHIX is to restrict MDB access to only the authenticated entities. Very Recently, Moon et al. introduced a biometrics-based authentication scheme using chaotic maps for TMISs. The authors claimed that their scheme is efficient and robust in terms of its usage and implementation. However, this paper unveils that due to storage of verifier table on server, their scheme is having scalability and efficiency issues. Furthermore, the use of the same parameters IM 1 and IM 2 during different login requests makes the scheme traceable. Therefore, an improved scheme using chaotic maps has been proposed in this paper, which provides user anonymity and untraceability along with computational efficiency. The security of the proposed scheme is evaluated in detail through the random oracle model. The analysis reveals that the proposed scheme is robust and secure against the known attacks. Moreover, analysis is further verified through popular automated tool ProVerif.
ISSN:0920-8542
1573-0484
DOI:10.1007/s11227-016-1886-5