An Effective and Secure User Authentication and Key Agreement Scheme in m-Healthcare Systems

In mobile healthcare system, the medical user's physiological signals are gathered by the body sensor networks and transferred to the mobile devices via Bluetooth, Zigbee and so on. This in turn is transmitted to remote healthcare center via 3G or 4G networks. With this information provided by the medical user, the medical professionals assist them and save users lives. This information are very sensitive and the networks are always vulnerable to security attacks, such as unauthorized user may gain access to systems information, corrupt the data, and degrade the networks performance are few examples. However the development of the existing m-healthcare systems are mainly focused on the implementation of system functions and the security issues were often neglected. Another critical issue is efficiency, cost effectiveness, and energy consumption in m-healthcare system. Consequently, we would like to introduce a secure and effective user authentication and key agreement scheme in m-Healthcare system to reduce the computation and communication cost. The main steps of secure authentication and key agreement in m-healthcare system are: registration, login, secure authentication and key update. Through the performance evaluation, our scheme is robust and more suitable for m-healthcare service applications and its computation and communication efficient.

[1]  Ricardo Dahab,et al.  NanoECC: Testing the Limits of Elliptic Curve Cryptography in Sensor Networks , 2008, EWSN.

[2]  Hung-Yu Chien,et al.  A remote authentication scheme preserving user anonymity , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[3]  Chao Wang,et al.  A Lightweight RFID Authentication Protocol based on Elliptic Curve Cryptography , 2013, J. Comput..

[4]  Ashutosh Saxena,et al.  A dynamic ID-based remote user authentication scheme , 2004, IEEE Transactions on Consumer Electronics.

[5]  Zhian Zhu,et al.  An Efficient Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[6]  Liping Zhang,et al.  Robust ECC-based Authenticated Key Agreement Scheme with Privacy Protection for Telecare Medicine Information Systems , 2015, Journal of Medical Systems.

[7]  Christof Paar,et al.  Enabling Full-Size Public-Key Algorithms on 8-Bit Sensor Nodes , 2007, ESAS.

[8]  Zhang Rui,et al.  A More Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of medical systems.

[9]  Alfred Menezes,et al.  The State of Elliptic Curve Cryptography , 2000, Des. Codes Cryptogr..

[10]  Yu-Fang Chung,et al.  A Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[11]  Zhong Chen,et al.  Provably secure and efficient certificateless authenticated tripartite key agreement protocol , 2012, Math. Comput. Model..

[12]  Muhammad Khurram Khan,et al.  Cryptanalysis and Improvement of Authentication and Key Agreement Protocols for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[13]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[14]  Xiaodong Lin,et al.  SPOC: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency , 2013, IEEE Transactions on Parallel and Distributed Systems.

[15]  Vivek Kapoor,et al.  Elliptic curve cryptography , 2008, UBIQ.

[16]  Wenfen Liu,et al.  An Improved Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[17]  Xin Xu,et al.  A Secure and Efficient Authentication and Key Agreement Scheme Based on ECC for Telecare Medicine Information Systems , 2013, Journal of Medical Systems.

[18]  Weiping Wang,et al.  New Public-Key Cryptosystem Based on Two-Dimension DLP , 2012, J. Comput..

[19]  Josep Domingo-Ferrer,et al.  Simulatable certificateless two-party authenticated key agreement protocol , 2010, Inf. Sci..

[20]  Wei-Chi Ku,et al.  Impersonation Attack on a Dynamic ID-Based Remote User Authentication Scheme Using Smart Cards , 2005, IEICE Trans. Commun..