检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:Salman Shamshad Muhammad Faizan Ayub Khalid Mahmood Saru Kumari Shehzad Ashraf Chaudhry Chien-Ming Chen
机构地区:[1]Department of Computer Science,COMSATS University Islamabad,Sahiwal Campus,57000,Pakistan [2]Department of Mathematics,Ch.Charan Singh University,Meerut,Uttar Pradesh,250004,India [3]Department of Computer Engineering,Faculty of Engineering and Architecture,Istanbul Gelisim University,Istanbul,Turkey [4]College of Computer Science and Engineering,Shandong University of Science and Technology,Qingdao,266590,China [5]Riphah School of Computing&Innovation(RSCI),Riphah International University,Lahore Campus,Lahore 55150,Pakistan [6]Department of Mathematics,University of Padua,35131 Padua,Italy
出 处:《Digital Communications and Networks》2022年第2期150-161,共12页数字通信与网络(英文版)
摘 要:With the advent of state-of-art technologies,the Telecare Medicine Information System(TMIS)now offers fast and convenient healthcare services to patients at their doorsteps.However,this architecture engenders new risks and challenges to patients'and the server's confidentiality,integrity and security.In order to avoid any resource abuse and malicious attack,employing an authentication scheme is widely considered as the most effective approach for the TMIS to verify the legitimacy of patients and the server.Therefore,several authentication protocols have been proposed to this end.Very recently,Chaudhry et al.identified that there are vulnerabilities of impersonation attacks in Islam et al.'s scheme.Therefore,they introduced an improved protocol to mitigate those security flaws.Later,Qiu et al.proved that these schemes are vulnerable to the man-in-the-middle,impersonation and offline password guessing attacks.Thus,they introduced an improved scheme based on the fuzzy verifier techniques,which overcome all the security flaws of Chaudhry et al.'s scheme.However,there are still some security flaws in Qiu et al.'s protocol.In this article,we prove that Qiu et al.'s protocol has an incorrect notion of perfect user anonymity and is vulnerable to user impersonation attacks.Therefore,we introduce an improved protocol for authentication,which reduces all the security flaws of Qiu et al.'s protocol.We also make a comparison of our protocol with related protocols,which shows that our introduced protocol is more secure and efficient than previous protocols.
关 键 词:Authentication protocol Security protocol Anonymous protocol Impersonation attack TMIS
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.145.152.98
