A Secure Effective Dynamic Group Password Based Authenticated Key Agreement Scheme for the Integrated EPR Information System
| المصدر: | مجلة جامعة الملك سعود - علوم الحاسب والمعلومات |
|---|---|
| الناشر: | جامعة الملك سعود |
| المؤلف الرئيسي: | Odelu, Vanga (Author) |
| مؤلفين آخرين: | Goswami, Adrijit (Co-Author), Das, Ashok Kumar (Co-Author) |
| المجلد/العدد: | مج28, ع1 |
| محكمة: | نعم |
| الدولة: |
السعودية |
| التاريخ الميلادي: |
2016
|
| الصفحات: | 68 - 81 |
| DOI: |
10.33948/0584-028-001-006 |
| ISSN: |
1319-1578 |
| رقم MD: | 973797 |
| نوع المحتوى: | بحوث ومقالات |
| اللغة: | الإنجليزية |
| قواعد المعلومات: | science |
| مواضيع: | |
| كلمات المؤلف المفتاحية: |
Cryptanalysis | Integrated EPR Information System | Dynamic Group | Password | Authentication | Security
|
| رابط المحتوى: |
| المستخلص: |
With the rapid growth of the Internet, a lot of electronic patient records (EPRs) have been developed for e-medicine systems. The security and privacy issues of EPRs are important for the patients in order to understand how the hospitals control the use of their personal information, such as name, address, e-mail, medical records, etc. of a particular patient. Recently, Lee et al. proposed a simple group password based authenticated key agreement protocol for the integrated EPR information system (SGPAKE). However, in this paper, we show that Lee et al.’s protocol is vulnerable to the off-line weak password guessing attack and as a result, their scheme does not provide users’ privacy. To withstand this security weakness found in Lee et al.’s scheme, we aim to propose an effective dynamic group password-based authenticated key exchange scheme for the integrated EPR information system, which retains the original merits of Lee et al.’s scheme. Through the informal and formal security analysis, we show that our scheme provides users’ privacy, perfect forward security and known-key security, and also protects online and offline password guessing attacks. Furthermore, our scheme efficiently supports the dynamic group password-based authenticated key agreement for the integrated EPR information system. In addition, we simulate our scheme for the formal security verification using the widely accepted AVISPA. |
|---|---|
| ISSN: |
1319-1578 |
عناصر مشابهة
-
Cryptanalysis and Improvement of A Password-Based User Authentication Scheme for the Integrated EPR Information System
بواسطة: Islam, SK Hafizul منشور: (2015) -
An Improved Secure Anonymity - Preserving Remote User Authentication and Session Key Agreement Scheme Based on ECC
بواسطة: خميس، ايمان محمد بلعاس منشور: (2018) -
An Enhanced Dynamic ID Based Authentication Scheme For Telecare Medical Information Systems
بواسطة: Chaturvedi, Ankita منشور: (2017) -
A Pairing Free Identity Based Two Party Authenticated Key Agreement Protocol For Secure And Efficient Communication
بواسطة: Islam, SK Hafizul منشور: (2017) -
A Lightweight Authenticated Key Agreement Protocol Based on Hyperelliptic Curve with Security Verification for Securing the Internet of Things
بواسطة: السمهوري، محمد مصطفى أحمد منشور: (2021)
