Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems

Qi Xie; Bin Hu; Na Dong; Duncan S. Wong

doi:10.1371/journal.pone.0102747

Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems

Qi Xie
, Bin Hu
, Na Dong
, Duncan S. Wong

Department of Computer Science

Research output: Journal Publications and Reviews › RGC 21 - Publication in refereed journal › peer-review

31 Citations (Scopus)

38 Downloads (CityUHK Scholars)

Abstract

Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS.

Original language	English
Article number	e102747
Journal	PLOS ONE
Volume	9
Issue number	7
Online published	21 Jul 2014
DOIs	https://doi.org/10.1371/journal.pone.0102747
Publication status	Published - Jul 2014

Publisher's Copyright Statement

This full text is made available under CC-BY 4.0. https://creativecommons.org/licenses/by/4.0/

Access Output

10.1371/journal.pone.0102747

5417003.pdfFinal Published version, 865 KBLicence: CC BY

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@article{06beb547d81e45dab0df2768120ced1f,

title = "Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems",

abstract = "Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS.",

author = "Qi Xie and Bin Hu and Na Dong and Wong, \{Duncan S.\}",

year = "2014",

month = jul,

doi = "10.1371/journal.pone.0102747",

language = "English",

volume = "9",

journal = "PLOS ONE",

issn = "1932-6203",

publisher = "Public Library of Science (PLoS)",

number = "7",

}

TY - JOUR

T1 - Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems

AU - Xie, Qi

AU - Hu, Bin

AU - Dong, Na

AU - Wong, Duncan S.

PY - 2014/7

Y1 - 2014/7

N2 - Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS.

AB - Telecare Medical Information Systems (TMIS) provide an effective way to enhance the medical process between doctors, nurses and patients. For enhancing the security and privacy of TMIS, it is important while challenging to enhance the TMIS so that a patient and a doctor can perform mutual authentication and session key establishment using a third-party medical server while the privacy of the patient can be ensured. In this paper, we propose an anonymous three-party password-authenticated key exchange (3PAKE) protocol for TMIS. The protocol is based on the efficient elliptic curve cryptosystem. For security, we apply the pi calculus based formal verification tool ProVerif to show that our 3PAKE protocol for TMIS can provide anonymity for patient and doctor while at the same time achieves mutual authentication and session key security. The proposed scheme is secure and efficient, and can be used in TMIS.

UR - https://www.scopus.com/pages/publications/84904544082

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-84904544082&origin=recordpage

U2 - 10.1371/journal.pone.0102747

DO - 10.1371/journal.pone.0102747

M3 - RGC 21 - Publication in refereed journal

C2 - 25047235

SN - 1932-6203

VL - 9

JO - PLOS ONE

JF - PLOS ONE

IS - 7

M1 - e102747

ER -

Anonymous Three-Party Password-Authenticated Key Exchange Scheme for Telecare Medical Information Systems

Abstract

Publisher's Copyright Statement

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this