|
|
|
|
Cryptanalysis and improvement of a passwordbased user authentication scheme for the integrated EPR information system
|
|
|
|
|
|
|
|
نویسنده
|
Islam SK Hafizul ,Biswas G.P.
|
|
منبع
|
journal of king saud university - computer and information sciences - 2015 - دوره : 27 - شماره : 2 - صفحه:211 -221
|
|
چکیده
|
Recently, wu et al. proposed a password-based remote user authentication scheme for the integrated electronic patient record (epr) information system to achieve mutual authentication and session key agreement over the internet. they claimed that the scheme resists various attacks and offers lower computation cost, data integrity, confidentiality and authenticity. however, we observed that the scheme cannot withstand lost smartcard/off-line password guessing, privileged-insider and known session-specific temporary information attacks, and lacks the requirements of lost smartcard revocation and users’ anonymity. besides, the password change phase is inconvenient to use because a user cannot change his password independently. thus, we proposed a new password-based user authentication scheme for the integrated epr information system that would be able to resist detected security flaws of wu et al.’s scheme
|
|
کلیدواژه
|
EPR information system;Two-factor user authentication;Password;Healthcare;Smartcard;Anonymity
|
|
آدرس
|
Birla Institute of Technology and Science, Pilani Campus, Department of Computer Science and Information Systems, India. Indian School of Mines, Department of Computer Science and Engineering, India, Indian School of Mines, Department of Computer Science and Engineering, India
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|