A Secure Authentication Protocol for Multi-server-based e-Healthcare using a Fuzzy Commitment Scheme

Barman, Subhas, Shum, Hubert P. H., Chattopadhyay, Samiran and Samanta, Debasis (2019) A Secure Authentication Protocol for Multi-server-based e-Healthcare using a Fuzzy Commitment Scheme. IEEE Access, 7. pp. 12557-12574. ISSN 2169-3536

[img]
Preview
Text
FINAL Article.pdf - Accepted Version

Download (1MB) | Preview
[img]
Preview
Text
08620682.pdf - Published Version
Available under License Creative Commons Attribution.

Download (8MB) | Preview
Official URL: https://doi.org/10.1109/access.2019.2893185

Abstract

Smart card-based remote authentication schemes are widely used in multi-medical-serverbased telecare medicine information systems (TMIS). Biometric is one of the most trustworthy authenticators, and is presently being advocated to use in the remote authentication of TMIS. However, most of the existing TMISs consider a single-server-environment-based authentication system. Therefore, patients need to register and log into every server separately for different services. Furthermore, these schemes do not employ error correction technique to remove the errors from biometric data. Also, biometrics are inherent and demand diversification to generate a revocable template from inherent biometric data. In this paper, we propose a mutual authentication and key agreement scheme for a multi-medical server environment to overcome the limitations of the existing schemes. In the proposed scheme, a cancelable transformation of the raw biometric data is used to provide the privacy and the diversification of biometric data. The errors of the biometric data are corrected with error-correction techniques under the fuzzy commitment mechanism. Formal security analysis using the widely accepted Real-Or-Random (ROR) model, the Burrows-Abadi-Needham (BAN) logic and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool concludes that the proposed scheme is safe against known attacks. We also compare the computation and communication costs of our scheme to evaluate the performance with the others.

Item Type: Article
Uncontrolled Keywords: Telecare medicine information system (TMIS), fuzzy commitment scheme, BAN logic, real-or-random (ROR), AVISPA tool.
Subjects: G400 Computer Science
Department: Faculties > Engineering and Environment > Computer and Information Sciences
Depositing User: Becky Skoyles
Date Deposited: 14 Jan 2019 08:51
Last Modified: 12 Oct 2019 11:34
URI: http://nrl.northumbria.ac.uk/id/eprint/37553

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics


Policies: NRL Policies | NRL University Deposit Policy | NRL Deposit Licence