dc.contributor.author | Ali, Zeeshan | |
dc.contributor.author | Hussain, Sajid | |
dc.contributor.author | Rehman, Rana Haseeb Ur | |
dc.contributor.author | Munshi, Asmaa | |
dc.contributor.author | Liaqat, Misbah | |
dc.contributor.author | Kumar, Neeraj | |
dc.contributor.author | Chaudhry, Shehzad Ashraf | |
dc.date.accessioned | 2023-08-17T12:27:59Z | |
dc.date.available | 2023-08-17T12:27:59Z | |
dc.date.issued | 2020 | en_US |
dc.identifier.issn | 2169-3536 | |
dc.identifier.uri | https://hdl.handle.net/11363/5366 | |
dc.description.abstract | A variety of three-factor smart-card based schemes, specifically designed for telecare medicine
information systems (TMIS) are available for remote user authentication. Most of the existing schemes for
TMIS are customarily proposed for the single server-based environments and in a single-server environment.
Therefore, there is a need for patients to distinctly register and login with each server to employ distinct services, so it escalates the overhead of keeping the cards and memorizing the passwords for the users. Whereas,
in a multi-server environment, users only need to register once to resort various services for exploiting the
benefits of a multi-server environment. Recently, Barman et al. proposed an authentication scheme for ehealthcare by employing a fuzzy commitment and asserted that the scheme can endure many known attacks.
Nevertheless, after careful analysis, this paper presents the shortcoming related to its design. Furthermore,
it proves that the scheme of Barman et al. is prone to many attacks including: server impersonation,
session-key leakage, user impersonation, secret temporary parameter leakage attacks as well as its lacks user
anonymity. Moreover, their scheme has the scalability issue. In order to mitigate the aforementioned issues,
this work proposes an amended three-factor symmetric-key based secure authentication and key agreement
scheme for multi-server environments (ITSSAKA-MS). The security of ITSSAKA-MS is proved formally
under automated tool AVISPA along with a security feature discussion. Although, the proposed scheme
requisites additional communication and computation costs. In contrast, the informal and automated formal
security analysis indicate that only proposed scheme withstands several known attacks as compared to recent
benchmark schemes. | en_US |
dc.language.iso | eng | en_US |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141 | en_US |
dc.relation.isversionof | 10.1109/ACCESS.2020.3000716 | en_US |
dc.rights | info:eu-repo/semantics/openAccess | en_US |
dc.rights | Attribution-NonCommercial-NoDerivs 3.0 United States | * |
dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/us/ | * |
dc.subject | Authentication and key-agreement (AKA) | en_US |
dc.subject | AVISPA tool | en_US |
dc.subject | e-healthcare | en_US |
dc.subject | fuzzy commitment scheme | en_US |
dc.subject | multi-server authentication | en_US |
dc.subject | telecare medicine information system (TMIS) | en_US |
dc.title | ITSSAKA-MS: An Improved Three-Factor Symmetric-Key Based Secure AKA Scheme for Multi-Server Environments | en_US |
dc.type | article | en_US |
dc.relation.ispartof | IEEE Access | en_US |
dc.department | Mühendislik ve Mimarlık Fakültesi | en_US |
dc.authorid | https://orcid.org/0000-0001-7567-3101 | en_US |
dc.authorid | https://orcid.org/0000-0003-1540-4940 | en_US |
dc.authorid | https://orcid.org/0000-0002-3020-3947 | en_US |
dc.authorid | https://orcid.org/0000-0002-9321-6956 | en_US |
dc.identifier.volume | 8 | en_US |
dc.identifier.startpage | 107993 | en_US |
dc.identifier.endpage | 108003 | en_US |
dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
dc.contributor.institutionauthor | Chaudhry, Shehzad Ashraf | |