A Secure Smart-Card Based Authentication and Key Agreement Scheme for Telecare Medicine Information Systems

Authors: Tian-Fu Lee·Chuan-Ming LiuSpeaker: 陳彥賓

2 Outline

1. Introduction 2. Review Of Zhu’s Scheme 3. Weakness Of Zhu’s Scheme 4. Improved Scheme 5. Security Analysis 6. Conclusion

3 1. Introduction

A smart-card based authentication scheme for telecare medicine information systems enables patients,doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks.

4 2. Review Of Zhu’s Scheme (1/5)

Ui

The user

S The remote telecare server,at which Ui is registered

IDi

The identity of the user Ui

pwi

The password of the user Ui

n,p,q p and q are two large primes and (e,d) The system public/private key pair, where e is a prime number

and d is an integer such that mod (p − 1)(q − 1).the ring of integers modulo q.the multiplicative group of

h(·) A one-way hash function and h : 0,1*→A →B : M

A sends message M to B through a common channel.

M1∥M

2Message concatenation operation

g a generator of

5 2. Review Of Zhu’s Scheme (2/5)

Initial

1.Generates two large primes p 、 q

n=p×q

　　　　　　　　 2.choose the system public /private

key pair (e,d).

User Ui Server S

6 2. Review Of Zhu’s Scheme (3/5)

Registration

User Ui Server S1.Generates 、

Secure Channel

Secure Channel

、 2.Store () into smart card

smart card3. inserts to smart card

7 2. Review Of Zhu’s Scheme (4/5)

Authentication

User UiServer S

𝑀 1❑={ 𝐼𝐷𝑖 ,𝑋 𝑖 } 2.Check

Compute Check Generate Compute

1.Insert his smart cardInput Generate Compute

𝑀 2={h2 ,𝑤𝑠}Check Compute

𝑀 3={h3}Check If true,accept the service request.

8 2. Review Of Zhu’s Scheme (5/5)

Password change

Insert his smart cardInput old password new password Smart card Compute

Smart card replaces with

9 3. Weakness Of Zhu’s Scheme (1/2)

The faults of the authentication

User UiServer S

Ui uses computeRegistrationS uses compute Authentication

Password change

Ui uses and )

10 3. Weakness Of Zhu’s Scheme (2/2)

The parallel attacks

User UiServer S

𝑀 1❑={ 𝐼𝐷 𝑖 ,𝑋 𝑖 }

2.Check Compute Check Generate Compute

1.Insert his smart cardInput Generate Compute

𝑀 2={h2 ,𝑤𝑠}

3.Check Compute

𝑀 3∗={h3 } 4.Check

Accept the service request

𝑀 1∗={ 𝐼𝐷𝑖 , 𝑋 𝑖 }

𝑀 2∗={h2 ,𝑤𝑠

∗}

Attacker𝑀 1

❑={𝐼𝐷 𝑖 ,𝑋 𝑖 }

𝑀 2∗={h2 ,𝑤𝑠

∗}

𝑀 3∗={h3 }

11 4. Improved Scheme (1/4)

Initial

1.Generates two large primes p 、 q

n=p×q

　　　　　　　　 2.choose the system public /private

key pair (e,d).

User UiServer S

12 4. Improved Scheme (2/4)

Registration

User UiServer S

Secure Channel

Secure Channel、 2.

Store () into smart card

smart card

3. inserts and SNi=0 to smart card

1.Generates 、

13 4. Improved Scheme (3/4)

AuthenticationUser Ui

Server S

𝑀 1❑={𝑋 𝑖 } 2.

Check and

Generate

Updates as

1.Insert his smart cardInput Generate ++

𝑀 2={h2 ,𝑤𝑠⊕𝑤 𝑖′ }

Compute Check 𝑀 3={h3}

If true,accept the service request.

14 4. Improved Scheme (4/4)

Password change

Insert his smart cardInput old password new password Smart card Compute

Smart card replaces with

15 5. Security Analysis (1/3)

The parallel session attacks

Uses SNi authentication server and users can easily detect the replaying and manipulating used messages by attackers.

16 5. Security Analysis (2/3)

Providing users’ anonymity

User UiServer S

1.Insert his smart cardInput Generate ++

𝑀 1❑={𝑋 𝑖 }

17 5. Security Analysis (3/3)

Session key security

A public key pair (e, n), d cannot be calculated since no polynomial algorithm has been identified for solving RSA.

Thus, obtaining from is difficult.

18 6. Conclusion

This paper has a lower computational cost and provides more security properties and using a serial number improve replay attack.