Owing to the fast advancements of wireless communication, the telehealthcare platform makes it possible for patients to access healthcare services online. However, creating a secure and efficient authentication scheme for healthcare systems still presents a challenge. Several solutions have been introduced, but the majority are shortly found to be unable to meet some essential security standards. In this paper, we first revisit Dharminder et al.'s scheme, and prove its failure to provide mutual authentication, and pacient’s untraceability, and its vulnerability to impersonation attacks. Furthermore, we suggest an improved RSA-based authentication scheme to mitigate the deficiencies observed in Dharminder et al.'s schema. The proposed scheme can provide mutual authentication, patients’ anonymity and untraceability, and resist various types of attacks. Extensive evaluation on AVISPA proves the safeness of the proposed scheme against both passive and active attacks. Additionally, the proposed scheme is computationally and communicationally more efficient in comparison to existing schemes.
Key words: Healthcare system, authentication, anonymity, untraceability, privacy
|
