Authors: Fengtong Wen
Publish Date: 2013/10/23
Volume: 37, Issue: 6, Pages: 9980-
Abstract
User authentication plays an important role to protect resources or services from being accessed by unauthorized users In a recent paper Das et al proposed a secure and efficient uniquenessandanonymitypreserving remote user authentication scheme for connected health care This scheme uses three factors eg biometrics password and smart card to protect the security It protects user privacy and is believed to have many abilities to resist a range of network attacks even if the secret information stored in the smart card is compromised In this paper we analyze the security of Das et al’s scheme and show that the scheme is in fact insecure against the replay attack user impersonation attacks and offline guessing attacks Then we also propose a robust uniquenessandanonymitypreserving remote user authentication scheme for connected health care Compared with the existing schemes our protocol uses a different user authentication mechanism to resist replay attack We show that our proposed scheme can provide stronger security than previous protocols Furthermore we demonstrate the validity of the proposed scheme through the BAN Burrows Abadi and Needham logic
Keywords: