Authors: SK Hafizul Islam Muhammad Khurram Khan
Publish Date: 2014/09/05
Volume: 38, Issue: 10, Pages: 135-
Abstract
Recently many authentication protocols have been presented using smartcard for the telecare medicine information system TMIS In 2014 Xu et al put forward a twofactor mutual authentication with key agreement protocol using elliptic curve cryptography ECC However the authors have proved that the protocol is not appropriate for practical use as it has many problems 1 it fails to achieve strong authentication in login and authentication phases 2 it fails to update the password correctly in the password change phase 3 it fails to provide the revocation of lost/stolen smartcard and 4 it fails to protect the strong replay attack We then devised an anonymous and provably secure twofactor authentication protocol based on ECC Our protocol is analyzed with the random oracle model and demonstrated to be formally secured against the hardness assumption of computational DiffieHellman problem The performance evaluation demonstrated that our protocol outperforms from the perspective of security functionality and computation costs over other existing designsThe authors would like to acknowledge the many helpful suggestions of the anonymous reviewers and the Editor which have improved the content and the presentation of this paper This work was partly supported by the National Natural Science Foundation of China under Grants no 61300220 and 61371098
Keywords: