| TMIS provides flexible and convenient e-health care.The medical records that are exposed to unsecured public networks are more vulnerable to various types of security threats and attacks.Therefore,it urgently needs some secure and efficient authenticated key agreement schemes to protect the sensitive medical data in the TMIS.The patients can become legitimate users only through registration,and in order to prevent a malicious attacker tracking,TMIS needs provide anonymous service to hide the identities of the patients.Thus,the traditional identity authentication and privacy protection mechanism are not completely suitable for TMIS.In this paper,aiming at the particularity and the user's own privacy threats of TMIS,the paper has done the following work:(1)To solve the problem of a universal ID between patients and severs in TMIS,with using chaotic maps,this paper proposed an improved three-factor authenticated key agreement scheme by enhancing security of the correlation parameters stored in the smart cards and using chaotic map computational Diffie-Hellman problem,so that the patients and servers can be reached long-term trust relations,to achieve the protection of medical data transmitted in the open channel and provides privacy protection during the remote diagnosing process.Security analysis demonstrates that new scheme not only could withstand various attacks,such as replay attacks,impersonation attacks and privileged-insider attacks but also achieves various security properties,such as user anonymity,mutual authentication and so on.(2)For the particularity of TMIS,this paper proposed an improved multi-server authentication scheme with anonymity by using semi-group property of chaotic maps and computing users' dynamic identities,so that the patients can communicate with the servers without revealing any sensitive and private information.Security analysis demonstrates that new scheme whose performances were improved by over 30% not only achieves strong anonymity but also suits for the TMIS. |
PDF Full Text Request