Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Filters

2018 - 20203

Settings

Author: search.filters.author.Nayak, C.S.

Search Results

Now showing 1 - 3 of 3
  • No Thumbnail Available
    Item
    An improved user authentication scheme for telecare medical information systems
    (Institute of Electrical and Electronics Engineers Inc., 2018) Madhusudhan, R.; Nayak, C.S.
    Medical field is one of the many important fields that keeps growing day by day. Since health care is essential for every human being, development of medical systems play a vital role in the overall development of society. With the help of the Internet, medical services are provided through TMIS (Telecare Medicine Information System). During the process, information related to patient is transmitted over open channels and ensuring safety to this information is an essential task. For this, a number of remote user authentication schemes have been proposed and evolved over the time. Chen et al. proposed an authentication scheme for TMIS in 2018. Through analysis of their scheme, it has been shown that their scheme cannot withstand user impersonation attack, server masquerading attack, password guessing attack and cannot preserve user anonymity. These weaknesses have been presented in this paper. In addition to this, an improved scheme has been proposed which overcomes the aforementioned security defects. Also, this paper discusses the security analysis of the proposed scheme, which proves that it is more secure and can be practically implemented. © 2018 ACM.
  • No Thumbnail Available
    Item
    A robust authentication scheme for telecare medical information systems
    (Springer New York LLC barbara.b.bertram@gsk.com, 2019) Madhusudhan, R.; Nayak, C.S.
    With the speedy progress in technology, the Internet has become a non-separable part of human life. It is obvious to use the Internet in all fields and medical field is no exception. The concept of establishing telecare medicine information systems(TMIS) for patients is gaining more popularity recently. To ensure the privacy of patients and to allow authorized access to remote medical servers, many authentication schemes have been proposed. Li et al., in 2016, proposed a secure dynamic identity and chaotic maps based user authentication and key agreement scheme. They claimed that the scheme is resistant to most of the known attacks. However, from thorough cryptanalysis, we have proved that their scheme is vulnerable to user impersonation attack, password guessing attack and server impersonation attack. We have also illustrated that their scheme does not provide user anonymity, convenient smart card revocation and security to session key. To overcome the aforementioned security weaknesses, we have proposed an enhanced authentication scheme using chaotic maps, which has been discussed in this paper along with its cryptanalysis. Cryptanalysis of the proposed scheme proves that the scheme is more robust and suitable for implementation. © 2018, Springer Science+Business Media, LLC, part of Springer Nature.
  • No Thumbnail Available
    Item
    An improved user authentication scheme for electronic medical record systems
    (Springer, 2020) Madhusudhan, R.; Nayak, C.S.
    Electronic Medical Record (EMR) systems is a part of e-healthcare system, which is developing rapidly. In this, it is possible to deliver medical services among multiple participants over a network without physical presence. Since sensitive data is transmitted over public channels, it is very much required to maintain the secrecy of that data. This is achieved by mutual authentication between the participants. For this, various schemes for authentication with smart cards have been proposed. Han et al. proposed one such biometrics-based scheme for the same purpose using hash functions along with symmetric key encryption and elliptic curve cryptography. From cryptanalysis of their scheme, we have pointed out weaknesses viz. no user anonymity, user and server impersonation, man-in-the-middle attack. These security issues have been presented in this article. To overcome these attacks, a scheme has been proposed in this article. Since it does not use symmetric key encryption, the proposed scheme reduces the computational complexity as can be seen in the comparison provided. The security analysis of the proposed scheme, along with BAN (Burrows-Abadi-Needham) logic has been explained in detail. Comparison of the proposed scheme with related schemes with respect to computation cost, execution time and performance is demonstrated. This proves that the proposed scheme performs well in terms of security as well as computational efficiency. © 2020, Springer Science+Business Media, LLC, part of Springer Nature.