A Secure Biometrics Based Authentication with Key Agreement Scheme in Telemedicine Networks for E-Health Services

Lately, many of developed countries that have healthcares services use telecare medicine information systems (TMIS). In TMIS, a patient can obtain sorts of healthcare delivery services. Furthermore, physicians and also caregivers can check vital signs of patients remotely. Patient's privacy is protected by employing a proper authentication and encryption mechanism. Recently, many user authentication schemes have been proposed that are applicable to TMIS. However, security of most proposed schemes is vulnerable. Recently, Yan et al. proposed an efficient biometrics-based authentication scheme for TMIS. In this paper, by an explanation of some active attacks, it is shown that Yan et al.'s scheme has still some security flaws. Later, an improved biometrics-based authentication and key agreement scheme is proposed. The Security of the proposed authentication and key agreement scheme is proved in the random oracle model. Furthermore, we use the BAN logic to prove the correctness of the proposed scheme. In addition, we simulate our scheme for the formal security analysis using the Automated Validation of Internet Security Protocols and Applications tool. It is shown that due to better security and also efficiency in computational time, the proposed scheme is more suitable for employment in TMIS.